Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
File: 3134362e31392e3231352e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: iRYq59bmQokDL09C0IXxdPyvoOhAH6U1C6tDW9/0QSs=
Subject key identifier: 12:C1:C7:CE:CD:6A:8D:8D:C7:E2:6E:13:13:07:26:9B:95:E5:1E:37
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2D5623D98B6724C61FDC17EC648096F845A6B72B
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
Signing time: Wed 22 Jan 2025 20:53:52 +0000
ROA not before: Wed 22 Jan 2025 20:48:52 +0000
ROA not after: Wed 21 Jan 2026 20:53:52 +0000
asID: 42831
IP address blocks: 146.19.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:56:23:d9:8b:67:24:c6:1f:dc:17:ec:64:80:96:f8:45:a6:b7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Jan 22 20:48:52 2025 GMT
Not After : Jan 21 20:53:52 2026 GMT
Subject: CN=12C1C7CECD6A8D8DC7E26E131307269B95E51E37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ea:83:35:03:b1:b3:e3:a7:04:32:49:d2:05:
28:ef:23:aa:06:1d:48:7b:71:cd:f7:63:ab:57:93:
67:81:07:24:69:cb:05:a7:d3:5d:88:53:ce:07:1c:
c9:44:70:2e:95:57:7b:7d:60:01:93:f9:b8:28:2e:
53:2e:76:c0:75:11:31:01:a5:a7:9a:19:bc:91:e2:
d0:95:f4:df:23:e2:c5:2d:f1:59:3b:39:a7:4e:64:
6d:40:c0:ec:6c:8c:ee:fe:6c:8f:58:48:fe:5d:b5:
3e:13:d0:07:3f:76:ac:1f:e7:88:c2:85:fc:8b:60:
4b:0b:aa:c9:10:f9:82:d9:01:0c:e5:2a:6c:82:dd:
cb:71:f8:e3:60:bd:a9:91:84:6d:6b:be:d8:ff:7d:
e6:73:5a:e3:63:29:17:3c:c7:2e:94:02:22:82:e6:
6f:d1:b5:99:f5:b3:5d:07:d2:97:07:22:fb:de:a4:
66:2d:13:9c:3a:a6:02:cc:ba:fa:8b:f1:46:11:09:
d5:39:a1:7f:3d:75:16:47:ff:14:0a:1c:3b:e2:84:
67:06:75:e1:45:79:a3:1b:86:86:a0:a6:40:23:42:
4f:d3:9f:ad:3b:42:47:51:1a:15:fe:9c:e1:6e:db:
29:f3:b1:b5:c9:91:a8:61:9a:b0:41:76:ca:13:12:
97:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:C1:C7:CE:CD:6A:8D:8D:C7:E2:6E:13:13:07:26:9B:95:E5:1E:37
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3134362e31392e3231352e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:ce:9d:22:5d:52:f7:0b:7d:0e:ea:2e:38:48:86:65:2a:1c:
9e:1e:20:8e:ab:20:4f:af:b5:35:25:aa:4b:3c:10:89:ef:d8:
d9:ef:56:d8:a7:97:d9:0e:1c:a3:05:c6:2a:ee:e0:b8:19:47:
e7:f8:d3:bd:7f:be:2f:82:33:4c:ea:d8:47:e2:6a:d1:03:d4:
67:b5:aa:07:94:07:b1:1e:81:7f:26:99:67:00:13:cb:b7:f2:
c9:18:5f:4f:22:33:02:c3:df:f9:c3:73:f0:26:7b:0f:6b:59:
ab:75:84:36:d8:45:12:bf:76:18:32:1f:20:2b:7c:45:24:d5:
2a:65:fd:16:38:dd:bf:39:f2:77:1a:b5:54:c6:b1:20:c0:ba:
2b:d9:8f:ce:2a:5d:6c:02:ef:82:fd:21:4c:aa:dc:81:e5:f6:
3e:61:cc:1b:d0:c3:f2:0e:b3:9a:86:b1:28:80:3a:25:cd:8e:
6c:ff:28:03:cb:82:58:c3:b2:62:96:ad:fd:28:a5:f4:c2:55:
0a:6b:68:db:d0:2c:35:06:8d:26:c2:cc:cb:02:d2:43:51:b6:
8f:c8:d4:11:04:ba:0e:ca:65:e8:10:92:90:77:4f:f2:c2:38:
0a:22:cc:07:69:7f:eb:62:33:90:f4:bb:93:0f:98:29:a3:25:
49:5d:63:5b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULVYj2YtnJMYf3BfsZICW+EWmtyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAxMjIyMDQ4NTJaFw0yNjAxMjEyMDUzNTJaMDMxMTAvBgNV
BAMTKDEyQzFDN0NFQ0Q2QThEOERDN0UyNkUxMzEzMDcyNjlCOTVFNTFFMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56oM1A7Gz46cEMknSBSjvI6oG
HUh7cc33Y6tXk2eBByRpywWn012IU84HHMlEcC6VV3t9YAGT+bgoLlMudsB1ETEB
paeaGbyR4tCV9N8j4sUt8Vk7OadOZG1AwOxsjO7+bI9YSP5dtT4T0Ac/dqwf54jC
hfyLYEsLqskQ+YLZAQzlKmyC3ctx+ONgvamRhG1rvtj/feZzWuNjKRc8xy6UAiKC
5m/RtZn1s10H0pcHIvvepGYtE5w6pgLMuvqL8UYRCdU5oX89dRZH/xQKHDvihGcG
deFFeaMbhoagpkAjQk/Tn607QkdRGhX+nOFu2ynzsbXJkahhmrBBdsoTEpf/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUEsHHzs1qjY3H4m4TEwcmm5XlHjcwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzEzNDM2MmUzMTM5MmUzMjMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMyMzgzMzMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
khPXMA0GCSqGSIb3DQEBCwUAA4IBAQB/zp0iXVL3C30O6i44SIZlKhyeHiCOqyBP
r7U1JapLPBCJ79jZ71bYp5fZDhyjBcYq7uC4GUfn+NO9f74vgjNM6thH4mrRA9Rn
taoHlAexHoF/JplnABPLt/LJGF9PIjMCw9/5w3PwJnsPa1mrdYQ22EUSv3YYMh8g
K3xFJNUqZf0WON2/OfJ3GrVUxrEgwLor2Y/OKl1sAu+C/SFMqtyB5fY+Ycwb0MPy
DrOahrEogDolzY5s/ygDy4JYw7Jilq39KKX0wlUKa2jb0Cw1Bo0mwszLAtJDUbaP
yNQRBLoOymXoEJKQd0/ywjgKIswHaX/rYjOQ9LuTD5gpoyVJXWNb
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:41 2025 by rpki-client