Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
File: 3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: coDxKdn0YRHO49Doex+1x3jsSCHFBR5oZCOHjIsMrU4=
Subject key identifier: 2C:7A:2B:55:B2:51:41:E3:92:E4:6E:BE:43:41:E2:32:7B:C6:DE:C6
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 3D27832D48C5C7114D771B43CC56F3A26AA83EEB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 27 Jan 2025 09:44:54 +0000
ROA not before: Mon 27 Jan 2025 09:39:54 +0000
ROA not after: Mon 26 Jan 2026 09:44:54 +0000
asID: 212238
IP address blocks: 185.153.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:27:83:2d:48:c5:c7:11:4d:77:1b:43:cc:56:f3:a2:6a:a8:3e:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:54 2025 GMT
Not After : Jan 26 09:44:54 2026 GMT
Subject: CN=2C7A2B55B25141E392E46EBE4341E2327BC6DEC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ef:45:90:1e:bd:4d:b0:ae:96:22:b9:19:02:
69:4e:c6:bb:3e:11:9f:f6:ae:b8:48:ef:75:b2:a9:
77:66:dc:61:2f:33:96:08:92:d8:f1:e2:32:2d:e4:
d7:28:93:f1:26:95:e5:e8:6f:7a:fb:3a:37:cd:b3:
1e:69:ff:f2:ff:8d:53:19:2c:87:cb:4d:a3:b2:2b:
c4:22:e7:10:a8:0d:85:a2:28:29:0b:ff:63:37:9d:
aa:80:ce:a3:99:c8:72:34:16:72:41:7a:47:44:07:
ac:00:52:63:f8:36:17:af:1e:f8:f7:f9:1a:f2:8a:
1e:4c:5c:82:bf:67:94:f0:73:17:c2:f4:92:81:01:
5c:a6:b6:72:48:02:cd:10:73:d1:a7:a9:15:44:63:
d5:41:a5:58:b1:a2:41:4f:f1:ad:96:2b:17:13:99:
06:70:06:ad:c9:73:a7:6b:51:ff:cd:7b:3a:9a:8d:
49:92:d5:f7:56:ac:28:7c:a9:3d:e3:88:10:88:0e:
d0:91:5b:b4:4c:8a:ff:f8:4f:92:5a:94:58:43:52:
81:40:cb:fb:4d:6f:7f:fb:8d:2c:ea:2e:bd:cb:e3:
87:17:f8:13:c1:08:52:5a:bb:c3:29:a2:14:8a:21:
30:bd:c2:0e:b1:a7:f5:8a:54:7e:d8:2f:ab:35:5f:
f4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7A:2B:55:B2:51:41:E3:92:E4:6E:BE:43:41:E2:32:7B:C6:DE:C6
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137362e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:3d:b2:40:30:1f:f8:ca:18:f4:ed:91:8b:1a:ee:92:fc:95:
65:9d:78:3e:b7:2b:26:ec:63:29:94:fb:4b:1a:17:eb:a7:f3:
2d:9e:24:ab:6a:c7:5c:32:a5:87:9b:8e:87:73:f5:4b:0a:25:
86:73:02:6f:56:a6:77:17:ff:f2:56:fc:bf:5d:1e:c7:df:f5:
a6:13:b9:51:15:6a:a8:ec:7e:c6:98:b3:3f:66:39:b0:8f:c5:
ea:16:ba:54:91:a4:56:ce:98:67:ad:7b:7b:1e:6c:f6:15:0a:
1c:f1:ec:5b:0c:60:2a:e2:10:66:cb:d0:b6:d6:a2:6d:a9:56:
47:8b:7d:1a:64:71:83:ee:db:55:29:a7:0d:ac:97:c9:e0:30:
8d:97:78:f1:5d:ca:fa:f4:94:57:0a:c2:b1:60:7b:af:19:e4:
f1:24:cb:ea:9c:64:6a:4c:8f:2f:93:f1:6c:92:77:37:b9:f8:
1b:e9:cd:f8:40:f9:ac:7e:3e:6a:7b:62:0b:eb:d0:88:b0:3e:
9d:97:63:4c:28:52:a4:e9:0d:3e:49:d9:43:2e:dc:03:d3:77:
b6:96:0d:e4:49:c3:4f:27:d0:28:05:b5:38:ad:ab:39:0c:41:
e1:10:49:c0:bb:52:03:03:13:c5:13:87:8a:0f:24:67:b5:e4:
8c:3b:b8:84
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPSeDLUjFxxFNdxtDzFbzomqoPuswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTRaFw0yNjAxMjYwOTQ0NTRaMDMxMTAvBgNV
BAMTKDJDN0EyQjU1QjI1MTQxRTM5MkU0NkVCRTQzNDFFMjMyN0JDNkRFQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDw70WQHr1NsK6WIrkZAmlOxrs+
EZ/2rrhI73WyqXdm3GEvM5YIktjx4jIt5Ncok/EmleXob3r7OjfNsx5p//L/jVMZ
LIfLTaOyK8Qi5xCoDYWiKCkL/2M3naqAzqOZyHI0FnJBekdEB6wAUmP4NhevHvj3
+Rryih5MXIK/Z5TwcxfC9JKBAVymtnJIAs0Qc9GnqRVEY9VBpVixokFP8a2WKxcT
mQZwBq3Jc6drUf/NezqajUmS1fdWrCh8qT3jiBCIDtCRW7RMiv/4T5JalFhDUoFA
y/tNb3/7jSzqLr3L44cX+BPBCFJau8MpohSKITC9wg6xp/WKVH7YL6s1X/RnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQULHorVbJRQeOS5G6+Q0HiMnvG3sYwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM2MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzIzMzM4LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmwMA0GCSqGSIb3DQEBCwUAA4IBAQChPbJAMB/4yhj07ZGLGu6S
/JVlnXg+tysm7GMplPtLGhfrp/MtniSrasdcMqWHm46Hc/VLCiWGcwJvVqZ3F//y
Vvy/XR7H3/WmE7lRFWqo7H7GmLM/Zjmwj8XqFrpUkaRWzphnrXt7Hmz2FQoc8exb
DGAq4hBmy9C21qJtqVZHi30aZHGD7ttVKacNrJfJ4DCNl3jxXcr69JRXCsKxYHuv
GeTxJMvqnGRqTI8vk/Fsknc3ufgb6c34QPmsfj5qe2IL69CIsD6dl2NMKFKk6Q0+
SdlDLtwD03e2lg3kScNPJ9AoBbU4ras5DEHhEEnAu1IDAxPFE4eKDyRnteSMO7iE
-----END CERTIFICATE-----
Generated at Wed Apr 9 07:07:57 2025 by rpki-client