Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e203531383437.roa
File: 3134312e39382e37352e302f32342d3234203d3e203531383437.roa (raw, json)
Hash identifier: X2j2qrEASFLuubxYZleJzcWl9m0S63UAIqnrbnUjV9c=
Subject key identifier: 66:B1:DF:B0:44:C8:17:20:14:3D:6A:D4:63:3D:49:30:97:4C:15:92
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 69CB5EC83DE33608CDF39A7513A42E21E1612A99
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e203531383437.roa
Signing time: Mon 24 Mar 2025 09:53:58 +0000
ROA not before: Mon 24 Mar 2025 09:48:58 +0000
ROA not after: Mon 23 Mar 2026 09:53:58 +0000
asID: 51847
IP address blocks: 141.98.75.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:cb:5e:c8:3d:e3:36:08:cd:f3:9a:75:13:a4:2e:21:e1:61:2a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 24 09:48:58 2025 GMT
Not After : Mar 23 09:53:58 2026 GMT
Subject: CN=66B1DFB044C81720143D6AD4633D4930974C1592
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:c1:ed:15:c3:cc:09:ee:30:a5:17:d0:51:15:
19:29:1b:8a:f9:ce:bc:a3:49:80:80:f0:68:e2:ac:
01:5f:96:4c:b1:7e:96:d6:0a:77:94:56:40:ee:16:
23:6d:4d:7d:25:d7:5b:81:ef:19:db:f2:75:9b:5c:
e1:84:b0:b4:92:54:ff:45:e9:ed:aa:5b:2c:66:b6:
f7:4a:5f:08:7d:15:c5:e9:98:4e:e7:88:0d:3e:2b:
c7:f7:a7:0c:99:a0:91:79:08:b9:d4:c0:6d:17:ca:
ed:d8:ae:cc:aa:99:a1:5f:14:76:39:60:ef:89:02:
e0:b8:8c:f5:58:fb:8f:2e:52:d1:59:ab:d7:8b:a4:
62:01:4b:43:93:ea:a8:64:63:c3:dc:41:10:bf:e0:
51:7c:02:5f:16:aa:df:2d:83:5a:4a:4d:ab:cb:58:
5a:af:ed:45:b5:95:b9:6b:02:21:71:d1:b1:e9:f4:
3a:51:f7:a3:95:bb:a7:88:44:fc:6d:32:79:b7:0d:
43:08:f1:e9:f4:48:71:5a:b2:d6:eb:34:56:34:85:
46:65:04:fc:0f:04:c7:fa:19:e9:37:6e:3a:61:9d:
2b:b9:80:35:84:9c:c4:1b:f0:6d:70:62:95:0e:4f:
06:87:07:5f:72:ab:ca:7c:c3:7a:89:21:c7:ff:c7:
22:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:B1:DF:B0:44:C8:17:20:14:3D:6A:D4:63:3D:49:30:97:4C:15:92
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/3134312e39382e37352e302f32342d3234203d3e203531383437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.75.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:52:99:da:5a:d0:77:a7:af:cc:f3:7a:4f:ff:0b:83:0c:85:
0c:68:f7:ff:95:fb:8a:95:bf:5c:51:3f:bb:59:81:0e:b9:a5:
f5:f4:6a:ed:0c:82:94:6b:a6:aa:30:4f:a9:01:6f:3f:02:c6:
c8:c8:2c:fe:00:04:cb:80:30:f9:a4:76:d7:a2:99:0a:1f:64:
68:ba:82:d3:dc:e0:23:d6:e6:ce:82:9f:f4:49:87:e2:53:00:
d1:fb:9f:21:2a:60:70:57:b6:df:20:34:de:ba:20:a6:41:25:
95:dd:68:b6:d6:93:b2:d4:61:39:c0:1f:2c:57:74:8f:23:6c:
08:22:95:10:6d:7a:bf:4f:d9:2e:c1:58:08:af:53:eb:22:fc:
53:95:ea:79:25:40:13:81:92:74:3f:dc:24:4e:0e:73:9e:76:
01:88:d5:39:f3:e2:5f:1c:04:e2:ea:6f:cb:b9:5e:3d:68:ac:
e2:33:57:c0:5c:53:71:82:b9:57:11:76:be:15:60:1c:cd:27:
f1:d1:4b:26:95:6f:80:da:ff:d0:c3:3b:11:bb:28:1e:66:f8:
c1:81:36:ae:e4:d6:cb:13:0d:a0:bb:49:50:10:a7:9c:7d:16:
39:45:b3:e2:0d:2c:92:9b:11:98:66:0f:9d:a4:4f:bb:9f:35:
a0:87:35:ca
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUacteyD3jNgjN85p1E6QuIeFhKpkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMjQwOTQ4NThaFw0yNjAzMjMwOTUzNThaMDMxMTAvBgNV
BAMTKDY2QjFERkIwNDRDODE3MjAxNDNENkFENDYzM0Q0OTMwOTc0QzE1OTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJwe0Vw8wJ7jClF9BRFRkpG4r5
zryjSYCA8GjirAFflkyxfpbWCneUVkDuFiNtTX0l11uB7xnb8nWbXOGEsLSSVP9F
6e2qWyxmtvdKXwh9FcXpmE7niA0+K8f3pwyZoJF5CLnUwG0Xyu3YrsyqmaFfFHY5
YO+JAuC4jPVY+48uUtFZq9eLpGIBS0OT6qhkY8PcQRC/4FF8Al8Wqt8tg1pKTavL
WFqv7UW1lblrAiFx0bHp9DpR96OVu6eIRPxtMnm3DUMI8en0SHFastbrNFY0hUZl
BPwPBMf6Gek3bjphnSu5gDWEnMQb8G1wYpUOTwaHB19yq8p8w3qJIcf/xyKbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUZrHfsETIFyAUPWrUYz1JMJdMFZIwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzEzNDMxMmUzOTM4MmUzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMTM4MzQzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI1i
SzANBgkqhkiG9w0BAQsFAAOCAQEAWlKZ2lrQd6evzPN6T/8LgwyFDGj3/5X7ipW/
XFE/u1mBDrml9fRq7QyClGumqjBPqQFvPwLGyMgs/gAEy4Aw+aR216KZCh9kaLqC
09zgI9bmzoKf9EmH4lMA0fufISpgcFe23yA03rogpkElld1ottaTstRhOcAfLFd0
jyNsCCKVEG16v0/ZLsFYCK9T6yL8U5XqeSVAE4GSdD/cJE4Oc552AYjVOfPiXxwE
4upvy7lePWis4jNXwFxTcYK5VxF2vhVgHM0n8dFLJpVvgNr/0MM7EbsoHmb4wYE2
ruTWyxMNoLtJUBCnnH0WOUWz4g0skpsRmGYPnaRPu581oIc1yg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:51:27 2025 by rpki-client