Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e203330343536.roa
File: 3138352e3231332e3234332e302f32342d3234203d3e203330343536.roa (raw, json)
Hash identifier: aTFuiZRKSKlOcP1bFw/QEJGr9kwsAqFvqfR62oNQfMc=
Subject key identifier: 00:10:DF:E0:CE:86:7B:42:73:14:D7:D9:FB:12:FF:25:D7:47:EC:14
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 48AF1B927EFBC7C764EB3F34315A374E69E5EA3D
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e203330343536.roa
Signing time: Mon 24 Mar 2025 01:53:58 +0000
ROA not before: Mon 24 Mar 2025 01:48:58 +0000
ROA not after: Mon 23 Mar 2026 01:53:58 +0000
asID: 30456
IP address blocks: 185.213.243.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:af:1b:92:7e:fb:c7:c7:64:eb:3f:34:31:5a:37:4e:69:e5:ea:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Mar 24 01:48:58 2025 GMT
Not After : Mar 23 01:53:58 2026 GMT
Subject: CN=0010DFE0CE867B427314D7D9FB12FF25D747EC14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2d:35:cc:af:89:e0:84:92:b2:91:ff:68:77:
21:0a:a0:43:cf:c8:f4:58:2e:96:4c:5f:6a:e4:97:
19:09:e3:e1:39:b5:6f:53:5d:b9:7a:a6:0c:0f:23:
0f:a0:68:f5:45:24:aa:54:33:be:9f:fc:68:71:90:
36:2c:7a:1c:48:26:52:a2:55:ac:2d:90:c9:81:c8:
2e:69:a4:be:98:fe:b9:5c:d2:18:0e:a0:57:31:ab:
a3:81:c3:0f:37:90:47:f9:ea:5a:4a:3a:ab:1b:bd:
3c:6f:84:9d:c7:4d:2f:11:3f:6d:a8:ed:7f:e9:7e:
b4:b2:8f:7c:aa:67:95:e0:07:c6:32:2e:a4:1c:2c:
33:65:d9:5c:85:19:29:74:1a:c8:7b:2b:41:e6:53:
28:f2:47:68:4f:3e:df:56:64:0c:d8:3e:62:08:1b:
e9:fb:20:1e:4a:e9:bf:02:4c:ef:96:34:7c:8b:9e:
46:c7:40:06:68:af:ba:e0:e9:17:90:1c:07:32:57:
d2:e4:b6:b7:bf:9b:7c:fd:3e:e4:2e:55:8e:8f:3a:
32:2a:54:14:6c:83:3a:5b:58:1e:8c:56:75:6a:b0:
15:ca:04:a6:35:26:3f:34:c1:9b:c5:75:8a:5c:4b:
ce:33:b7:ea:0f:87:7c:e6:83:2f:f2:3a:0a:37:5d:
39:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:10:DF:E0:CE:86:7B:42:73:14:D7:D9:FB:12:FF:25:D7:47:EC:14
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234332e302f32342d3234203d3e203330343536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:4f:98:3e:a8:94:5a:0b:3e:02:b4:d7:79:17:d8:11:0e:61:
c3:f5:0d:79:5f:61:a1:97:dd:7e:a7:29:80:09:21:75:48:69:
22:29:8c:d7:d1:80:a1:8c:a8:c7:01:c9:76:1c:bd:05:74:28:
2b:1e:d7:c3:98:be:01:f7:84:da:c3:fc:6a:f5:2f:41:05:1a:
32:85:4e:d5:3e:88:14:77:4e:65:b4:78:1f:04:83:57:0e:8a:
71:7d:98:b9:ed:02:4a:68:de:16:ff:6d:6c:3f:dc:69:d0:13:
d4:3c:76:4e:8a:a3:bb:69:de:53:ea:16:d7:77:44:26:e5:da:
2b:1a:e1:65:7b:7b:93:2a:e0:f0:79:6f:bc:94:f7:61:51:79:
ce:a5:d2:6f:aa:a3:8b:4a:82:be:ff:02:15:c3:30:be:82:f5:
b7:df:45:10:bb:6e:4b:bc:99:3c:98:d5:d8:3e:9b:df:b3:e0:
10:dc:50:7e:4e:67:a5:b6:70:27:95:d4:be:6d:28:6e:db:77:
49:89:36:2e:4d:26:3b:62:65:e3:24:18:e6:d1:c6:a4:14:ac:
e8:6b:d7:d0:1f:d7:27:e1:f0:b4:6c:77:fb:f1:44:b0:13:28:
b1:78:99:5c:7b:54:f8:af:b5:e1:a9:21:51:a4:5c:51:92:7b:
8b:ad:04:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSK8bkn77x8dk6z80MVo3Tmnl6j0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTAzMjQwMTQ4NThaFw0yNjAzMjMwMTUzNThaMDMxMTAvBgNV
BAMTKDAwMTBERkUwQ0U4NjdCNDI3MzE0RDdEOUZCMTJGRjI1RDc0N0VDMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQLTXMr4nghJKykf9odyEKoEPP
yPRYLpZMX2rklxkJ4+E5tW9TXbl6pgwPIw+gaPVFJKpUM76f/GhxkDYsehxIJlKi
VawtkMmByC5ppL6Y/rlc0hgOoFcxq6OBww83kEf56lpKOqsbvTxvhJ3HTS8RP22o
7X/pfrSyj3yqZ5XgB8YyLqQcLDNl2VyFGSl0Gsh7K0HmUyjyR2hPPt9WZAzYPmII
G+n7IB5K6b8CTO+WNHyLnkbHQAZor7rg6ReQHAcyV9Lktre/m3z9PuQuVY6POjIq
VBRsgzpbWB6MVnVqsBXKBKY1Jj80wZvFdYpcS84zt+oPh3zmgy/yOgo3XTlvAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUABDf4M6Ge0JzFNfZ+xL/JddH7BQwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzAzNDM1MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fMwDQYJKoZIhvcNAQELBQADggEBAKRPmD6olFoLPgK013kX2BEOYcP1DXlf
YaGX3X6nKYAJIXVIaSIpjNfRgKGMqMcByXYcvQV0KCse18OYvgH3hNrD/Gr1L0EF
GjKFTtU+iBR3TmW0eB8Eg1cOinF9mLntAkpo3hb/bWw/3GnQE9Q8dk6Ko7tp3lPq
Ftd3RCbl2isa4WV7e5Mq4PB5b7yU92FRec6l0m+qo4tKgr7/AhXDML6C9bffRRC7
bku8mTyY1dg+m9+z4BDcUH5OZ6W2cCeV1L5tKG7bd0mJNi5NJjtiZeMkGObRxqQU
rOhr19Af1yfh8LRsd/vxRLATKLF4mVx7VPivteGpIVGkXFGSe4utBOA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:46 2025 by rpki-client