Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/189/33372e31362e38392e302f32342d3234203d3e20323035363539.roa
File: 33372e31362e38392e302f32342d3234203d3e20323035363539.roa (raw, json)
Hash identifier: 6QRhHbC8A6tvkoInC0OAQAidq/KLzHjtVgzI9mMUm4k=
Subject key identifier: 41:66:28:AA:94:52:3C:55:8B:9A:1D:BB:41:E9:B7:44:F3:2F:F5:80
Certificate issuer: /CN=b056811cb944a23c757f57affd483c6fcfb80119
Certificate serial: 200E6A282308E420DD87CFFB20043FC9C4B678E8
Authority key identifier: B0:56:81:1C:B9:44:A2:3C:75:7F:57:AF:FD:48:3C:6F:CF:B8:01:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFaBHLlEojx1f1ev_Ug8b8-4ARk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/189/33372e31362e38392e302f32342d3234203d3e20323035363539.roa
Signing time: Mon 27 Jan 2025 09:44:55 +0000
ROA not before: Mon 27 Jan 2025 09:39:55 +0000
ROA not after: Mon 26 Jan 2026 09:44:55 +0000
asID: 205659
IP address blocks: 37.16.89.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0e:6a:28:23:08:e4:20:dd:87:cf:fb:20:04:3f:c9:c4:b6:78:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b056811cb944a23c757f57affd483c6fcfb80119
Validity
Not Before: Jan 27 09:39:55 2025 GMT
Not After : Jan 26 09:44:55 2026 GMT
Subject: CN=416628AA94523C558B9A1DBB41E9B744F32FF580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ce:d8:62:82:19:83:86:8a:ae:aa:85:a0:2c:
77:5e:23:65:d5:82:04:fb:7a:32:0b:a0:00:84:60:
d7:31:1b:eb:5f:78:77:12:29:54:b3:11:12:cb:84:
cb:85:2a:c5:4e:43:97:0c:bd:0b:cb:0b:47:a4:77:
46:d9:be:c3:33:cc:9c:f3:62:93:fa:ad:f1:9f:1e:
00:58:29:99:ac:5b:fe:01:37:22:98:5b:29:4c:8d:
b2:fd:f7:dd:66:93:7f:f2:f9:e3:f8:5d:8c:65:4c:
8e:f8:e3:19:ba:66:69:17:87:59:d6:0a:d3:3e:99:
d0:2f:a9:8a:65:c3:99:41:f9:ed:5a:7e:e1:f9:f2:
99:29:24:24:06:42:55:7a:2b:e1:a1:f1:dd:77:a5:
31:30:b4:3f:c0:a8:ed:a3:b7:d1:c7:37:07:49:f1:
31:76:cb:e0:6b:40:aa:fc:06:51:d9:6b:1c:4e:05:
c3:ba:f6:cc:04:c5:e4:9d:68:cf:a3:b6:95:ce:fd:
64:06:37:f9:d0:bf:ce:50:0d:0c:3c:e3:cb:c4:70:
ac:9b:fa:2c:b7:7c:40:2c:9d:ff:0f:ef:70:40:d1:
29:b7:a4:67:43:86:3c:78:2f:de:16:d5:5e:4e:0c:
b9:02:14:bc:94:2d:50:70:54:01:d4:5f:77:11:2a:
be:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:66:28:AA:94:52:3C:55:8B:9A:1D:BB:41:E9:B7:44:F3:2F:F5:80
X509v3 Authority Key Identifier:
keyid:B0:56:81:1C:B9:44:A2:3C:75:7F:57:AF:FD:48:3C:6F:CF:B8:01:19
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/189/B056811CB944A23C757F57AFFD483C6FCFB80119.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFaBHLlEojx1f1ev_Ug8b8-4ARk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/189/33372e31362e38392e302f32342d3234203d3e20323035363539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.89.0/24
