Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137332e3232342e302f32342d3234203d3e203434353932.roa
File: 3138352e3137332e3232342e302f32342d3234203d3e203434353932.roa (raw, json)
Hash identifier: f5foXbWjH6gWIGK3cxbZPVVf/OW15a2nbGgq1ioWSYQ=
Subject key identifier: 7E:4B:AA:B2:6D:CA:B7:1A:78:44:8E:C8:F9:8B:EE:2F:E3:6E:38:AD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 728D05351BAA74F115AB7D12E27EBB155EDC832E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137332e3232342e302f32342d3234203d3e203434353932.roa
Signing time: Mon 27 Jan 2025 09:45:19 +0000
ROA not before: Mon 27 Jan 2025 09:40:19 +0000
ROA not after: Mon 26 Jan 2026 09:45:19 +0000
asID: 44592
IP address blocks: 185.173.224.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:8d:05:35:1b:aa:74:f1:15:ab:7d:12:e2:7e:bb:15:5e:dc:83:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:19 2025 GMT
Not After : Jan 26 09:45:19 2026 GMT
Subject: CN=7E4BAAB26DCAB71A78448EC8F98BEE2FE36E38AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ec:f6:ec:db:89:b9:5d:07:57:1b:65:e7:69:
ec:37:f7:fc:50:d1:e2:b7:7a:0e:7a:c1:88:52:27:
46:d2:43:de:63:9a:0a:52:46:e0:cd:55:09:15:61:
b3:b1:9d:c6:3f:61:ff:d8:c0:b0:24:a6:9e:43:45:
46:8d:ca:cb:ed:4f:be:ee:99:1d:8a:80:01:be:78:
a6:42:40:26:3f:69:8a:2c:44:35:bf:e9:41:c7:e9:
f0:19:77:e5:f3:40:b7:18:b9:ae:cb:a2:22:e6:2e:
e9:7f:cf:f4:8e:a5:f6:e3:19:23:60:1e:9f:e3:4f:
0f:5e:de:6c:a4:44:1f:63:c8:1d:00:51:ce:a6:01:
29:ab:2a:5b:3d:b5:37:5a:ca:d0:ed:ab:0a:a8:71:
e9:d8:81:5a:7d:bc:3d:e3:ce:4e:cf:aa:32:20:64:
38:e8:8f:7a:fc:47:f2:40:e0:74:9d:a9:35:63:e3:
f2:f7:67:b5:13:5b:c6:7b:86:73:78:dc:f8:d6:cd:
f5:b2:02:46:38:90:d5:4f:ea:9a:93:3f:09:fc:3d:
51:8e:0e:9c:2d:ee:95:8d:16:22:23:ad:bb:e6:6c:
c8:43:dc:12:b9:05:74:9f:81:01:7a:1e:6b:c9:bf:
d6:27:bf:58:fe:c3:43:11:84:b1:7a:86:1d:f9:16:
cd:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:4B:AA:B2:6D:CA:B7:1A:78:44:8E:C8:F9:8B:EE:2F:E3:6E:38:AD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3137332e3232342e302f32342d3234203d3e203434353932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.224.0/24
Signature Algorithm: sha256WithRSAEncryption
15:ca:2b:0b:c3:f9:17:86:46:7e:c2:23:56:63:43:bd:e1:07:
82:cb:31:c8:21:26:2e:41:1e:ee:9e:78:57:1c:71:5a:08:73:
f1:2b:aa:d2:14:39:c2:eb:ab:05:81:d3:ac:2a:8d:62:48:14:
1f:37:a8:e8:5c:c5:07:68:e7:12:8a:81:2b:15:38:1f:53:6e:
ab:ae:74:a7:1b:23:59:ec:1e:83:ee:3a:62:be:1e:f4:69:e7:
9c:57:2e:6d:fc:cd:44:d8:20:ba:06:51:ba:85:b5:a5:ce:e1:
f4:20:bd:2c:f2:3b:36:00:13:32:03:bb:a5:8a:89:02:a0:7f:
10:12:44:3f:3f:39:08:24:4e:2f:c9:49:a3:01:fb:15:0e:21:
ac:14:be:cf:bc:0d:82:35:65:da:83:a4:b1:c8:62:bf:ce:3f:
8a:35:c9:10:e5:00:94:6b:c9:ce:aa:ba:15:5e:f0:bd:70:8f:
56:32:2b:f0:c7:c6:74:f3:bd:a7:65:90:6c:aa:dd:75:7a:e2:
ce:86:12:f2:f9:47:dc:d4:77:17:2b:e9:da:d3:c4:b5:b7:6b:
92:f0:34:51:db:77:ef:ed:1b:a7:54:21:c3:82:24:91:4c:e8:
25:67:f6:dd:82:49:5a:b1:5b:d7:0a:25:a9:13:3d:b6:8b:b2:
90:01:12:4f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUco0FNRuqdPEVq30S4n67FV7cgy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTlaFw0yNjAxMjYwOTQ1MTlaMDMxMTAvBgNV
BAMTKDdFNEJBQUIyNkRDQUI3MUE3ODQ0OEVDOEY5OEJFRTJGRTM2RTM4QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv7Pbs24m5XQdXG2Xnaew39/xQ
0eK3eg56wYhSJ0bSQ95jmgpSRuDNVQkVYbOxncY/Yf/YwLAkpp5DRUaNysvtT77u
mR2KgAG+eKZCQCY/aYosRDW/6UHH6fAZd+XzQLcYua7LoiLmLul/z/SOpfbjGSNg
Hp/jTw9e3mykRB9jyB0AUc6mASmrKls9tTdaytDtqwqocenYgVp9vD3jzk7PqjIg
ZDjoj3r8R/JA4HSdqTVj4/L3Z7UTW8Z7hnN43PjWzfWyAkY4kNVP6pqTPwn8PVGO
Dpwt7pWNFiIjrbvmbMhD3BK5BXSfgQF6HmvJv9Ynv1j+w0MRhLF6hh35Fs03AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfkuqsm3Ktxp4RI7I+YvuL+NuOK0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM3MzMyZTMy
MzIzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzQzNTM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5reAwDQYJKoZIhvcNAQELBQADggEBABXKKwvD+ReGRn7CI1ZjQ73hB4LLMcgh
Ji5BHu6eeFcccVoIc/ErqtIUOcLrqwWB06wqjWJIFB83qOhcxQdo5xKKgSsVOB9T
bquudKcbI1nsHoPuOmK+HvRp55xXLm38zUTYILoGUbqFtaXO4fQgvSzyOzYAEzID
u6WKiQKgfxASRD8/OQgkTi/JSaMB+xUOIawUvs+8DYI1ZdqDpLHIYr/OP4o1yRDl
AJRryc6quhVe8L1wj1YyK/DHxnTzvadlkGyq3XV64s6GEvL5R9zUdxcr6drTxLW3
a5LwNFHbd+/tG6dUIcOCJJFM6CVn9t2CSVqxW9cKJakTPbaLspABEk8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:02:50 2025 by rpki-client