Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32312e302f32342d3332203d3e203531313637.roa
File: 3138352e3139362e32312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: uuO4UE2I6o/fh2mRBlY4NVn9NafHPQL5lnRQ2BeAHQ8=
Subject key identifier: 1C:A3:D0:83:93:53:8B:EA:93:65:8C:39:1F:81:8B:A9:1F:FF:35:96
Certificate issuer: /CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Certificate serial: 2244E0453292473199F2B463A61A4EBFC3F760CF
Authority key identifier: B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32312e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:35 +0000
ROA not before: Mon 26 Feb 2024 08:48:35 +0000
ROA not after: Mon 24 Feb 2025 08:53:35 +0000
asID: 51167
IP address blocks: 185.196.21.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:44:e0:45:32:92:47:31:99:f2:b4:63:a6:1a:4e:bf:c3:f7:60:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b97bcfac27bbaf19de1d31e53629726c1e4caaa2
Validity
Not Before: Feb 26 08:48:35 2024 GMT
Not After : Feb 24 08:53:35 2025 GMT
Subject: CN=1CA3D08393538BEA93658C391F818BA91FFF3596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:24:ba:64:66:6e:2e:ee:ea:cf:e9:1f:4f:8b:
e8:b6:52:fe:71:a7:2d:33:35:94:e3:da:3a:4a:43:
d5:da:97:88:72:d2:16:c6:0d:08:b3:16:4a:13:4b:
9d:2d:9a:fb:03:c2:af:7a:82:0c:6f:ab:a0:88:99:
fe:1f:80:93:b8:58:37:7d:ed:70:37:b2:d2:f8:bd:
a7:7a:5b:18:fe:b5:f1:42:30:78:36:09:da:04:f0:
2a:59:61:3b:24:05:bd:de:f6:e5:bd:24:12:63:e9:
e4:99:ce:66:cd:94:a3:7e:64:7c:1f:90:db:f5:68:
04:5e:27:91:fa:52:01:d5:1f:29:98:eb:c6:42:44:
47:20:90:a8:e1:fe:9f:4c:a3:ed:ed:40:fc:90:42:
4f:c4:c6:17:37:ab:d2:1b:a8:ec:3c:ad:c4:a6:24:
0f:87:1d:1a:58:0d:66:8f:7d:73:da:a3:2f:a7:c4:
22:30:bd:03:f4:ed:20:56:ed:2e:fe:53:7e:7e:92:
49:4f:92:6c:59:8b:e3:32:ee:a1:21:49:44:11:74:
cb:37:30:88:46:19:ce:74:12:6a:b0:ad:3a:12:af:
42:4f:0f:77:b8:b1:c4:bf:b2:be:9a:cf:28:9d:cd:
b2:22:36:be:36:96:ed:8d:a6:c9:24:37:23:bd:37:
ad:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A3:D0:83:93:53:8B:EA:93:65:8C:39:1F:81:8B:A9:1F:FF:35:96
X509v3 Authority Key Identifier:
keyid:B9:7B:CF:AC:27:BB:AF:19:DE:1D:31:E5:36:29:72:6C:1E:4C:AA:A2
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/B97BCFAC27BBAF19DE1D31E53629726C1E4CAAA2.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uXvPrCe7rxneHTHlNilybB5MqqI.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/3/3138352e3139362e32312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.21.0/24
