Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
File: 38352e3230392e3232332e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier: U9TrNBaZI7vSzVQFFRzU6obpH5utThWiPe1Omuro60M=
Subject key identifier: E9:5E:94:2B:7A:0C:E9:09:34:98:BA:56:E6:A5:BE:82:5A:3B:6E:A1
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 253BFFF499E88B5FEAB9F0501AD680B00AFCD20A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
Signing time: Fri 24 Jan 2025 18:53:52 +0000
ROA not before: Fri 24 Jan 2025 18:48:52 +0000
ROA not after: Fri 23 Jan 2026 18:53:52 +0000
asID: 58061
IP address blocks: 85.209.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:3b:ff:f4:99:e8:8b:5f:ea:b9:f0:50:1a:d6:80:b0:0a:fc:d2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 24 18:48:52 2025 GMT
Not After : Jan 23 18:53:52 2026 GMT
Subject: CN=E95E942B7A0CE9093498BA56E6A5BE825A3B6EA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a8:b8:6c:aa:20:76:94:d9:cc:58:d8:1e:d6:
5c:a1:79:87:b1:4d:89:62:a8:11:fc:24:dd:68:ce:
02:c2:c1:3a:dc:95:5d:a6:56:2d:c1:a5:ab:f2:77:
d2:50:a7:3f:ad:ef:57:fc:99:f0:71:32:ea:72:79:
62:d9:ef:ba:1a:73:59:32:50:18:ff:8b:5d:2c:d4:
d2:18:e3:f2:40:9d:df:ba:1d:58:26:e3:1c:f7:70:
7a:9c:65:8f:cf:1c:95:6c:eb:64:b3:06:57:80:0f:
21:1b:01:af:9b:75:e6:b2:de:65:36:e0:06:e5:ef:
f4:d5:ea:dc:ac:55:05:4d:a5:93:31:9e:b8:1c:ed:
9f:c0:12:44:6f:96:f5:c0:91:44:6a:bd:c3:c0:6d:
5e:83:f1:f0:c0:c4:0d:75:a9:e4:bd:33:01:22:5f:
9e:d0:64:90:09:70:fa:b0:bb:8f:3d:a0:81:8d:42:
61:bb:1b:d8:4f:8d:75:7d:16:6c:eb:a9:c0:58:f0:
9f:2d:42:04:ba:50:2b:26:92:a7:6d:79:0a:c9:bb:
58:5b:7d:1d:86:95:3f:7c:a7:13:2a:e4:12:1e:26:
9f:1e:57:71:dd:fe:5d:06:20:23:51:b9:4a:af:66:
89:40:61:4a:cc:00:3c:c5:4f:ff:89:01:ee:f7:0f:
b6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:5E:94:2B:7A:0C:E9:09:34:98:BA:56:E6:A5:BE:82:5A:3B:6E:A1
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/38352e3230392e3232332e302f32342d3234203d3e203538303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a3:b3:e6:3f:91:98:09:45:f8:0a:d0:f0:ad:2c:0f:8f:18:
58:46:96:fb:56:3e:2a:b0:1c:8f:0d:5c:f1:07:1b:ba:c4:cc:
9f:ee:d8:6f:2e:fd:e6:80:fd:b9:84:4b:ca:d2:17:80:45:ac:
d9:0f:04:21:e2:08:7c:80:0c:ec:b8:ca:60:96:1c:b8:bf:83:
09:1d:0a:1d:14:f9:0f:a0:18:72:db:75:11:04:50:29:68:b8:
83:8d:14:d6:e2:97:1d:50:55:0f:83:a0:71:36:39:5c:cd:75:
3e:1c:05:5e:c2:71:36:3a:1a:44:43:ac:2a:46:67:0c:3a:e0:
79:6e:c3:73:2a:4e:1d:40:76:65:3a:e5:09:0c:d6:a5:71:81:
fc:f5:24:68:dc:df:e3:b5:49:6f:0a:b1:c0:72:48:9c:16:eb:
74:bd:34:f2:f8:2c:f8:85:98:04:0f:67:34:2a:7c:f7:11:b3:
d8:d5:77:b8:26:7d:38:02:e5:1c:f6:07:28:39:fb:ba:2a:c5:
8a:48:6f:6f:a6:de:c1:8f:22:c8:a6:93:d2:aa:dc:2d:ad:30:
f3:68:5e:6d:06:7d:80:ea:3e:15:c7:ce:f5:3f:ce:2f:36:37:
10:90:19:95:73:46:91:1f:4e:1b:d1:f4:75:21:90:df:c6:b9:
19:8e:d2:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJTv/9Jnoi1/qufBQGtaAsAr80gowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjQxODQ4NTJaFw0yNjAxMjMxODUzNTJaMDMxMTAvBgNV
BAMTKEU5NUU5NDJCN0EwQ0U5MDkzNDk4QkE1NkU2QTVCRTgyNUEzQjZFQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUqLhsqiB2lNnMWNge1lyheYex
TYliqBH8JN1ozgLCwTrclV2mVi3Bpavyd9JQpz+t71f8mfBxMupyeWLZ77oac1ky
UBj/i10s1NIY4/JAnd+6HVgm4xz3cHqcZY/PHJVs62SzBleADyEbAa+bdeay3mU2
4Abl7/TV6tysVQVNpZMxnrgc7Z/AEkRvlvXAkURqvcPAbV6D8fDAxA11qeS9MwEi
X57QZJAJcPqwu489oIGNQmG7G9hPjXV9FmzrqcBY8J8tQgS6UCsmkqdteQrJu1hb
fR2GlT98pxMq5BIeJp8eV3Hd/l0GICNRuUqvZolAYUrMADzFT/+JAe73D7aDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6V6UK3oM6Qk0mLpW5qW+glo7bqEwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzgzNTJlMzIzMDM5MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHfMA0GCSqGSIb3DQEBCwUAA4IBAQAyo7PmP5GYCUX4CtDwrSwPjxhYRpb7Vj4q
sByPDVzxBxu6xMyf7thvLv3mgP25hEvK0heARazZDwQh4gh8gAzsuMpglhy4v4MJ
HQodFPkPoBhy23URBFApaLiDjRTW4pcdUFUPg6BxNjlczXU+HAVewnE2OhpEQ6wq
RmcMOuB5bsNzKk4dQHZlOuUJDNalcYH89SRo3N/jtUlvCrHAckicFut0vTTy+Cz4
hZgED2c0Knz3EbPY1Xe4Jn04AuUc9gcoOfu6KsWKSG9vpt7BjyLIppPSqtwtrTDz
aF5tBn2A6j4Vx871P84vNjcQkBmVc0aRH04b0fR1IZDfxrkZjtJd
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:20:30 2025 by rpki-client