Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e203230383630.roa
File: 3138352e3136392e322e302f32342d3234203d3e203230383630.roa (raw, json)
Hash identifier: GFLzU8nJHprpuDek0hILwh1gXDWgcgxWrqbhhvf5sU4=
Subject key identifier: 79:1B:53:53:07:4A:8D:D6:3B:0E:07:1E:6E:B6:64:08:6E:98:95:8A
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5F129E6D1EE0B24A83ECA39B94BFD79013CF9BB7
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e203230383630.roa
Signing time: Mon 27 Jan 2025 19:45:32 +0000
ROA not before: Mon 27 Jan 2025 19:40:32 +0000
ROA not after: Mon 26 Jan 2026 19:45:32 +0000
asID: 20860
IP address blocks: 185.169.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:12:9e:6d:1e:e0:b2:4a:83:ec:a3:9b:94:bf:d7:90:13:cf:9b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 19:40:32 2025 GMT
Not After : Jan 26 19:45:32 2026 GMT
Subject: CN=791B5353074A8DD63B0E071E6EB664086E98958A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6c:17:76:0f:33:e9:cb:1f:52:84:df:3a:74:
73:9d:77:a9:1c:63:0a:22:ea:e1:30:0b:88:06:5d:
1d:f3:3e:86:d6:cc:29:fe:46:e7:24:12:91:c9:f0:
37:e2:74:72:70:52:4c:3c:f4:5f:5b:eb:52:cc:63:
60:77:a6:59:ab:50:cc:8a:3e:e1:ea:90:8a:34:8d:
6a:bc:44:f7:ff:e1:67:7f:23:50:ad:62:14:92:c1:
c9:f1:87:34:51:36:ae:97:74:6e:11:c6:ca:d6:4d:
37:05:ad:69:8c:da:c7:99:ac:ee:e6:e1:dc:29:6a:
7e:df:a8:5c:04:b5:ef:8f:ec:bc:34:d0:5c:3e:f5:
9d:b0:4c:06:a8:a2:f2:0c:50:67:2b:07:cf:54:b2:
0f:35:6b:69:59:c6:d1:98:6c:25:9c:63:6c:9f:f0:
d9:c9:82:4b:d9:ff:17:fc:5f:82:bd:65:94:82:ef:
17:09:dd:57:fd:df:5a:02:6c:22:11:4e:e6:ae:63:
2c:95:95:4f:37:fe:96:83:e1:7a:81:de:05:30:54:
95:af:31:41:b2:4a:f8:17:f6:c3:27:35:7e:1d:e2:
42:54:ff:88:40:04:a0:2f:9c:e6:0e:8e:f0:e1:8f:
7d:ad:a1:4f:f9:06:93:12:dc:c3:ee:ce:d8:52:71:
28:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1B:53:53:07:4A:8D:D6:3B:0E:07:1E:6E:B6:64:08:6E:98:95:8A
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e322e302f32342d3234203d3e203230383630.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.2.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:6c:b0:ae:70:58:bd:1c:0b:d4:fa:4f:3a:67:9c:20:2e:5a:
9d:fb:c0:75:e8:11:ee:13:6d:be:03:00:91:b5:d5:f0:b1:a7:
fb:af:c1:ce:a6:31:5e:44:fe:03:95:1d:14:2f:5e:90:b8:a2:
e3:1d:f1:36:d0:a3:1d:2f:c1:82:3c:90:9d:67:f0:5f:dc:dd:
ed:4d:fa:b3:f0:1b:94:c1:07:a9:61:ae:4d:26:b5:17:d3:53:
90:77:f3:d3:63:f2:76:dc:ec:6a:30:37:ae:23:95:61:97:65:
63:c1:3e:d5:ea:07:32:aa:36:9f:c4:4a:78:48:fd:a7:e2:a8:
a9:06:77:9c:f5:5d:08:17:12:01:34:0a:48:72:c6:a3:36:4b:
6f:ea:77:5a:87:ba:8b:9a:8f:df:ff:5d:ef:f9:ce:3f:01:28:
b1:fd:a5:92:e1:32:a3:6e:a7:75:58:83:f7:d9:07:4f:1f:ff:
1f:9a:38:29:56:e3:21:a2:4b:2e:76:7e:5f:61:63:08:06:2e:
20:f0:2b:4b:44:95:b1:89:3a:eb:09:b8:8c:9b:96:94:fb:20:
2b:ea:96:b9:f8:6e:6e:2a:f2:e5:e3:c7:19:43:b8:46:1c:a3:
1d:02:c2:7b:b1:52:0d:97:bd:8c:b6:5f:07:7f:ca:4e:92:60:
39:58:50:e9
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUXxKebR7gskqD7KOblL/XkBPPm7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcxOTQwMzJaFw0yNjAxMjYxOTQ1MzJaMDMxMTAvBgNV
BAMTKDc5MUI1MzUzMDc0QThERDYzQjBFMDcxRTZFQjY2NDA4NkU5ODk1OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCabBd2DzPpyx9ShN86dHOdd6kc
Ywoi6uEwC4gGXR3zPobWzCn+RuckEpHJ8DfidHJwUkw89F9b61LMY2B3plmrUMyK
PuHqkIo0jWq8RPf/4Wd/I1CtYhSSwcnxhzRRNq6XdG4RxsrWTTcFrWmM2seZrO7m
4dwpan7fqFwEte+P7Lw00Fw+9Z2wTAaoovIMUGcrB89Usg81a2lZxtGYbCWcY2yf
8NnJgkvZ/xf8X4K9ZZSC7xcJ3Vf931oCbCIRTuauYyyVlU83/paD4XqB3gUwVJWv
MUGySvgX9sMnNX4d4kJU/4hABKAvnOYOjvDhj32toU/5BpMS3MPuzthScSgfAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUeRtTUwdKjdY7DgcebrZkCG6YlYowHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNjMwLnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAuakCMA0GCSqGSIb3DQEBCwUAA4IBAQBqbLCucFi9HAvU+k86Z5wgLlqd+8B1
6BHuE22+AwCRtdXwsaf7r8HOpjFeRP4DlR0UL16QuKLjHfE20KMdL8GCPJCdZ/Bf
3N3tTfqz8BuUwQepYa5NJrUX01OQd/PTY/J23OxqMDeuI5Vhl2VjwT7V6gcyqjaf
xEp4SP2n4qipBnec9V0IFxIBNApIcsajNktv6ndah7qLmo/f/13v+c4/ASix/aWS
4TKjbqd1WIP32QdPH/8fmjgpVuMhoksudn5fYWMIBi4g8CtLRJWxiTrrCbiMm5aU
+yAr6pa5+G5uKvLl48cZQ7hGHKMdAsJ7sVINl72Mtl8Hf8pOkmA5WFDp
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:33 2025 by rpki-client