Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: lcJsk/8XL4K8gU+bzT8mw7j0NM4qt4LjdhGe1zL2t1Y=
Subject key identifier: 30:6C:28:9D:1C:3C:88:59:25:0D:7C:95:BC:FF:9C:D3:9C:81:FE:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 463E6B38051BD039FED2999E02A1C04BDB4F4593
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:37 +0000
ROA not before: Sat 01 Feb 2025 22:40:37 +0000
ROA not after: Sat 31 Jan 2026 22:45:37 +0000
asID: 136787
IP address blocks: 156.67.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:3e:6b:38:05:1b:d0:39:fe:d2:99:9e:02:a1:c0:4b:db:4f:45:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:37 2025 GMT
Not After : Jan 31 22:45:37 2026 GMT
Subject: CN=306C289D1C3C8859250D7C95BCFF9CD39C81FE1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:60:56:c9:4e:12:4b:d9:f8:55:60:f6:e1:f9:
a8:8f:15:e5:56:8c:58:84:89:85:bc:78:b3:e3:c3:
67:37:93:4b:34:a0:1e:4f:72:ca:9a:54:9c:b8:c1:
dc:a6:5f:d8:29:65:eb:f5:58:8b:02:e5:e8:44:f6:
61:36:b3:ee:03:c0:7c:f2:09:b1:3e:dd:7d:fd:2b:
0b:01:ed:64:fe:06:e8:09:8c:9c:d8:d3:10:2e:2c:
50:ab:0b:50:0f:32:91:57:e3:70:01:0b:10:7e:49:
03:bb:58:f2:c9:df:5c:26:9b:b4:ca:ed:26:6c:33:
2a:ee:66:de:29:ef:95:ed:e4:be:87:51:5a:c7:b0:
18:dc:90:78:61:7c:1f:b0:7d:c6:6e:8a:25:33:19:
3a:ef:a8:c7:91:88:5a:e4:49:22:83:b6:5f:9a:fe:
be:a4:00:67:60:e4:bd:94:53:86:80:c9:a2:15:e6:
df:0d:a9:7a:03:75:06:f7:41:0b:5e:d9:05:72:47:
f2:50:30:c4:af:ae:80:8a:41:a8:56:bc:96:06:f5:
f4:57:24:28:24:e5:38:3a:1f:77:63:3e:53:26:0a:
89:e0:16:b6:27:f3:a5:fc:ab:34:6d:6e:55:62:15:
6e:86:42:c5:c6:d8:25:8b:ef:23:74:58:c4:b5:f1:
e3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:6C:28:9D:1C:3C:88:59:25:0D:7C:95:BC:FF:9C:D3:9C:81:FE:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.122.0/24
Signature Algorithm: sha256WithRSAEncryption
27:34:8a:74:82:0d:70:fa:ee:c5:ec:18:8d:56:85:bf:86:bb:
9f:81:6d:a4:81:49:24:96:84:7f:04:22:bc:d1:9a:58:56:79:
8b:98:a1:11:c7:e2:8b:0f:0f:7f:b4:33:51:f3:4f:78:0e:b2:
5b:42:b2:bc:52:e5:70:05:b0:ac:9e:db:e1:cd:31:13:66:cc:
4d:85:fe:1a:98:be:77:01:25:fa:3f:df:1c:79:2d:33:c3:d4:
3c:44:5a:a0:77:ec:cc:9f:44:41:0d:e1:fc:67:04:b7:f6:d6:
59:05:4b:14:79:c0:cb:28:f1:61:3e:4c:68:9b:0f:82:18:7b:
5b:3d:a4:24:d5:e3:fb:a2:06:ad:d7:f0:58:58:e5:03:32:95:
6c:39:b9:3b:bc:f3:66:f5:5f:e8:0c:2c:d5:bb:74:1f:20:5b:
dd:3f:b6:71:44:c1:c8:26:4d:29:13:a7:c1:c1:72:88:7a:7c:
7f:ee:ca:32:73:e2:8a:e2:d0:ac:0c:41:ae:70:24:44:ea:b8:
a7:ed:45:7a:62:06:39:39:44:f5:fd:e7:2c:ea:f2:f5:53:d9:
d3:a8:e1:09:55:02:3f:72:36:6b:a7:bb:69:99:43:a9:d8:f5:
29:65:1b:3a:11:fc:78:9d:10:bd:27:6f:61:f4:22:bc:91:08:
5a:28:2c:0f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURj5rOAUb0Dn+0pmeAqHAS9tPRZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzdaFw0yNjAxMzEyMjQ1MzdaMDMxMTAvBgNV
BAMTKDMwNkMyODlEMUMzQzg4NTkyNTBEN0M5NUJDRkY5Q0QzOUM4MUZFMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5YFbJThJL2fhVYPbh+aiPFeVW
jFiEiYW8eLPjw2c3k0s0oB5PcsqaVJy4wdymX9gpZev1WIsC5ehE9mE2s+4DwHzy
CbE+3X39KwsB7WT+BugJjJzY0xAuLFCrC1APMpFX43ABCxB+SQO7WPLJ31wmm7TK
7SZsMyruZt4p75Xt5L6HUVrHsBjckHhhfB+wfcZuiiUzGTrvqMeRiFrkSSKDtl+a
/r6kAGdg5L2UU4aAyaIV5t8NqXoDdQb3QQte2QVyR/JQMMSvroCKQahWvJYG9fRX
JCgk5Tg6H3djPlMmCongFrYn86X8qzRtblViFW6GQsXG2CWL7yN0WMS18eMRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMGwonRw8iFklDXyVvP+c05yB/howHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3owDQYJKoZIhvcNAQELBQADggEBACc0inSCDXD67sXsGI1Whb+Gu5+BbaSB
SSSWhH8EIrzRmlhWeYuYoRHH4osPD3+0M1HzT3gOsltCsrxS5XAFsKye2+HNMRNm
zE2F/hqYvncBJfo/3xx5LTPD1DxEWqB37MyfREEN4fxnBLf21lkFSxR5wMso8WE+
TGibD4IYe1s9pCTV4/uiBq3X8FhY5QMylWw5uTu882b1X+gMLNW7dB8gW90/tnFE
wcgmTSkTp8HBcoh6fH/uyjJz4ori0KwMQa5wJETquKftRXpiBjk5RPX95yzq8vVT
2dOo4QlVAj9yNmunu2mZQ6nY9SllGzoR/HidEL0nb2H0IryRCFooLA8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:05:43 2025 by rpki-client