Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: +Cgri0dz3lCclo0MuT04LNn4FtNZlpiIq1+Gu2V5CA8=
Subject key identifier: DB:60:C8:A4:0A:0B:F6:4A:29:E7:AE:36:DD:74:0D:B5:E3:26:5E:4E
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 4A16314EBE77414E936F2925BD81437D2A8BFA4E
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20383334.roa
Signing time: Mon 02 Dec 2024 00:04:40 +0000
ROA not before: Sun 01 Dec 2024 23:59:40 +0000
ROA not after: Mon 01 Dec 2025 00:04:40 +0000
asID: 834
IP address blocks: 159.253.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:16:31:4e:be:77:41:4e:93:6f:29:25:bd:81:43:7d:2a:8b:fa:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Dec 1 23:59:40 2024 GMT
Not After : Dec 1 00:04:40 2025 GMT
Subject: CN=DB60C8A40A0BF64A29E7AE36DD740DB5E3265E4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:43:86:a3:7c:1a:36:e8:de:96:ec:47:51:e5:
84:f2:ca:db:22:6b:4b:dd:70:9d:19:74:93:b6:99:
a2:87:c0:2c:fe:83:4d:0c:03:d4:59:4d:75:d6:a8:
b7:69:6d:6e:11:71:7d:34:05:8a:f6:ca:d4:b3:13:
3b:34:ae:b1:1c:ab:ab:4e:d3:b0:1a:f8:6d:eb:84:
e4:f3:c0:af:fe:cf:6c:e9:e0:d6:dc:d6:a8:c3:ac:
80:f9:2a:6f:b0:98:be:b1:cd:17:e4:51:88:a8:83:
db:58:7a:42:dd:f6:36:f8:27:af:e7:c1:50:1a:a3:
b5:37:44:c6:b0:c6:58:61:8a:ba:07:90:32:71:f9:
04:77:41:aa:13:53:6f:1e:34:d1:03:1a:99:86:cb:
e5:d7:2f:1a:52:14:75:3f:ca:b6:6a:6d:61:5c:19:
dd:0e:89:a6:8b:3c:ed:12:e7:fa:d9:34:5b:44:87:
55:73:6d:8f:35:36:75:05:09:b2:19:76:72:29:b4:
f6:43:ff:f6:09:fa:ff:5c:6c:37:84:5e:bf:60:54:
c7:c6:f9:cc:60:84:5b:d3:13:61:8f:3e:aa:58:7d:
e9:9c:87:57:db:df:6b:45:1c:52:5f:79:d9:38:97:
78:db:f3:a5:53:db:f6:b3:92:45:b1:e9:16:7a:da:
05:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:60:C8:A4:0A:0B:F6:4A:29:E7:AE:36:DD:74:0D:B5:E3:26:5E:4E
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.1.0/24
Signature Algorithm: sha256WithRSAEncryption
24:16:c6:7c:8f:e3:11:ce:b6:64:b0:13:7b:49:26:86:99:99:
a6:8e:25:34:27:38:b1:f7:51:3b:68:ef:89:c7:8e:4d:4d:cc:
37:3a:ea:8c:b5:6e:7e:c0:ea:d7:d0:da:04:e5:22:40:2e:99:
de:4e:51:eb:f9:77:f2:b3:d5:01:e1:ae:3e:5e:b2:d6:c3:b5:
6c:ce:41:ff:cb:26:28:4d:b6:d5:70:40:71:eb:5f:53:8f:12:
50:e1:0f:75:b4:8b:a3:3b:32:cb:a7:be:84:ba:3e:af:15:c2:
64:64:84:aa:b2:29:d3:45:ee:18:d4:13:96:d2:16:d1:d4:ca:
f4:25:18:0a:0f:6b:70:9e:d5:3d:d8:fa:7d:8f:1a:25:e2:b9:
31:fc:44:18:48:ed:03:72:56:e0:5d:82:c8:6d:a6:88:35:8f:
db:29:97:55:b4:0e:3c:7b:83:28:85:85:ff:03:d8:f5:04:ba:
ba:e7:46:d2:cf:0f:7d:f1:67:62:e5:eb:8b:12:fb:27:29:bf:
d2:2b:f9:bc:ea:01:e3:b2:f1:54:97:4f:63:95:92:db:be:86:
f1:e4:01:83:82:51:82:88:d7:b4:83:c2:43:2f:72:1f:5a:e9:
c0:39:9d:6e:e1:c7:01:eb:65:a5:bb:2a:61:37:af:73:a5:73:
3d:b0:83:3d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUShYxTr53QU6TbyklvYFDfSqL+k4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDEyMDEyMzU5NDBaFw0yNTEyMDEwMDA0NDBaMDMxMTAvBgNV
BAMTKERCNjBDOEE0MEEwQkY2NEEyOUU3QUUzNkRENzQwREI1RTMyNjVFNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Q4ajfBo26N6W7EdR5YTyytsi
a0vdcJ0ZdJO2maKHwCz+g00MA9RZTXXWqLdpbW4RcX00BYr2ytSzEzs0rrEcq6tO
07Aa+G3rhOTzwK/+z2zp4Nbc1qjDrID5Km+wmL6xzRfkUYiog9tYekLd9jb4J6/n
wVAao7U3RMawxlhhiroHkDJx+QR3QaoTU28eNNEDGpmGy+XXLxpSFHU/yrZqbWFc
Gd0OiaaLPO0S5/rZNFtEh1VzbY81NnUFCbIZdnIptPZD//YJ+v9cbDeEXr9gVMfG
+cxghFvTE2GPPqpYfemch1fb32tFHFJfedk4l3jb86VT2/azkkWx6RZ62gVLAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU22DIpAoL9kop56423XQNteMmXk4wHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0BMA0G
CSqGSIb3DQEBCwUAA4IBAQAkFsZ8j+MRzrZksBN7SSaGmZmmjiU0Jzix91E7aO+J
x45NTcw3OuqMtW5+wOrX0NoE5SJALpneTlHr+Xfys9UB4a4+XrLWw7VszkH/yyYo
TbbVcEBx619TjxJQ4Q91tIujOzLLp76Euj6vFcJkZISqsinTRe4Y1BOW0hbR1Mr0
JRgKD2twntU92Pp9jxol4rkx/EQYSO0DclbgXYLIbaaINY/bKZdVtA48e4MohYX/
A9j1BLq650bSzw998Wdi5euLEvsnKb/SK/m86gHjsvFUl09jlZLbvobx5AGDglGC
iNe0g8JDL3IfWunAOZ1u4ccB62WluyphN69zpXM9sIM9
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:43:07 2025 by rpki-client