Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37332e302f32342d3234203d3e203531353631.roa
File: 3134312e39382e37332e302f32342d3234203d3e203531353631.roa (raw, json)
Hash identifier: Qa1dbKJe4+Dd1UoQ3xXDywTR9j4XgSIExxzLHnYTH8M=
Subject key identifier: 9F:80:68:D1:B8:90:51:57:D1:AE:92:96:E5:E2:E6:48:19:96:F2:F5
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 42BCA92C02EC610F99C20C7CD037992EDD399321
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37332e302f32342d3234203d3e203531353631.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 51561
IP address blocks: 141.98.73.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:bc:a9:2c:02:ec:61:0f:99:c2:0c:7c:d0:37:99:2e:dd:39:93:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=9F8068D1B8905157D1AE9296E5E2E6481996F2F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c8:3e:e7:b5:ab:d2:6c:57:10:20:7f:4b:ed:
f7:28:d8:92:4f:0b:b9:7e:9b:95:4c:57:e7:56:8e:
0e:9e:f7:88:3e:bf:6f:e6:56:df:fc:48:0c:9f:6b:
e7:35:48:5e:0b:2c:d6:08:3e:d3:bf:63:c9:b5:f5:
14:cb:46:78:2e:e6:e2:66:02:be:50:9a:ea:1a:4b:
36:36:79:65:99:1f:24:83:0d:a2:fe:db:51:f2:42:
df:1d:3a:3a:2c:e9:8f:6a:14:32:d7:e9:72:b4:64:
ea:20:6e:66:e1:63:20:19:cb:6b:25:64:e3:31:ab:
88:39:c8:c6:4e:d0:a9:36:db:d3:10:19:3a:ff:7e:
14:56:de:0b:07:9a:7a:ac:ae:7c:f9:7a:ff:d1:86:
c7:ba:e8:43:c9:21:43:bf:94:16:03:37:1b:1f:a5:
82:20:e4:24:31:00:93:66:6f:16:25:53:4c:c2:92:
dc:08:d0:92:c3:79:7c:2d:66:98:a3:65:2f:fc:7a:
cb:81:c0:e5:5b:89:f2:39:45:d5:54:a8:d7:c8:2d:
6d:3b:35:3a:5e:8d:87:fe:9e:35:46:f8:72:86:78:
3d:f8:b4:07:f3:2a:82:a1:ab:7e:7e:79:4f:64:55:
b5:4f:1a:0a:f8:8b:42:69:bc:22:56:ed:22:21:23:
5e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:80:68:D1:B8:90:51:57:D1:AE:92:96:E5:E2:E6:48:19:96:F2:F5
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37332e302f32342d3234203d3e203531353631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.73.0/24
Signature Algorithm: sha256WithRSAEncryption
18:6e:c7:39:75:e2:1d:28:1b:bd:77:4e:77:85:98:f5:d2:df:
df:9f:67:2d:51:71:ea:0a:d2:5a:5b:af:33:03:1d:01:96:29:
ec:45:2a:44:f5:a3:83:a5:36:42:b0:bd:72:01:3b:6f:b1:32:
9f:87:1a:be:a1:82:0e:4f:d7:a2:80:46:e9:b5:33:2d:44:f2:
88:65:11:2b:ba:8d:4d:de:57:db:d0:09:d5:d3:c6:3e:c7:33:
9b:9c:58:1e:d2:dd:e2:74:e5:8c:84:1d:6e:1e:0d:82:99:c8:
68:73:83:c4:19:be:e0:e2:91:c9:f3:03:4d:9f:52:ac:8e:06:
45:f8:87:7e:88:f2:d4:4b:ce:5e:87:4e:9e:54:bb:e0:2a:fe:
f2:f5:98:4a:85:c0:61:3c:70:73:8b:43:c5:fc:d4:81:35:83:
98:c5:4d:12:ca:d3:44:f1:b1:c5:f5:d7:cc:f3:b2:b4:3b:e7:
ef:da:40:68:8e:da:0b:4e:c0:81:4a:4c:70:ad:bd:96:26:72:
6e:f0:7e:7c:5a:af:cb:30:cc:01:ad:cd:36:10:dc:a6:b3:fb:
1c:33:c8:9c:1a:22:26:59:a4:e7:83:5b:82:7f:fc:50:c6:41:
aa:7c:f7:82:6d:14:0e:11:a4:02:3b:03:eb:1a:e4:07:6f:c7:
52:a4:85:ee
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQrypLALsYQ+Zwgx80DeZLt05kyEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKDlGODA2OEQxQjg5MDUxNTdEMUFFOTI5NkU1RTJFNjQ4MTk5NkYyRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtyD7ntavSbFcQIH9L7fco2JJP
C7l+m5VMV+dWjg6e94g+v2/mVt/8SAyfa+c1SF4LLNYIPtO/Y8m19RTLRngu5uJm
Ar5QmuoaSzY2eWWZHySDDaL+21HyQt8dOjos6Y9qFDLX6XK0ZOogbmbhYyAZy2sl
ZOMxq4g5yMZO0Kk229MQGTr/fhRW3gsHmnqsrnz5ev/Rhse66EPJIUO/lBYDNxsf
pYIg5CQxAJNmbxYlU0zCktwI0JLDeXwtZpijZS/8esuBwOVbifI5RdVUqNfILW07
NTpejYf+njVG+HKGeD34tAfzKoKhq35+eU9kVbVPGgr4i0JpvCJW7SIhI14lAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUn4Bo0biQUVfRrpKW5eLmSBmW8vUwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTM1MzYzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1i
STANBgkqhkiG9w0BAQsFAAOCAQEAGG7HOXXiHSgbvXdOd4WY9dLf359nLVFx6grS
WluvMwMdAZYp7EUqRPWjg6U2QrC9cgE7b7Eyn4cavqGCDk/XooBG6bUzLUTyiGUR
K7qNTd5X29AJ1dPGPsczm5xYHtLd4nTljIQdbh4NgpnIaHODxBm+4OKRyfMDTZ9S
rI4GRfiHfojy1EvOXodOnlS74Cr+8vWYSoXAYTxwc4tDxfzUgTWDmMVNEsrTRPGx
xfXXzPOytDvn79pAaI7aC07AgUpMcK29liZybvB+fFqvyzDMAa3NNhDcprP7HDPI
nBoiJlmk54Nbgn/8UMZBqnz3gm0UDhGkAjsD6xrkB2/HUqSF7g==
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:04:24 2025 by rpki-client