Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
File: 3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: RPKzlInXRs7mM9bCn3mIMSQyzk3zejXZlCpUuE6pWNo=
Subject key identifier: 68:D8:85:AC:4B:07:DD:A9:9A:F1:45:9F:E3:34:8A:F9:A4:9E:20:91
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2D7140CE6BA8A4C55D61DE2C242AF21C7295913A
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
Signing time: Fri 27 Dec 2024 11:47:39 +0000
ROA not before: Fri 27 Dec 2024 11:42:39 +0000
ROA not after: Fri 26 Dec 2025 11:47:39 +0000
asID: 62240
IP address blocks: 213.109.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:71:40:ce:6b:a8:a4:c5:5d:61:de:2c:24:2a:f2:1c:72:95:91:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 27 11:42:39 2024 GMT
Not After : Dec 26 11:47:39 2025 GMT
Subject: CN=68D885AC4B07DDA99AF1459FE3348AF9A49E2091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bd:e2:3d:cc:ab:59:1c:4b:33:18:f3:88:26:
92:46:96:98:ab:1c:54:fa:ed:20:d8:57:13:30:ff:
71:df:7b:98:68:4e:14:46:6c:3c:3e:4a:da:df:7f:
c6:47:63:28:60:ae:24:6e:50:18:fc:cc:46:5c:4f:
e3:c8:5e:54:00:ba:87:5c:eb:dd:f2:a9:80:24:18:
b2:57:bc:9c:dc:de:b3:6b:73:52:6d:6c:f8:9a:23:
1d:2d:61:9a:46:63:37:3f:ca:89:21:72:bd:0c:3c:
1d:f5:96:3e:08:f8:2d:93:3c:51:39:b6:e4:ce:2d:
20:e7:58:2f:10:13:6d:4a:3a:95:8b:41:62:f9:15:
6f:97:4a:9f:01:6f:25:79:b9:a4:bb:f4:43:96:34:
02:bd:30:61:f1:97:71:f0:21:35:9e:81:93:1e:91:
5e:c8:b2:82:8e:38:c7:c9:8e:34:30:24:81:27:66:
3b:8d:2e:03:67:89:0e:1a:6c:30:b4:f8:25:f3:55:
49:5a:b4:ad:c2:a0:3c:23:8e:eb:4e:92:06:32:07:
02:7c:64:16:c1:88:20:53:e1:8e:87:1e:11:f7:c3:
e8:c8:58:ff:42:20:68:7f:19:6a:28:3f:1b:6d:c2:
e2:a4:64:b3:ee:7c:e9:f1:e3:8c:49:c4:d9:df:67:
2b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D8:85:AC:4B:07:DD:A9:9A:F1:45:9F:E3:34:8A:F9:A4:9E:20:91
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
51:7d:db:de:78:32:0c:e7:a3:6c:b0:c2:3a:d6:f9:96:d2:93:
a4:68:87:4b:45:40:b7:ed:2a:31:64:7f:bb:86:2b:32:91:f4:
e6:fd:48:94:a4:34:5e:45:e3:40:66:bb:18:1b:b8:cc:f4:83:
f8:e7:00:37:8c:7d:c2:9e:76:6b:1c:4b:6e:14:61:77:4d:cb:
23:46:63:41:d6:e9:24:4d:4b:6b:37:d0:5e:6c:4c:c6:70:55:
cc:15:1b:60:7b:23:9d:58:7c:17:29:08:ef:fb:dd:22:11:e0:
9c:c0:27:57:ba:04:78:54:7c:26:e4:a1:04:7e:19:20:9e:dd:
d0:cd:98:3f:b1:99:31:4c:c7:cc:b1:d6:93:9b:14:6a:19:ac:
f0:ef:2b:da:37:e8:c5:c0:3e:b9:dc:b2:68:42:57:32:e3:c9:
5b:38:fb:d5:ca:0b:65:92:87:20:42:83:6a:03:2d:e6:48:bc:
a4:9d:da:3c:d1:a8:13:b2:9a:23:a0:8a:ce:e6:32:1a:61:f8:
e0:af:31:38:c9:5a:ae:6b:5e:90:db:06:02:2e:4e:b0:13:da:
b8:81:50:34:04:cc:d9:47:a8:07:be:c8:09:29:0f:a4:f5:60:
fd:3e:97:35:a1:91:dc:fb:b1:6d:2a:8f:d3:e5:28:73:d3:d7:
37:48:99:c9
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIULXFAzmuopMVdYd4sJCryHHKVkTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjcxMTQyMzlaFw0yNTEyMjYxMTQ3MzlaMDMxMTAvBgNV
BAMTKDY4RDg4NUFDNEIwN0REQTk5QUYxNDU5RkUzMzQ4QUY5QTQ5RTIwOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrveI9zKtZHEszGPOIJpJGlpir
HFT67SDYVxMw/3Hfe5hoThRGbDw+Strff8ZHYyhgriRuUBj8zEZcT+PIXlQAuodc
693yqYAkGLJXvJzc3rNrc1JtbPiaIx0tYZpGYzc/yokhcr0MPB31lj4I+C2TPFE5
tuTOLSDnWC8QE21KOpWLQWL5FW+XSp8BbyV5uaS79EOWNAK9MGHxl3HwITWegZMe
kV7IsoKOOMfJjjQwJIEnZjuNLgNniQ4abDC0+CXzVUlatK3CoDwjjutOkgYyBwJ8
ZBbBiCBT4Y6HHhH3w+jIWP9CIGh/GWooPxttwuKkZLPufOnx44xJxNnfZyulAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUaNiFrEsH3ama8UWf4zSK+aSeIJEwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjMxMzMyZTMxMzAz
OTJlMzIzMDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMjMyMzQzMC5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEANVtyDANBgkqhkiG9w0BAQsFAAOCAQEAUX3b3ngyDOejbLDCOtb5ltKT
pGiHS0VAt+0qMWR/u4YrMpH05v1IlKQ0XkXjQGa7GBu4zPSD+OcAN4x9wp52axxL
bhRhd03LI0ZjQdbpJE1LazfQXmxMxnBVzBUbYHsjnVh8FykI7/vdIhHgnMAnV7oE
eFR8JuShBH4ZIJ7d0M2YP7GZMUzHzLHWk5sUahms8O8r2jfoxcA+udyyaEJXMuPJ
Wzj71coLZZKHIEKDagMt5ki8pJ3aPNGoE7KaI6CKzuYyGmH44K8xOMlarmtekNsG
Ai5OsBPauIFQNATM2UeoB77ICSkPpPVg/T6XNaGR3PuxbSqP0+Uoc9PXN0iZyQ==
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:28:51 2025 by rpki-client