Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
File: 3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: IRS1IU0uinoqCgEx9Bpr9YtA8qGys1BJWQ8qqssa5+c=
Subject key identifier: B1:BF:01:65:86:7E:03:72:9E:66:EE:71:37:E0:6C:6C:31:86:F4:50
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 341D1AD3385BCB8B8493CA7FB20A2F4C4A699419
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:04 +0000
ROA not before: Mon 27 Jan 2025 09:40:04 +0000
ROA not after: Mon 26 Jan 2026 09:45:04 +0000
asID: 51167
IP address blocks: 185.208.206.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:1d:1a:d3:38:5b:cb:8b:84:93:ca:7f:b2:0a:2f:4c:4a:69:94:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:04 2025 GMT
Not After : Jan 26 09:45:04 2026 GMT
Subject: CN=B1BF0165867E03729E66EE7137E06C6C3186F450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f1:1b:97:4f:2c:3f:86:fb:74:e5:b7:58:f7:
3d:9b:07:fa:2c:b9:16:ab:4c:23:70:d0:2b:4b:76:
8b:99:6e:1e:9e:bd:c5:5c:b7:06:dc:61:54:a1:79:
7b:6b:f8:b7:20:4e:46:4f:1e:aa:6f:fd:69:1f:5e:
a1:a4:ec:3e:ee:9e:bb:b9:34:e0:a6:d5:36:e2:8d:
55:60:5d:87:60:e3:41:7f:67:41:20:95:d0:69:e8:
26:0a:c9:44:c8:12:d3:ed:42:e4:b0:a7:81:14:c9:
db:df:53:26:34:25:21:c2:83:5a:76:36:05:bf:d0:
32:e7:b9:32:71:86:6b:25:9d:32:ca:ab:fd:ed:83:
a4:fa:f5:a1:92:0a:99:c5:b7:91:75:5b:c7:aa:89:
31:90:14:fb:ad:19:61:9c:22:b8:f3:ae:1b:b8:3a:
18:18:b6:1a:c8:1e:2f:16:3f:96:07:7b:df:e7:a0:
74:f8:ac:dc:29:39:08:9f:34:01:bd:89:50:13:6a:
b8:5b:87:60:84:4b:27:7b:97:8e:9f:de:f3:38:10:
a0:b8:da:20:88:e6:0a:55:76:d9:30:0a:84:5f:6d:
e8:49:d4:83:d7:c3:cb:cd:fa:d8:04:c4:89:eb:02:
b3:ed:f4:04:73:d8:58:3f:f8:80:67:36:14:9a:3d:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:BF:01:65:86:7E:03:72:9E:66:EE:71:37:E0:6C:6C:31:86:F4:50
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230382e3230362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.206.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:f9:e1:74:bc:c3:d0:14:d7:2e:a0:24:09:ff:1f:4b:b3:51:
01:4b:54:17:f4:56:d9:e4:cd:78:f9:aa:71:d3:ec:c0:52:c3:
a7:0e:86:6f:dc:3e:3f:22:b1:11:f0:a7:f6:ad:b0:7e:8d:69:
d6:b0:41:f9:7c:0e:41:95:71:0b:31:65:af:1f:a8:92:dc:0f:
54:97:15:bf:12:95:e7:0f:39:23:7e:17:bd:95:1e:ad:63:06:
53:15:a4:a1:1b:6b:f8:7b:fe:8a:20:88:61:d1:74:f8:48:06:
c8:60:3e:4a:e7:b6:93:64:51:ff:50:5e:d9:1f:4e:4f:de:59:
ad:ab:eb:46:f6:ac:3a:a8:f0:b9:5c:ed:e6:dd:73:39:94:41:
6e:de:7d:49:ec:9a:34:86:73:0e:f2:c9:92:76:5a:e0:23:b8:
c9:7a:d1:4a:db:08:2a:26:ba:96:81:56:73:2e:6c:7f:b3:d4:
b5:27:c7:83:5e:e3:d3:ad:38:f0:66:a4:eb:fb:33:e7:39:60:
bd:80:3c:f0:43:d7:b0:70:f5:61:70:a3:0e:2d:8a:d7:12:17:
45:33:ea:fa:ca:9f:ed:97:46:6f:62:55:ba:17:35:c4:2d:60:
2d:b3:23:f4:b5:87:cd:84:67:ab:72:b9:38:c8:4f:bf:4e:7b:
05:84:54:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNB0a0zhby4uEk8p/sgovTEpplBkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDRaFw0yNjAxMjYwOTQ1MDRaMDMxMTAvBgNV
BAMTKEIxQkYwMTY1ODY3RTAzNzI5RTY2RUU3MTM3RTA2QzZDMzE4NkY0NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj8RuXTyw/hvt05bdY9z2bB/os
uRarTCNw0CtLdouZbh6evcVctwbcYVSheXtr+LcgTkZPHqpv/WkfXqGk7D7unru5
NOCm1TbijVVgXYdg40F/Z0EgldBp6CYKyUTIEtPtQuSwp4EUydvfUyY0JSHCg1p2
NgW/0DLnuTJxhmslnTLKq/3tg6T69aGSCpnFt5F1W8eqiTGQFPutGWGcIrjzrhu4
OhgYthrIHi8WP5YHe9/noHT4rNwpOQifNAG9iVATarhbh2CESyd7l46f3vM4EKC4
2iCI5gpVdtkwCoRfbehJ1IPXw8vN+tgExInrArPt9ARz2Fg/+IBnNhSaPa5PAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUsb8BZYZ+A3KeZu5xN+BsbDGG9FAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzgyZTMy
MzAzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50M4wDQYJKoZIhvcNAQELBQADggEBAKH54XS8w9AU1y6gJAn/H0uzUQFLVBf0
VtnkzXj5qnHT7MBSw6cOhm/cPj8isRHwp/atsH6NadawQfl8DkGVcQsxZa8fqJLc
D1SXFb8SlecPOSN+F72VHq1jBlMVpKEba/h7/oogiGHRdPhIBshgPkrntpNkUf9Q
XtkfTk/eWa2r60b2rDqo8Llc7ebdczmUQW7efUnsmjSGcw7yyZJ2WuAjuMl60Urb
CComupaBVnMubH+z1LUnx4Ne49OtOPBmpOv7M+c5YL2APPBD17Bw9WFwow4titcS
F0Uz6vrKn+2XRm9iVboXNcQtYC2zI/S1h82EZ6tyuTjIT79OewWEVLI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:28:41 2025 by rpki-client