Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
File: 3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa (raw, json)
Hash identifier: ZkTQBLA346l4G5RJM9SsB8U75ED/6p3t+uIEKH21dlY=
Subject key identifier: F8:D9:AF:B7:72:72:6D:DF:9B:AE:33:3D:05:61:3D:E4:D6:0C:71:F1
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 5F7719006DF74A4D1CD4D65F580171EE6DF453CB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 62240
IP address blocks: 185.169.255.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:77:19:00:6d:f7:4a:4d:1c:d4:d6:5f:58:01:71:ee:6d:f4:53:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=F8D9AFB772726DDF9BAE333D05613DE4D60C71F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:02:c1:c8:38:a0:b4:71:5e:11:04:89:c6:f4:
b8:c2:66:b9:42:48:25:fc:5d:95:61:c1:31:26:fa:
91:1c:2a:13:53:19:00:8c:89:f5:67:68:6a:a7:c9:
8a:63:4d:c1:85:67:31:ff:1c:0a:68:0a:1d:09:86:
ee:08:92:8d:bf:4f:3d:69:2e:a6:74:6e:74:e5:6c:
14:fc:7e:41:50:28:46:38:4d:1e:3d:85:93:57:3b:
50:49:cb:b0:5f:69:c4:3d:64:b8:7d:ec:21:5a:f2:
48:24:13:c4:7d:c0:82:dc:2a:7a:3b:2a:37:09:f8:
ea:2f:89:7c:6e:f2:2f:a7:7e:18:c6:65:05:9e:39:
de:f3:4f:2f:22:8e:8b:75:61:bb:56:9e:5d:29:0d:
dc:43:f2:e3:f1:8d:3a:f1:2b:e0:0d:e1:67:26:11:
69:40:c0:c8:f3:31:04:4f:6b:ee:d1:57:0c:b5:a9:
cd:ae:36:ad:17:b9:51:c3:f0:73:be:56:e7:f4:be:
1c:fd:b9:5a:15:3c:60:c6:2c:04:64:57:64:ec:22:
18:9f:e3:76:1d:67:00:52:63:98:0a:be:d6:2d:89:
e8:46:41:f6:f1:55:e1:2d:58:5d:4f:fb:5e:b9:e6:
10:29:ea:3b:f3:14:87:17:a4:a9:9b:b5:bb:ea:ac:
b3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:D9:AF:B7:72:72:6D:DF:9B:AE:33:3D:05:61:3D:E4:D6:0C:71:F1
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136392e3235352e302f32342d3332203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.255.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:73:e3:95:20:7e:85:00:25:58:d6:70:9b:2f:53:8e:9b:aa:
45:ac:92:98:d8:dc:56:de:22:e1:d6:3c:31:ad:0f:2c:0b:84:
ab:aa:2a:f6:de:da:f1:b5:ce:51:88:a6:5e:e0:1c:65:39:77:
2e:c2:d9:1b:aa:a7:97:05:c1:d0:e9:36:8c:40:ea:6a:25:3f:
2e:68:8e:08:84:0d:3a:2e:8d:d3:f4:f5:3e:d2:00:bc:7a:ab:
9f:54:ec:86:d7:10:ce:a1:8e:8f:0c:be:fc:09:9e:5a:e5:0a:
07:8c:56:28:20:cf:6f:29:33:e6:20:73:cf:fa:75:10:05:c2:
dc:08:27:25:b1:79:fc:b1:a1:98:85:38:22:ad:37:42:c9:c2:
6a:49:20:b5:f2:46:89:73:c5:dd:f3:70:c6:45:e7:b6:bf:0d:
a8:07:c4:8a:1a:a0:6d:d2:2e:10:4e:e1:5d:c7:05:07:57:20:
66:ce:cd:5b:27:c3:1f:39:08:f9:18:c1:51:49:33:00:a0:34:
6b:85:ac:23:e2:9f:26:79:ff:87:4f:0a:4a:05:9c:b0:e4:fb:
35:d9:00:b2:51:45:cb:9b:4c:bb:93:3d:3e:3b:47:25:0f:3d:
50:bd:e8:20:af:a1:c4:64:73:79:cc:46:8f:e6:7c:bc:d8:8a:
52:ce:99:be
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUX3cZAG33Sk0c1NZfWAFx7m30U8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKEY4RDlBRkI3NzI3MjZEREY5QkFFMzMzRDA1NjEzREU0RDYwQzcxRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeAsHIOKC0cV4RBInG9LjCZrlC
SCX8XZVhwTEm+pEcKhNTGQCMifVnaGqnyYpjTcGFZzH/HApoCh0Jhu4Iko2/Tz1p
LqZ0bnTlbBT8fkFQKEY4TR49hZNXO1BJy7BfacQ9ZLh97CFa8kgkE8R9wILcKno7
KjcJ+OoviXxu8i+nfhjGZQWeOd7zTy8ijot1YbtWnl0pDdxD8uPxjTrxK+AN4Wcm
EWlAwMjzMQRPa+7RVwy1qc2uNq0XuVHD8HO+Vuf0vhz9uVoVPGDGLARkV2TsIhif
43YdZwBSY5gKvtYtiehGQfbxVeEtWF1P+1655hAp6jvzFIcXpKmbtbvqrLMxAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU+Nmvt3Jybd+brjM9BWE95NYMcfEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
OTJlMzIzNTM1MmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzYzMjMyMzQzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmp/zANBgkqhkiG9w0BAQsFAAOCAQEAonPjlSB+hQAlWNZwmy9Tjpuq
RaySmNjcVt4i4dY8Ma0PLAuEq6oq9t7a8bXOUYimXuAcZTl3LsLZG6qnlwXB0Ok2
jEDqaiU/LmiOCIQNOi6N0/T1PtIAvHqrn1TshtcQzqGOjwy+/AmeWuUKB4xWKCDP
bykz5iBzz/p1EAXC3AgnJbF5/LGhmIU4Iq03QsnCakkgtfJGiXPF3fNwxkXntr8N
qAfEihqgbdIuEE7hXccFB1cgZs7NWyfDHzkI+RjBUUkzAKA0a4WsI+KfJnn/h08K
SgWcsOT7NdkAslFFy5tMu5M9PjtHJQ89UL3oIK+hxGRzecxGj+Z8vNiKUs6Zvg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:21:31 2025 by rpki-client