Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
File: 3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa (raw, json)
Hash identifier: 3fRmHuamwMbW0wE9JzYCtVxyr+FJ55Fn8j1RwjRxPbI=
Subject key identifier: 0B:70:A4:53:DC:97:51:1C:E3:81:E6:C1:DE:EA:56:B6:CF:E1:77:28
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6085CA88ABAFB76B1E019E463404F78D192CECE4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
Signing time: Mon 03 Feb 2025 09:45:38 +0000
ROA not before: Mon 03 Feb 2025 09:40:38 +0000
ROA not after: Mon 02 Feb 2026 09:45:38 +0000
asID: 209854
IP address blocks: 185.209.222.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:85:ca:88:ab:af:b7:6b:1e:01:9e:46:34:04:f7:8d:19:2c:ec:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 3 09:40:38 2025 GMT
Not After : Feb 2 09:45:38 2026 GMT
Subject: CN=0B70A453DC97511CE381E6C1DEEA56B6CFE17728
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:1c:9a:b6:01:06:13:b0:54:c5:3d:6d:25:6b:
35:b4:e5:12:3d:91:32:77:54:82:b0:64:1a:9a:0f:
04:27:c3:61:83:e4:86:6a:1d:a1:1f:2b:a8:61:e1:
e0:5e:fa:89:7a:8b:aa:7d:10:82:40:da:aa:0a:27:
33:38:e7:cf:13:84:e4:40:5e:3d:1d:0d:c3:2a:db:
25:63:f5:97:69:e0:8e:4e:9a:db:e3:ef:73:a6:d1:
1b:d5:66:d5:da:85:d0:4f:fe:36:a0:26:7d:52:3e:
fb:e0:6e:2d:37:a6:a4:4c:61:13:b4:6e:c1:87:6a:
be:07:0a:5e:e3:b8:11:69:65:96:47:90:c8:6f:34:
c7:04:09:ca:c4:56:4e:e8:93:35:a8:49:53:6e:4d:
83:da:b8:0c:f8:86:ed:af:89:36:e0:49:8e:fb:10:
3c:f3:ef:1f:3c:1b:77:da:d9:1d:b8:65:a4:3a:e1:
05:1b:d7:04:4a:e8:63:2b:a5:d7:e2:ac:16:22:0f:
5f:79:3c:be:28:50:2c:14:76:e4:73:d6:7b:46:93:
3e:8e:dd:16:81:64:af:4f:16:72:d7:47:5b:79:cd:
c7:7b:c6:31:c3:06:c4:0f:9f:8a:06:de:3d:e7:0d:
9e:7c:8c:20:6a:7e:94:4c:90:0e:33:04:40:83:e2:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:70:A4:53:DC:97:51:1C:E3:81:E6:C1:DE:EA:56:B6:CF:E1:77:28
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
50:72:59:0b:a1:db:d8:21:86:0c:16:9c:02:bd:dd:44:88:fe:
06:43:79:e7:80:9f:72:0e:73:0f:93:24:5f:01:32:9c:93:60:
d7:f3:67:85:81:ad:03:6c:86:a5:a4:29:15:48:64:b3:e9:1d:
16:50:ee:08:0a:3b:cd:9c:28:3a:32:d2:4f:c5:47:95:8d:5b:
02:51:77:b7:e3:ec:42:60:23:9a:22:71:1c:07:57:ec:3b:89:
23:b8:ad:32:59:9f:eb:a0:00:f8:26:49:b9:d2:83:cf:bf:36:
8f:26:69:87:3b:69:73:f1:30:f7:3b:21:38:01:ef:a5:d9:56:
71:a9:26:68:1e:e6:b2:18:bd:c0:0a:5e:00:a5:2d:7d:b9:b3:
62:73:b4:c3:d2:8d:62:5d:21:36:91:9e:60:55:5c:0a:15:26:
91:0d:6a:15:48:9f:04:15:98:f5:bb:e7:f2:d1:ff:4e:aa:90:
f3:1b:32:fb:83:7e:d3:e5:e9:f7:4d:c6:62:61:2f:cc:c7:d3:
59:7c:ba:56:1a:3e:f6:49:69:2e:d5:29:d2:03:9b:4c:26:73:
2e:b3:7b:c3:01:7b:25:65:2b:a7:67:a8:d6:c2:60:1c:b2:ba:
57:39:2f:53:a0:19:05:64:12:df:b6:a0:4a:0d:13:b3:d2:e2:
ef:22:61:86
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUYIXKiKuvt2seAZ5GNAT3jRks7OQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDMwOTQwMzhaFw0yNjAyMDIwOTQ1MzhaMDMxMTAvBgNV
BAMTKDBCNzBBNDUzREM5NzUxMUNFMzgxRTZDMURFRUE1NkI2Q0ZFMTc3MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLHJq2AQYTsFTFPW0lazW05RI9
kTJ3VIKwZBqaDwQnw2GD5IZqHaEfK6hh4eBe+ol6i6p9EIJA2qoKJzM4588ThORA
Xj0dDcMq2yVj9Zdp4I5Omtvj73Om0RvVZtXahdBP/jagJn1SPvvgbi03pqRMYRO0
bsGHar4HCl7juBFpZZZHkMhvNMcECcrEVk7okzWoSVNuTYPauAz4hu2viTbgSY77
EDzz7x88G3fa2R24ZaQ64QUb1wRK6GMrpdfirBYiD195PL4oUCwUduRz1ntGkz6O
3RaBZK9PFnLXR1t5zcd7xjHDBsQPn4oG3j3nDZ58jCBqfpRMkA4zBECD4kztAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUC3CkU9yXURzjgebB3upWts/hdygwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3jANBgkqhkiG9w0BAQsFAAOCAQEAUHJZC6Hb2CGGDBacAr3dRIj+BkN5
54Cfcg5zD5MkXwEynJNg1/NnhYGtA2yGpaQpFUhks+kdFlDuCAo7zZwoOjLST8VH
lY1bAlF3t+PsQmAjmiJxHAdX7DuJI7itMlmf66AA+CZJudKDz782jyZphztpc/Ew
9zshOAHvpdlWcakmaB7mshi9wApeAKUtfbmzYnO0w9KNYl0hNpGeYFVcChUmkQ1q
FUifBBWY9bvn8tH/TqqQ8xsy+4N+0+Xp903GYmEvzMfTWXy6Vho+9klpLtUp0gOb
TCZzLrN7wwF7JWUrp2eo1sJgHLK6VzkvU6AZBWQS37agSg0Ts9Li7yJhhg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:28:31 2025 by rpki-client