Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
File: 3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa (raw, json)
Hash identifier: mC4ihnjT+SIQMxrN5GSEvRAjG5wi5ewc86yCah9yIMg=
Subject key identifier: 0D:E7:05:98:A9:12:31:5A:BE:99:22:9D:AF:7F:0E:87:5C:20:9D:4F
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 1A3D727A7A635530379BBB0F5AA9BEE749DDD44C
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 147049
IP address blocks: 185.153.179.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:3d:72:7a:7a:63:55:30:37:9b:bb:0f:5a:a9:be:e7:49:dd:d4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=0DE70598A912315ABE99229DAF7F0E875C209D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:22:01:8c:86:f0:ac:b4:6f:ef:11:54:7e:f8:
ac:5c:a3:16:20:cc:ac:e6:97:82:3c:32:df:2d:5f:
30:bd:8e:90:08:b1:3e:4d:b3:9f:81:49:72:c0:7d:
91:35:1c:de:be:5e:83:18:17:14:3a:bb:2f:a5:e1:
22:a6:47:2d:68:b8:91:71:14:67:29:8f:df:66:e8:
41:30:9b:5c:13:65:55:16:d4:72:63:98:72:3f:cc:
d5:e7:46:b5:2c:55:72:42:63:59:c6:57:bf:34:93:
f4:ba:00:bc:20:b2:a3:1d:c8:f5:4c:25:4e:d1:00:
94:e3:b1:d7:c4:3b:73:66:e3:46:25:4e:02:9f:e9:
44:10:6e:d4:c9:fb:7c:90:08:a6:4c:4e:1b:4f:fa:
ca:f3:2f:51:5b:db:f6:5b:c7:2e:87:47:ca:67:a3:
7d:32:99:f3:f0:db:72:4e:0c:25:e7:d3:bc:a7:7b:
de:e9:40:0d:00:2f:50:c5:f3:42:06:51:e2:6d:d4:
3f:e2:cd:69:c8:af:6b:e1:27:f5:36:d6:a9:27:54:
bb:cd:ac:65:db:89:8e:40:dd:5e:ca:5d:13:ba:b4:
6d:0e:11:3a:3f:69:c3:7d:b7:cb:62:c7:5a:4a:cf:
a1:21:26:3c:2d:06:74:5d:7e:d3:12:0b:8b:ce:c9:
ce:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:E7:05:98:A9:12:31:5A:BE:99:22:9D:AF:7F:0E:87:5C:20:9D:4F
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3135332e3137392e302f32342d3234203d3e20313437303439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.179.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:cf:0a:bb:42:f5:10:1a:5f:f1:a8:cb:10:04:3f:9a:27:6c:
5d:49:01:63:6f:6e:ba:a5:d2:77:fb:db:81:ef:0e:e8:7e:fa:
a7:3f:b5:65:f2:49:7a:ab:c6:2f:2a:af:69:fb:cd:d5:4d:18:
21:4e:cf:9b:7f:9e:75:e8:0f:4f:55:25:ac:b6:26:69:32:c2:
ab:c8:32:a2:f4:05:90:24:b8:24:d8:56:5a:b6:b5:5b:55:c3:
2d:38:74:cd:9e:72:29:7d:78:88:24:a9:f9:a2:28:ad:80:26:
02:f9:b5:f0:77:5b:f7:08:96:2a:d8:80:e2:ce:80:69:ef:04:
7a:2e:b8:c4:63:af:04:0a:28:c1:40:3b:5c:ec:4b:4b:fb:1a:
88:f5:69:ad:77:90:ec:27:64:b5:3b:5c:3c:11:08:4e:16:18:
e4:8c:d9:f0:2b:88:3f:60:32:56:63:6e:cc:c2:15:0a:9e:24:
d6:37:98:36:e5:93:c7:fc:ff:6d:eb:6b:bd:69:f2:06:f0:85:
f9:8f:f8:83:39:d2:4b:64:e3:b0:6b:91:b2:9c:b0:04:d5:22:
04:d2:fc:5d:9a:c9:e2:6d:7b:ae:40:05:2e:3f:05:16:b4:6d:
2d:1a:d3:62:0d:f5:67:b4:ea:44:ef:0a:71:d0:8e:b6:42:7e:
52:04:c2:78
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUGj1yenpjVTA3m7sPWqm+50nd1EwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKDBERTcwNTk4QTkxMjMxNUFCRTk5MjI5REFGN0YwRTg3NUMyMDlENEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfIgGMhvCstG/vEVR++KxcoxYg
zKzml4I8Mt8tXzC9jpAIsT5Ns5+BSXLAfZE1HN6+XoMYFxQ6uy+l4SKmRy1ouJFx
FGcpj99m6EEwm1wTZVUW1HJjmHI/zNXnRrUsVXJCY1nGV780k/S6ALwgsqMdyPVM
JU7RAJTjsdfEO3Nm40YlTgKf6UQQbtTJ+3yQCKZMThtP+srzL1Fb2/Zbxy6HR8pn
o30ymfPw23JODCXn07yne97pQA0AL1DF80IGUeJt1D/izWnIr2vhJ/U21qknVLvN
rGXbiY5A3V7KXRO6tG0OETo/acN9t8tix1pKz6EhJjwtBnRdftMSC4vOyc7RAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUDecFmKkSMVq+mSKdr38Oh1wgnU8wHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzUz
MzJlMzEzNzM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzNDM5LnJv
YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAuZmzMA0GCSqGSIb3DQEBCwUAA4IBAQB7zwq7QvUQGl/xqMsQBD+a
J2xdSQFjb266pdJ3+9uB7w7ofvqnP7Vl8kl6q8YvKq9p+83VTRghTs+bf5516A9P
VSWstiZpMsKryDKi9AWQJLgk2FZatrVbVcMtOHTNnnIpfXiIJKn5oiitgCYC+bXw
d1v3CJYq2IDizoBp7wR6LrjEY68ECijBQDtc7EtL+xqI9Wmtd5DsJ2S1O1w8EQhO
FhjkjNnwK4g/YDJWY27MwhUKniTWN5g25ZPH/P9t62u9afIG8IX5j/iDOdJLZOOw
a5GynLAE1SIE0vxdmsnibXuuQAUuPwUWtG0tGtNiDfVntOpE7wpx0I62Qn5SBMJ4
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:45:39 2025 by rpki-client