Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230312e31302e302f32332d3234203d3e203437353833.roa
File: 3138352e3230312e31302e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: aWXotFGrY1vf7fTERSiXGnYF1O1M30Qu2KjHBtRzq9w=
Subject key identifier: C1:9F:25:68:75:71:51:E4:57:65:F3:71:32:6B:73:4A:F4:45:54:71
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3FF27D28AD66888E896024419EB6AFE583472C19
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230312e31302e302f32332d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:16 +0000
ROA not before: Mon 27 Jan 2025 09:40:16 +0000
ROA not after: Mon 26 Jan 2026 09:45:16 +0000
asID: 47583
IP address blocks: 185.201.10.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f2:7d:28:ad:66:88:8e:89:60:24:41:9e:b6:af:e5:83:47:2c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:16 2025 GMT
Not After : Jan 26 09:45:16 2026 GMT
Subject: CN=C19F2568757151E45765F371326B734AF4455471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:47:d3:24:68:6a:ad:04:78:f9:c6:ba:17:a9:
92:df:61:54:79:47:e1:8d:20:0b:b3:2a:84:be:24:
98:5b:d9:33:64:d4:ce:86:45:c8:bb:6b:a1:8f:1d:
d1:96:d0:1c:c2:a7:44:bb:4c:7b:69:96:44:56:73:
ff:b5:0b:47:cd:81:51:1a:37:94:38:b0:39:40:7d:
33:7d:21:b6:ce:e8:7c:cf:cc:02:f4:e8:49:2c:60:
38:2c:98:87:4a:6f:01:42:4d:24:31:ac:52:a5:15:
e5:7d:03:29:af:fb:7e:8e:45:89:3e:53:bc:8a:48:
58:68:4e:56:90:5d:8d:27:9f:22:45:a0:87:65:12:
8f:6d:2d:f7:db:31:5b:13:ff:a0:18:f6:7d:7b:24:
73:15:b5:0e:61:ca:35:e1:a7:12:30:f1:83:2e:9a:
9a:3c:30:a3:cc:63:da:46:6a:23:ba:4b:ab:62:28:
68:e2:27:04:52:2a:9f:ca:98:fa:88:af:1e:c9:17:
c4:aa:c9:b0:9d:46:ad:63:53:59:a6:d0:4e:da:8a:
ae:cd:85:4c:37:c1:8e:75:d2:6b:0e:9b:23:a9:6d:
6f:24:ee:00:23:61:d6:34:7d:93:1f:68:29:f1:20:
31:9f:cc:f0:4b:a1:67:22:06:8e:15:26:53:3d:69:
b0:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9F:25:68:75:71:51:E4:57:65:F3:71:32:6B:73:4A:F4:45:54:71
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230312e31302e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.10.0/23
Signature Algorithm: sha256WithRSAEncryption
78:dd:e4:6f:e1:2e:18:dd:ff:7d:a6:48:2b:1c:49:ae:f7:3b:
fa:f8:f0:af:ab:62:4e:26:ca:fb:b2:ce:56:7f:dc:fc:7c:6e:
4c:96:f4:7f:9e:03:c5:c9:51:1f:61:1c:19:7c:4c:9e:02:0d:
5a:03:e9:f6:26:70:4e:bc:bf:4e:89:6f:2d:c2:a5:23:3d:be:
58:4e:11:65:5d:54:b4:5f:36:c5:d8:96:5c:e9:b5:26:ca:2e:
73:13:f8:02:ee:b3:df:19:eb:9c:9f:87:90:c0:58:c1:8e:a7:
8e:0e:ff:a0:a5:15:ae:45:9b:60:80:5c:3e:94:da:77:da:21:
ee:ca:82:3a:70:05:b1:d2:59:1a:21:85:23:cc:51:b3:85:d6:
31:90:14:03:91:e6:43:4f:ad:94:f1:16:e6:94:20:a0:3a:72:
69:b0:2b:da:4c:13:4f:93:af:95:10:f1:23:d5:af:d1:71:ba:
70:98:43:78:e3:96:06:ed:56:2f:2b:10:80:52:ff:c1:16:77:
00:0e:ae:4b:3d:9f:1d:74:5e:ab:77:3c:cd:4a:2f:02:f3:8c:
88:d5:c7:f9:83:78:b3:92:5f:06:81:6e:e7:88:99:12:48:b0:
1d:ec:48:28:db:dd:63:29:ab:14:27:7b:98:ee:53:71:d4:54:
2c:2e:64:a6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUP/J9KK1miI6JYCRBnrav5YNHLBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTZaFw0yNjAxMjYwOTQ1MTZaMDMxMTAvBgNV
BAMTKEMxOUYyNTY4NzU3MTUxRTQ1NzY1RjM3MTMyNkI3MzRBRjQ0NTU0NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiR9MkaGqtBHj5xroXqZLfYVR5
R+GNIAuzKoS+JJhb2TNk1M6GRci7a6GPHdGW0BzCp0S7THtplkRWc/+1C0fNgVEa
N5Q4sDlAfTN9IbbO6HzPzAL06EksYDgsmIdKbwFCTSQxrFKlFeV9Aymv+36ORYk+
U7yKSFhoTlaQXY0nnyJFoIdlEo9tLffbMVsT/6AY9n17JHMVtQ5hyjXhpxIw8YMu
mpo8MKPMY9pGaiO6S6tiKGjiJwRSKp/KmPqIrx7JF8SqybCdRq1jU1mm0E7aiq7N
hUw3wY510msOmyOpbW8k7gAjYdY0fZMfaCnxIDGfzPBLoWciBo4VJlM9abAXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUwZ8laHVxUeRXZfNxMmtzSvRFVHEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzEyZTMx
MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
uckKMA0GCSqGSIb3DQEBCwUAA4IBAQB43eRv4S4Y3f99pkgrHEmu9zv6+PCvq2JO
Jsr7ss5Wf9z8fG5MlvR/ngPFyVEfYRwZfEyeAg1aA+n2JnBOvL9OiW8twqUjPb5Y
ThFlXVS0XzbF2JZc6bUmyi5zE/gC7rPfGeucn4eQwFjBjqeODv+gpRWuRZtggFw+
lNp32iHuyoI6cAWx0lkaIYUjzFGzhdYxkBQDkeZDT62U8RbmlCCgOnJpsCvaTBNP
k6+VEPEj1a/RcbpwmEN445YG7VYvKxCAUv/BFncADq5LPZ8ddF6rdzzNSi8C84yI
1cf5g3izkl8GgW7niJkSSLAd7Ego291jKasUJ3uY7lNx1FQsLmSm
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:07:14 2025 by rpki-client