Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e35372e3136362e302f32342d3234203d3e20323132323338.roa
File: 3139332e35372e3136362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: yx71MFZnbkIT9F+n3ykytns9x0VSLLtaLHI/05uNQw4=
Subject key identifier: DD:32:07:54:7A:D5:3E:55:0C:0C:1F:3A:2D:C2:20:36:61:B2:0A:E6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 1D0A76134BA289F7205F6F371B2FE552858140A1
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e35372e3136362e302f32342d3234203d3e20323132323338.roa
Signing time: Fri 22 Nov 2024 07:43:28 +0000
ROA not before: Fri 22 Nov 2024 07:38:28 +0000
ROA not after: Fri 21 Nov 2025 07:43:28 +0000
asID: 212238
IP address blocks: 193.57.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:0a:76:13:4b:a2:89:f7:20:5f:6f:37:1b:2f:e5:52:85:81:40:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Nov 22 07:38:28 2024 GMT
Not After : Nov 21 07:43:28 2025 GMT
Subject: CN=DD3207547AD53E550C0C1F3A2DC2203661B20AE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:05:25:c7:16:ce:91:65:cd:ef:d8:b5:b8:e5:
21:97:72:41:0d:6c:ee:04:d1:7c:18:01:40:ad:1d:
32:2b:7f:14:7e:6f:ac:75:59:1c:29:f5:6b:54:c7:
43:4e:60:6b:14:fd:fc:10:78:90:d6:8b:ed:50:c7:
51:25:09:5d:e8:b4:49:4f:b7:48:0e:d7:af:08:3c:
08:26:7c:13:57:35:96:21:c3:bd:ab:a1:55:cd:61:
ba:34:fc:2a:c9:bd:51:a7:b2:7c:25:00:9a:1d:06:
bb:b6:94:12:e1:52:2f:96:8a:dd:fd:d3:bb:6d:02:
2d:ab:ad:c8:d2:f6:d5:8f:71:77:ad:f1:a6:4a:f8:
ff:cc:12:80:9b:54:0b:7e:eb:23:4b:d3:32:2f:88:
a0:d1:db:54:e8:8b:71:d3:e4:7d:a2:1c:c5:93:2e:
b6:8c:6a:66:23:01:de:2c:9b:39:88:9c:c9:6f:0a:
e9:b9:22:65:92:c3:35:d7:53:66:cf:fd:d2:ff:ad:
31:e2:55:00:06:4c:e0:56:e6:89:f8:17:97:61:c9:
37:4b:65:7b:a5:c9:ca:34:25:43:f8:9e:c4:2d:a9:
a2:f0:3d:a8:d3:fa:94:6a:52:21:f4:65:b7:85:e1:
80:70:84:41:5b:68:c4:b1:87:b6:33:86:4d:7a:4f:
56:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:32:07:54:7A:D5:3E:55:0C:0C:1F:3A:2D:C2:20:36:61:B2:0A:E6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3139332e35372e3136362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.57.166.0/24
Signature Algorithm: sha256WithRSAEncryption
49:6b:11:de:de:b1:8e:41:c1:7d:d8:e6:81:4f:dc:ab:c0:8f:
1f:0f:b1:11:a8:be:3c:e3:e3:4c:02:18:65:22:0c:7d:2e:bf:
d4:2e:1b:78:8c:21:1b:8e:5b:52:b6:b6:28:40:c1:5d:55:0c:
e0:45:83:7a:e7:f1:ef:be:97:1a:c3:c6:bf:be:cb:da:13:a9:
68:de:68:e4:e9:31:18:d0:d1:e2:1b:b0:b4:de:52:58:f0:89:
83:fd:f3:06:97:f4:ec:16:ce:dc:15:dd:e9:55:d8:ba:74:f6:
44:48:13:87:74:3d:0e:33:5b:3e:c9:b1:05:e6:53:c8:50:ba:
99:a2:f0:5d:7c:bd:35:88:69:a9:52:1a:c2:8e:e8:09:a9:1f:
07:b3:a5:b7:8e:18:d3:d6:d4:8e:66:a7:70:eb:fb:46:ab:60:
ff:98:dc:af:28:73:e4:f6:98:f8:48:a7:48:d0:97:83:5f:ed:
af:e4:24:31:6e:ef:be:be:f3:7b:42:c4:07:57:05:b3:9d:65:
05:0a:01:59:52:35:5c:6b:58:7e:23:29:68:a4:86:39:71:a0:
01:13:b5:68:bf:e5:5a:9f:df:dc:65:2a:e0:5a:dc:46:4d:57:
ee:3b:a1:9a:4f:e5:27:00:71:e0:7a:a4:87:02:b0:1c:40:ba:
d6:a4:02:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHQp2E0uiifcgX283Gy/lUoWBQKEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDExMjIwNzM4MjhaFw0yNTExMjEwNzQzMjhaMDMxMTAvBgNV
BAMTKEREMzIwNzU0N0FENTNFNTUwQzBDMUYzQTJEQzIyMDM2NjFCMjBBRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3BSXHFs6RZc3v2LW45SGXckEN
bO4E0XwYAUCtHTIrfxR+b6x1WRwp9WtUx0NOYGsU/fwQeJDWi+1Qx1ElCV3otElP
t0gO168IPAgmfBNXNZYhw72roVXNYbo0/CrJvVGnsnwlAJodBru2lBLhUi+Wit39
07ttAi2rrcjS9tWPcXet8aZK+P/MEoCbVAt+6yNL0zIviKDR21Toi3HT5H2iHMWT
LraMamYjAd4smzmInMlvCum5ImWSwzXXU2bP/dL/rTHiVQAGTOBW5on4F5dhyTdL
ZXulyco0JUP4nsQtqaLwPajT+pRqUiH0ZbeF4YBwhEFbaMSxh7Yzhk16T1YpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU3TIHVHrVPlUMDB86LcIgNmGyCuYwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzOTMzMmUzNTM3MmUzMTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADBOaYwDQYJKoZIhvcNAQELBQADggEBAElrEd7esY5BwX3Y5oFP3KvAjx8PsRGo
vjzj40wCGGUiDH0uv9QuG3iMIRuOW1K2tihAwV1VDOBFg3rn8e++lxrDxr++y9oT
qWjeaOTpMRjQ0eIbsLTeUljwiYP98waX9OwWztwV3elV2Lp09kRIE4d0PQ4zWz7J
sQXmU8hQupmi8F18vTWIaalSGsKO6AmpHwezpbeOGNPW1I5mp3Dr+0arYP+Y3K8o
c+T2mPhIp0jQl4Nf7a/kJDFu776+83tCxAdXBbOdZQUKAVlSNVxrWH4jKWikhjlx
oAETtWi/5Vqf39xlKuBa3EZNV+47oZpP5ScAceB6pIcCsBxAutakAow=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:37:14 2025 by rpki-client