Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
File: 3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: rDwvcRmMq10vGvFQUnM4keFLEQAYnC3CNAHvbbyK8+k=
Subject key identifier: B3:E6:CD:EF:81:1A:4F:9D:3D:44:46:4B:15:DC:A1:DC:19:98:99:1F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30F5C11FA26957A09A6F968E3E37EF82D93C50D3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:15 +0000
ROA not before: Mon 27 Jan 2025 09:40:15 +0000
ROA not after: Mon 26 Jan 2026 09:45:15 +0000
asID: 47583
IP address blocks: 109.106.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:f5:c1:1f:a2:69:57:a0:9a:6f:96:8e:3e:37:ef:82:d9:3c:50:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:15 2025 GMT
Not After : Jan 26 09:45:15 2026 GMT
Subject: CN=B3E6CDEF811A4F9D3D44464B15DCA1DC1998991F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:eb:f1:ee:2b:86:37:ac:13:35:60:c6:03:0b:
ef:fb:3d:d8:bd:62:2d:b6:87:ab:c1:72:16:19:41:
7c:e1:f8:c2:b8:99:b2:0b:3c:74:ad:e3:df:8b:8a:
22:be:08:cf:9e:e3:00:77:4d:db:e6:3b:1a:b0:fb:
fe:3b:78:51:8a:53:b1:b2:0e:9a:d7:89:0c:9d:9a:
8a:59:d4:ae:08:1d:24:77:b3:bc:21:6b:3f:bc:ee:
42:f0:4a:fe:be:f4:bb:77:cc:45:7a:f5:21:98:09:
9d:ac:64:b1:ad:13:92:de:26:25:9a:29:aa:fb:c3:
f2:df:ea:73:fa:6e:28:f8:e0:9e:fe:6b:d5:8c:74:
9c:ad:40:61:07:cf:42:3d:ba:86:34:7c:2a:d9:10:
e3:5d:bd:cb:c3:0a:51:f5:1f:c3:43:f6:9b:35:e3:
6c:71:51:c3:ba:27:e3:67:bf:05:3e:d0:35:bd:84:
32:58:ea:e2:22:0f:eb:4a:2d:d8:9c:7b:47:47:86:
04:73:a2:56:89:e8:db:cb:1f:ce:cc:74:05:0b:ed:
3d:bf:fc:a6:a1:e8:22:2f:5e:da:94:16:c6:27:6f:
fd:fa:41:48:5f:0f:ec:6a:6d:c6:f6:24:0d:39:0a:
0c:3e:81:3d:50:68:85:f7:1c:50:c1:e1:5e:0b:ee:
b7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:E6:CD:EF:81:1A:4F:9D:3D:44:46:4B:15:DC:A1:DC:19:98:99:1F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.106.240.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:3d:bd:9a:97:1d:d4:3f:06:06:f0:51:2a:4c:a1:ea:d2:46:
43:b1:11:f5:7d:3b:f2:40:2d:2d:28:60:99:fd:41:79:da:33:
e1:56:8c:c2:63:de:25:21:f5:25:3d:84:85:40:8d:5a:4b:37:
73:7b:95:05:a4:36:94:dc:c6:75:8c:81:e0:91:68:0c:1e:47:
cd:38:4b:f8:09:f0:80:0f:bd:9a:5e:c9:7a:59:6b:1e:f5:93:
05:42:27:7f:f7:ef:ef:f9:e5:e8:9d:24:3e:ab:f5:81:ff:8e:
1b:0d:9b:59:dd:6e:bc:75:7a:6b:54:d2:3d:34:5b:6f:29:05:
14:30:46:a1:85:9b:fd:97:bb:cd:45:9c:cf:24:7a:22:65:55:
fc:93:4d:15:4f:3b:c5:68:c8:b1:c8:2f:62:a9:da:f8:fa:59:
a9:1d:76:5b:dd:a9:f2:6c:80:18:d8:78:ba:d6:32:dc:fe:40:
1c:37:4b:8c:8e:0e:d5:a8:8f:4e:90:54:6f:a4:a7:96:f4:ac:
77:26:98:a0:5d:3e:c8:fa:84:e0:24:a2:91:67:7a:f8:2e:4c:
23:91:3b:19:4c:44:0c:ee:1a:e9:b6:9c:23:33:ea:d7:80:fb:
76:39:82:5d:64:79:82:46:b1:3c:d1:38:cd:95:29:8a:2c:34:
ef:6e:bc:1a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMPXBH6JpV6Cab5aOPjfvgtk8UNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTVaFw0yNjAxMjYwOTQ1MTVaMDMxMTAvBgNV
BAMTKEIzRTZDREVGODExQTRGOUQzRDQ0NDY0QjE1RENBMURDMTk5ODk5MUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD6/HuK4Y3rBM1YMYDC+/7Pdi9
Yi22h6vBchYZQXzh+MK4mbILPHSt49+LiiK+CM+e4wB3TdvmOxqw+/47eFGKU7Gy
DprXiQydmopZ1K4IHSR3s7whaz+87kLwSv6+9Lt3zEV69SGYCZ2sZLGtE5LeJiWa
Kar7w/Lf6nP6bij44J7+a9WMdJytQGEHz0I9uoY0fCrZEONdvcvDClH1H8ND9ps1
42xxUcO6J+NnvwU+0DW9hDJY6uIiD+tKLdice0dHhgRzolaJ6NvLH87MdAUL7T2/
/Kah6CIvXtqUFsYnb/36QUhfD+xqbcb2JA05Cgw+gT1QaIX3HFDB4V4L7rf3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUs+bN74EaT509REZLFdyh3BmYmR8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMy
MzQzMDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BANtavAwDQYJKoZIhvcNAQELBQADggEBAEw9vZqXHdQ/BgbwUSpMoerSRkOxEfV9
O/JALS0oYJn9QXnaM+FWjMJj3iUh9SU9hIVAjVpLN3N7lQWkNpTcxnWMgeCRaAwe
R804S/gJ8IAPvZpeyXpZax71kwVCJ3/37+/55eidJD6r9YH/jhsNm1ndbrx1emtU
0j00W28pBRQwRqGFm/2Xu81FnM8keiJlVfyTTRVPO8VoyLHIL2Kp2vj6Wakddlvd
qfJsgBjYeLrWMtz+QBw3S4yODtWoj06QVG+kp5b0rHcmmKBdPsj6hOAkopFnevgu
TCOROxlMRAzuGum2nCMz6teA+3Y5gl1keYJGsTzROM2VKYosNO9uvBo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:03:30 2025 by rpki-client