Signature Algorithm: sha256WithRSAEncryption
62:17:c6:4a:49:53:f7:e2:33:0c:46:fd:62:0f:95:71:0a:4e:
e3:64:3b:2f:4c:85:af:80:fb:89:5d:95:66:ad:70:68:8f:ab:
46:66:c1:01:e3:f0:a7:fe:0e:a0:98:cf:3e:8e:5b:30:3d:81:
6c:95:2d:e7:0b:88:2f:f9:de:2b:ba:96:be:c7:bc:03:b7:08:
79:40:f5:fd:bc:64:58:ef:d4:04:e9:d8:07:28:1e:4c:45:ba:
2a:2e:3e:12:55:b9:3c:40:9a:2f:cf:71:93:97:df:40:ab:56:
96:1c:f7:87:af:57:56:69:58:e8:fc:ea:04:4d:bc:a6:6d:1f:
4d:43:0b:1f:cf:2d:0b:20:d8:60:8c:7f:a3:9e:81:57:7a:40:
2d:36:7c:a5:e4:06:c2:f3:45:ca:22:fc:94:cb:73:47:94:61:
03:64:91:db:17:2a:a2:c8:c0:ad:38:40:d1:26:41:28:1c:ea:
9a:03:b1:bd:8a:3c:07:49:5f:f1:54:3d:40:8a:b7:25:d7:8f:
fa:87:c6:65:0c:a1:2e:36:9d:56:41:b3:8c:ba:78:67:58:4e:
1e:68:82:89:da:e4:89:e8:0c:2f:62:46:81:06:89:7e:57:71:
8a:33:40:31:6b:ed:93:79:b2:bb:4b:b0:f8:18:9d:98:94:16:
c8:d8:21:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIkTgRTKSRzGZ8rRjphpOv8P3YM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjk3YmNmYWMyN2JiYWYxOWRlMWQzMWU1MzYyOTcyNmMx
ZTRjYWFhMjAeFw0yNDAyMjYwODQ4MzVaFw0yNTAyMjQwODUzMzVaMDMxMTAvBgNV
BAMTKDFDQTNEMDgzOTM1MzhCRUE5MzY1OEMzOTFGODE4QkE5MUZGRjM1OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdJLpkZm4u7urP6R9Pi+i2Uv5x
py0zNZTj2jpKQ9Xal4hy0hbGDQizFkoTS50tmvsDwq96ggxvq6CImf4fgJO4WDd9
7XA3stL4vad6Wxj+tfFCMHg2CdoE8CpZYTskBb3e9uW9JBJj6eSZzmbNlKN+ZHwf
kNv1aAReJ5H6UgHVHymY68ZCREcgkKjh/p9Mo+3tQPyQQk/Exhc3q9IbqOw8rcSm
JA+HHRpYDWaPfXPaoy+nxCIwvQP07SBW7S7+U35+kklPkmxZi+My7qEhSUQRdMs3
MIhGGc50EmqwrToSr0JPD3e4scS/sr6azyidzbIiNr42lu2NpskkNyO9N60zAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHKPQg5NTi+qTZYw5H4GLqR//NZYwHwYDVR0j
BBgwFoAUuXvPrCe7rxneHTHlNilybB5MqqIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzMvQjk3QkNGQUMyN0JCQUYxOURFMUQzMUU1MzYyOTcyNkMxRTRDQUFBMi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3VYdlByQ2U3cnhuZUhUSGxOaWx5YkI1
TXFxSS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzMvMzEzODM1MmUzMTM5MzYyZTMy
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucQVMA0GCSqGSIb3DQEBCwUAA4IBAQBiF8ZKSVP34jMMRv1iD5VxCk7jZDsvTIWv
gPuJXZVmrXBoj6tGZsEB4/Cn/g6gmM8+jlswPYFslS3nC4gv+d4rupa+x7wDtwh5
QPX9vGRY79QE6dgHKB5MRboqLj4SVbk8QJovz3GTl99Aq1aWHPeHr1dWaVjo/OoE
TbymbR9NQwsfzy0LINhgjH+jnoFXekAtNnyl5AbC80XKIvyUy3NHlGEDZJHbFyqi
yMCtOEDRJkEoHOqaA7G9ijwHSV/xVD1Aircl14/6h8ZlDKEuNp1WQbOMunhnWE4e
aIKJ2uSJ6AwvYkaBBol+V3GKM0Axa+2TebK7S7D4GJ2YlBbI2CGF
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:24 2025 by rpki-client