Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e332e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: bS7OWpukKM13Mrj8vwNN9Xt2FLz0eH8xziJA6OfcVmQ=
Subject key identifier: 55:8A:4B:B8:0A:45:B0:2B:23:8D:D7:D9:8A:1A:4C:C7:4A:76:25:88
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 3195F7EABD887F82D894390FA11F06624EF3ECAD
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e332e302f32342d3234203d3e20383334.roa
Signing time: Sat 28 Sep 2024 00:04:34 +0000
ROA not before: Fri 27 Sep 2024 23:59:34 +0000
ROA not after: Sat 27 Sep 2025 00:04:34 +0000
asID: 834
IP address blocks: 159.253.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:95:f7:ea:bd:88:7f:82:d8:94:39:0f:a1:1f:06:62:4e:f3:ec:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Sep 27 23:59:34 2024 GMT
Not After : Sep 27 00:04:34 2025 GMT
Subject: CN=558A4BB80A45B02B238DD7D98A1A4CC74A762588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:de:4f:8f:13:84:9e:93:cf:b5:8c:2b:81:0f:
b4:70:7c:e2:06:52:cb:7a:dd:86:a4:f7:bb:9c:39:
5f:62:76:3d:af:18:6c:90:e6:2c:27:61:e8:b7:87:
e8:b8:95:ab:5c:94:36:31:16:c1:d3:66:27:80:a1:
15:70:71:83:c2:2e:31:9f:4b:43:ad:ee:7f:de:02:
43:38:44:24:62:98:32:ec:ef:1b:c5:5d:8f:31:5e:
47:7b:a9:87:8d:61:b9:32:97:55:61:2c:31:c3:91:
e4:28:b9:38:b5:61:41:62:97:8c:b5:34:78:fe:fc:
0f:ca:85:89:76:67:ce:53:1e:c6:f1:b9:e3:7e:1f:
11:f2:c9:7e:86:c9:54:94:f8:e7:f1:cb:36:03:2e:
5b:50:69:f6:23:53:ba:44:53:8b:a6:e5:09:3f:8a:
8e:4c:27:be:33:b0:32:a4:3d:f2:39:94:61:50:3d:
3e:b6:5b:2c:f0:bd:94:90:c0:f4:4e:54:ce:f2:75:
84:a8:c9:3f:5e:26:71:f6:37:8f:15:7a:b7:02:23:
22:28:46:2d:90:b5:1e:6c:e3:4b:5f:40:96:06:f8:
ce:11:70:8e:98:04:72:e5:ba:95:89:ed:89:24:5e:
a9:38:a1:c4:23:a9:7d:09:85:31:a3:e5:e7:4e:68:
f3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8A:4B:B8:0A:45:B0:2B:23:8D:D7:D9:8A:1A:4C:C7:4A:76:25:88
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
83:00:a2:03:ca:b4:e7:8e:5a:51:83:ac:4d:b8:8d:f1:ad:e7:
ca:f5:dc:df:81:04:b7:69:40:5c:ca:2b:d7:98:ff:c6:ac:a4:
36:6b:f2:1e:ff:5e:3f:98:c5:fd:c5:3f:6a:6a:81:bd:b3:b7:
35:9a:39:8f:b8:1e:58:2c:5c:35:7d:6a:d3:ec:4b:2b:d4:2f:
60:bd:f4:2b:2d:06:c2:fb:fd:b1:b5:e3:e9:12:b9:21:a6:04:
a8:85:22:5f:dd:d5:d8:f6:f2:d8:19:e5:24:c3:54:a6:ce:c5:
b1:f6:22:d0:27:b1:5c:60:78:73:c7:92:44:5c:e1:fa:b7:57:
13:90:eb:56:74:4b:fb:99:1c:a8:e1:c7:21:f6:9b:24:5b:a6:
ed:e3:9d:57:5d:5b:c1:5e:9c:47:3d:22:35:cf:d7:41:77:4a:
1c:84:37:5a:52:9c:11:ca:39:f4:d2:22:f2:89:2a:ab:7b:42:
7d:78:7d:86:b0:ab:52:52:27:b6:d9:a0:61:8a:d3:81:2e:23:
25:fb:42:97:f9:9a:af:68:21:cf:ad:fa:24:64:4e:c9:85:7f:
3a:b6:29:a9:b0:91:ee:2c:6b:c8:b3:13:10:50:fe:f4:d7:a3:
85:5f:67:bb:2a:7a:5e:ae:ca:c9:4f:d3:b2:15:e6:1e:5c:9e:
45:fc:84:35
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUMZX36r2If4LYlDkPoR8GYk7z7K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDA5MjcyMzU5MzRaFw0yNTA5MjcwMDA0MzRaMDMxMTAvBgNV
BAMTKDU1OEE0QkI4MEE0NUIwMkIyMzhERDdEOThBMUE0Q0M3NEE3NjI1ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP3k+PE4Sek8+1jCuBD7RwfOIG
Ust63Yak97ucOV9idj2vGGyQ5iwnYei3h+i4latclDYxFsHTZieAoRVwcYPCLjGf
S0Ot7n/eAkM4RCRimDLs7xvFXY8xXkd7qYeNYbkyl1VhLDHDkeQouTi1YUFil4y1
NHj+/A/KhYl2Z85THsbxueN+HxHyyX6GyVSU+OfxyzYDLltQafYjU7pEU4um5Qk/
io5MJ74zsDKkPfI5lGFQPT62WyzwvZSQwPROVM7ydYSoyT9eJnH2N48VercCIyIo
Ri2QtR5s40tfQJYG+M4RcI6YBHLlupWJ7YkkXqk4ocQjqX0JhTGj5edOaPOXAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUVYpLuApFsCsjjdfZihpMx0p2JYgwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0DMA0G
CSqGSIb3DQEBCwUAA4IBAQCDAKIDyrTnjlpRg6xNuI3xrefK9dzfgQS3aUBcyivX
mP/GrKQ2a/Ie/14/mMX9xT9qaoG9s7c1mjmPuB5YLFw1fWrT7Esr1C9gvfQrLQbC
+/2xtePpErkhpgSohSJf3dXY9vLYGeUkw1SmzsWx9iLQJ7FcYHhzx5JEXOH6t1cT
kOtWdEv7mRyo4cch9pskW6bt451XXVvBXpxHPSI1z9dBd0ochDdaUpwRyjn00iLy
iSqre0J9eH2GsKtSUie22aBhitOBLiMl+0KX+ZqvaCHPrfokZE7JhX86timpsJHu
LGvIsxMQUP7016OFX2e7KnpersrJT9OyFeYeXJ5F/IQ1
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:40:29 2025 by rpki-client