Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
File: 3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: TKp0DjRXssdZtr24HuXGatoN/wZkgAcWzfXrar5J9p4=
Subject key identifier: 88:16:B8:C2:A6:06:63:99:D0:41:6C:E8:CB:B2:3A:9E:ED:CA:56:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1DA6DCEC9439907905922B05D6FE1A713F4BDEB3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:10 +0000
ROA not before: Mon 27 Jan 2025 09:40:10 +0000
ROA not after: Mon 26 Jan 2026 09:45:10 +0000
asID: 51167
IP address blocks: 185.209.230.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:a6:dc:ec:94:39:90:79:05:92:2b:05:d6:fe:1a:71:3f:4b:de:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:10 2025 GMT
Not After : Jan 26 09:45:10 2026 GMT
Subject: CN=8816B8C2A6066399D0416CE8CBB23A9EEDCA56A8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:78:81:84:4e:7c:4d:91:04:ef:42:92:dd:b3:
4c:7f:ed:33:1a:9d:15:f4:8f:51:f9:dc:a9:b8:81:
b1:d6:bb:09:f6:a1:03:1a:77:64:7b:70:17:5d:d6:
35:3f:cb:41:98:0c:ac:22:3f:02:e7:1a:fa:c3:ba:
4e:59:96:92:ba:4f:d2:f6:75:4e:37:12:e2:f8:09:
fe:13:91:1c:7d:da:d5:55:3a:e8:75:6b:cf:b2:59:
ef:7b:c4:4a:c5:92:eb:33:97:d4:ab:1c:1d:c4:c5:
a5:53:49:27:fb:6a:09:d1:77:49:5b:c8:f5:74:99:
0b:30:be:8e:64:54:c8:50:82:8b:ff:84:55:4a:c7:
eb:b2:ff:4a:7a:42:47:74:15:a3:1f:da:4e:4d:d6:
f9:1c:de:03:95:44:27:f0:be:5e:41:56:dd:74:01:
f5:45:94:76:57:75:6d:e3:45:a8:15:b1:88:42:f2:
60:ba:40:a6:53:5b:0c:e6:5a:45:e6:da:74:06:41:
0a:77:11:39:a3:45:c8:70:6b:76:86:ad:39:98:29:
c2:6d:fd:98:84:b8:44:61:39:fa:91:84:35:e9:1d:
37:aa:8d:6e:54:62:25:a3:4b:18:01:c0:6c:93:c0:
05:be:f2:a7:c7:d3:d7:b2:61:9a:1e:95:24:ce:d1:
73:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:16:B8:C2:A6:06:63:99:D0:41:6C:E8:CB:B2:3A:9E:ED:CA:56:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3233302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.230.0/24
Signature Algorithm: sha256WithRSAEncryption
55:28:c5:99:b5:51:64:1d:ac:7a:91:1c:ec:23:c0:3a:88:1a:
6f:f4:d0:37:a6:22:af:2e:cd:36:70:63:f1:c6:44:96:a5:ab:
d1:7c:80:a3:76:83:48:f0:7f:26:50:e2:70:99:b5:b5:a1:13:
b2:8a:c0:ba:fa:9e:8e:fa:7e:91:d4:85:43:26:c2:8f:3b:53:
de:25:a4:89:65:32:f7:d2:4a:c8:45:9e:3f:f4:2a:e4:92:3a:
33:0b:67:56:a6:9b:5a:31:89:da:22:8d:02:6e:d8:cd:8d:f2:
98:ab:dc:ef:43:e2:61:00:7d:53:82:87:57:f3:2f:a1:b8:6a:
2c:10:6b:04:86:6e:fc:61:aa:06:20:ca:ee:aa:2d:fa:f8:12:
9b:07:16:b3:a1:03:ac:28:3a:44:3c:df:ac:53:31:ca:4a:e9:
82:45:c5:e5:f1:74:f5:d3:b9:dc:8c:ec:d4:c8:d6:0f:c4:72:
cf:d0:81:2a:b6:4d:77:50:61:68:3e:14:5f:5c:f4:ab:64:89:
01:93:fb:35:f6:41:20:88:14:fb:3c:4a:d2:9e:d0:37:12:4e:
59:26:78:ec:f1:f2:e1:cc:42:4f:e3:bf:e3:db:ae:0a:b3:0c:
a8:0c:6c:d7:1c:6f:ae:83:14:3f:01:56:ed:0b:13:6a:97:b5:
9e:d3:5e:8f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHabc7JQ5kHkFkisF1v4acT9L3rMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTBaFw0yNjAxMjYwOTQ1MTBaMDMxMTAvBgNV
BAMTKDg4MTZCOEMyQTYwNjYzOTlEMDQxNkNFOENCQjIzQTlFRURDQTU2QTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCheIGETnxNkQTvQpLds0x/7TMa
nRX0j1H53Km4gbHWuwn2oQMad2R7cBdd1jU/y0GYDKwiPwLnGvrDuk5ZlpK6T9L2
dU43EuL4Cf4TkRx92tVVOuh1a8+yWe97xErFkuszl9SrHB3ExaVTSSf7agnRd0lb
yPV0mQswvo5kVMhQgov/hFVKx+uy/0p6Qkd0FaMf2k5N1vkc3gOVRCfwvl5BVt10
AfVFlHZXdW3jRagVsYhC8mC6QKZTWwzmWkXm2nQGQQp3ETmjRchwa3aGrTmYKcJt
/ZiEuERhOfqRhDXpHTeqjW5UYiWjSxgBwGyTwAW+8qfH09eyYZoelSTO0XO1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiBa4wqYGY5nQQWzoy7I6nu3KVqgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzMzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50eYwDQYJKoZIhvcNAQELBQADggEBAFUoxZm1UWQdrHqRHOwjwDqIGm/00Dem
Iq8uzTZwY/HGRJalq9F8gKN2g0jwfyZQ4nCZtbWhE7KKwLr6no76fpHUhUMmwo87
U94lpIllMvfSSshFnj/0KuSSOjMLZ1amm1oxidoijQJu2M2N8pir3O9D4mEAfVOC
h1fzL6G4aiwQawSGbvxhqgYgyu6qLfr4EpsHFrOhA6woOkQ836xTMcpK6YJFxeXx
dPXTudyM7NTI1g/Ecs/QgSq2TXdQYWg+FF9c9KtkiQGT+zX2QSCIFPs8StKe0DcS
TlkmeOzx8uHMQk/jv+PbrgqzDKgMbNccb66DFD8BVu0LE2qXtZ7TXo8=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:27:52 2025 by rpki-client