Signature Algorithm: sha256WithRSAEncryption
52:74:6b:79:5f:24:26:d9:6a:6c:b3:7c:ab:6e:e7:71:bd:7a:
22:24:b5:15:17:fe:55:05:33:aa:ac:c3:71:46:be:80:b3:7c:
a2:ea:45:d7:67:ec:2f:4c:a0:e8:40:f0:63:93:64:ef:e8:e2:
7a:fc:ee:02:29:0f:84:42:c9:24:61:3c:04:78:92:7e:bc:08:
37:56:ff:55:e8:e7:2c:65:0d:04:89:a5:ef:13:d7:c0:c4:23:
35:df:eb:4a:d2:13:0c:f6:bc:f1:5b:d9:7a:f2:bf:a6:67:34:
70:d0:eb:ed:a0:6f:ab:b7:a2:86:f6:33:9f:5e:42:a4:4a:04:
62:e3:51:ed:8a:da:cb:47:12:e2:27:0a:5b:60:ae:30:d5:f3:
dd:14:f1:b3:72:db:7a:8e:d6:f1:9b:5e:e7:8e:6d:6d:37:26:
66:83:da:31:27:e9:64:a9:c9:35:e2:bd:01:51:55:00:d3:6f:
80:0e:34:87:fb:30:32:88:71:52:93:f9:c3:ab:b4:47:ac:11:
24:92:4e:b9:2d:01:46:6d:c5:06:97:92:46:4b:7c:08:26:25:
23:3b:7d:06:c1:6b:32:d9:87:5f:f0:b1:52:9e:32:a4:87:2a:
fd:28:50:90:b2:b9:18:f9:4c:fc:ca:4b:f1:2e:78:a5:76:44:
26:60:e7:ad
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUIA5qKCMI5CDdh8/7IAQ/ycS2eOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjA1NjgxMWNiOTQ0YTIzYzc1N2Y1N2FmZmQ0ODNjNmZj
ZmI4MDExOTAeFw0yNTAxMjcwOTM5NTVaFw0yNjAxMjYwOTQ0NTVaMDMxMTAvBgNV
BAMTKDQxNjYyOEFBOTQ1MjNDNTU4QjlBMURCQjQxRTlCNzQ0RjMyRkY1ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8zthighmDhoquqoWgLHdeI2XV
ggT7ejILoACEYNcxG+tfeHcSKVSzERLLhMuFKsVOQ5cMvQvLC0ekd0bZvsMzzJzz
YpP6rfGfHgBYKZmsW/4BNyKYWylMjbL9991mk3/y+eP4XYxlTI744xm6ZmkXh1nW
CtM+mdAvqYplw5lB+e1afuH58pkpJCQGQlV6K+Gh8d13pTEwtD/AqO2jt9HHNwdJ
8TF2y+BrQKr8BlHZaxxOBcO69swExeSdaM+jtpXO/WQGN/nQv85QDQw848vEcKyb
+iy3fEAsnf8P73BA0Sm3pGdDhjx4L94W1V5ODLkCFLyULVBwVAHUX3cRKr7rAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUQWYoqpRSPFWLmh27Qem3RPMv9YAwHwYDVR0j
BBgwFoAUsFaBHLlEojx1f1ev/Ug8b8+4ARkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xODkvQjA1NjgxMUNCOTQ0QTIzQzc1N0Y1N0FGRkQ0ODNDNkZDRkI4MDEx
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NGYUJITGxFb2p4MWYxZXZfVWc4
YjgtNEFSay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE4OS8zMzM3MmUzMTM2MmUz
ODM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM1MzYzNTM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAJRBZMA0GCSqGSIb3DQEBCwUAA4IBAQBSdGt5XyQm2Wpss3yrbudxvXoiJLUV
F/5VBTOqrMNxRr6As3yi6kXXZ+wvTKDoQPBjk2Tv6OJ6/O4CKQ+EQskkYTwEeJJ+
vAg3Vv9V6OcsZQ0EiaXvE9fAxCM13+tK0hMM9rzxW9l68r+mZzRw0OvtoG+rt6KG
9jOfXkKkSgRi41HtitrLRxLiJwpbYK4w1fPdFPGzctt6jtbxm17njm1tNyZmg9ox
J+lkqck14r0BUVUA02+ADjSH+zAyiHFSk/nDq7RHrBEkkk65LQFGbcUGl5JGS3wI
JiUjO30GwWsy2Ydf8LFSnjKkhyr9KFCQsrkY+Uz8ykvxLnildkQmYOet
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:12 2025 by rpki-client