Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e392e302f32342d3234203d3e203339333638.roa
File: 3139332e33392e392e302f32342d3234203d3e203339333638.roa (raw, json)
Hash identifier: viC54tHm6VnHFs6mSelm72bC8oz1BjPgAFT7ec4lGSE=
Subject key identifier: E3:8B:90:F6:13:7B:94:38:6D:13:FC:8B:91:0B:FB:A1:1E:F9:E1:9B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1BD256A404C646CB8E5ED9E6C570A3ABA18DC758
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e392e302f32342d3234203d3e203339333638.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 39368
IP address blocks: 193.39.9.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:d2:56:a4:04:c6:46:cb:8e:5e:d9:e6:c5:70:a3:ab:a1:8d:c7:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=E38B90F6137B94386D13FC8B910BFBA11EF9E19B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:64:77:3e:70:cd:11:39:82:b2:29:26:82:
e5:1d:8f:98:ee:de:c0:c7:54:b2:64:93:2f:62:fd:
f8:57:d6:02:ea:5a:06:f9:12:f3:e8:dd:b4:25:e0:
b7:e5:dd:89:f0:e7:db:11:b5:fd:70:cf:1f:fd:0b:
ac:82:90:d2:90:59:3a:bc:45:89:a4:f1:83:28:be:
88:6d:39:58:f1:82:ad:e4:8c:a6:09:a3:a9:15:4c:
55:72:d5:f5:27:d5:c2:a9:21:49:68:a9:aa:4c:56:
f9:b7:cd:0a:d8:39:bb:a9:52:5d:5c:b3:f7:43:b8:
12:6f:f8:75:a9:90:6e:41:d2:a8:3c:4a:fc:5e:07:
d6:c7:e0:66:7b:ce:ee:8c:35:ac:c4:1c:a0:ca:1f:
b9:73:a8:1f:32:73:6a:d9:19:67:4b:ed:21:36:20:
b1:ae:ef:7a:53:07:f4:ae:ff:e7:ef:94:9c:2a:b0:
44:32:d3:00:a5:e0:82:23:ff:32:3b:6d:4d:87:ab:
78:18:7b:4f:5a:50:ca:ef:84:60:70:8a:b0:8c:94:
a3:0c:6e:0c:7b:20:e3:b4:30:73:07:03:36:0e:6c:
53:ad:24:b8:7f:59:ef:78:b3:d4:f6:32:15:e1:4a:
74:ad:c0:fd:0d:5c:76:18:75:10:03:bf:e3:c1:af:
15:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8B:90:F6:13:7B:94:38:6D:13:FC:8B:91:0B:FB:A1:1E:F9:E1:9B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e33392e392e302f32342d3234203d3e203339333638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.9.0/24
Signature Algorithm: sha256WithRSAEncryption
00:01:62:d5:1b:59:89:65:84:06:ce:1e:dd:35:0d:0c:1f:fe:
13:49:21:6a:6f:27:5f:32:5e:4a:80:2b:5e:d2:8d:e0:ab:00:
cb:8e:7e:e1:f2:ed:d5:24:19:d9:69:58:37:49:29:be:f8:69:
be:b1:ab:32:af:bb:fe:ce:a9:4e:ca:a8:fe:9e:28:d8:8d:b6:
0c:58:31:fa:ad:fc:e9:6b:a0:d8:67:40:4d:91:3c:ec:7f:bf:
39:8f:16:58:14:b7:0b:bf:74:e2:48:34:d2:ce:3b:21:be:be:
31:7c:5e:db:ea:e8:51:bc:7f:72:60:59:b8:31:85:80:08:da:
23:38:82:e4:74:2e:c9:58:24:85:3f:53:cd:c6:0c:96:17:cd:
11:6f:f3:5f:46:27:5e:6a:bd:4a:6e:cf:c1:32:8e:c0:e8:19:
55:f7:15:6f:4a:94:e5:a4:02:c3:ab:87:73:e6:74:44:b2:6b:
78:76:2b:c2:34:ca:6c:9d:7f:51:4e:12:71:fc:8f:c1:97:21:
64:2a:86:d8:3b:73:42:df:61:b6:6c:ec:60:45:55:6c:dd:ac:
11:95:17:c5:ea:e5:00:56:39:2d:3a:54:17:25:96:a5:16:f5:
ca:b2:91:e6:c8:2c:0a:e2:0c:73:46:43:50:54:8e:78:99:3f:
38:e4:d1:53
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUG9JWpATGRsuOXtnmxXCjq6GNx1gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKEUzOEI5MEY2MTM3Qjk0Mzg2RDEzRkM4QjkxMEJGQkExMUVGOUUxOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJpWR3PnDNETmCsikmguUdj5ju
3sDHVLJkky9i/fhX1gLqWgb5EvPo3bQl4Lfl3Ynw59sRtf1wzx/9C6yCkNKQWTq8
RYmk8YMovohtOVjxgq3kjKYJo6kVTFVy1fUn1cKpIUloqapMVvm3zQrYObupUl1c
s/dDuBJv+HWpkG5B0qg8SvxeB9bH4GZ7zu6MNazEHKDKH7lzqB8yc2rZGWdL7SE2
ILGu73pTB/Su/+fvlJwqsEQy0wCl4IIj/zI7bU2Hq3gYe09aUMrvhGBwirCMlKMM
bgx7IOO0MHMHAzYObFOtJLh/We94s9T2MhXhSnStwP0NXHYYdRADv+PBrxXrAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU44uQ9hN7lDhtE/yLkQv7oR754ZswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzMzM5MmUzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzMzM2Mzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADBJwkw
DQYJKoZIhvcNAQELBQADggEBAAABYtUbWYllhAbOHt01DQwf/hNJIWpvJ18yXkqA
K17SjeCrAMuOfuHy7dUkGdlpWDdJKb74ab6xqzKvu/7OqU7KqP6eKNiNtgxYMfqt
/OlroNhnQE2RPOx/vzmPFlgUtwu/dOJINNLOOyG+vjF8Xtvq6FG8f3JgWbgxhYAI
2iM4guR0LslYJIU/U83GDJYXzRFv819GJ15qvUpuz8EyjsDoGVX3FW9KlOWkAsOr
h3PmdESya3h2K8I0ymydf1FOEnH8j8GXIWQqhtg7c0LfYbZs7GBFVWzdrBGVF8Xq
5QBWOS06VBcllqUW9cqykebILAriDHNGQ1BUjniZPzjk0VM=
-----END CERTIFICATE-----
Generated at Thu Apr 10 04:03:44 2025 by rpki-client