Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
File: 3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: Xn7jxwv4x4Sprwv6PKGMf7Hh0hwgIpduFhEJQ/6eRf8=
Subject key identifier: 30:DE:24:A4:60:D7:A7:A9:7E:81:66:46:5B:BA:C5:8C:01:90:D0:25
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3257C42F0BCC68AF0AF262CE768F1FE0E292F4E0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:08 +0000
ROA not before: Mon 27 Jan 2025 09:40:08 +0000
ROA not after: Mon 26 Jan 2026 09:45:08 +0000
asID: 47583
IP address blocks: 185.210.144.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:57:c4:2f:0b:cc:68:af:0a:f2:62:ce:76:8f:1f:e0:e2:92:f4:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:08 2025 GMT
Not After : Jan 26 09:45:08 2026 GMT
Subject: CN=30DE24A460D7A7A97E8166465BBAC58C0190D025
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e4:f0:8d:47:13:51:e8:ad:bd:6f:e9:3d:71:
bb:e6:80:1b:8f:d0:5e:99:df:62:b2:38:ed:b9:d5:
c7:19:c8:ee:2e:1c:7e:36:7c:91:03:a2:21:5e:3d:
bd:f4:bc:1b:83:cc:06:10:9e:f2:31:65:a5:be:60:
36:fc:b8:18:9a:38:95:36:83:e1:db:fb:44:be:da:
20:14:73:5f:a4:bb:c0:35:51:6a:64:86:66:16:f2:
7f:5f:a2:f3:77:a6:08:ad:51:2d:1b:91:46:cf:ea:
9e:a6:88:73:c1:67:b9:95:05:a8:f7:ab:85:5e:bd:
bb:59:35:ef:16:ed:7b:0e:b6:90:f9:6f:ce:f3:d7:
08:dd:7a:24:70:17:7a:d0:b0:58:4d:3d:da:c9:20:
42:1a:f3:25:35:1d:c2:90:3a:93:f6:36:92:70:3f:
8d:d6:8c:58:10:b2:6f:3f:5d:75:6b:be:86:20:9f:
8c:73:55:41:dc:13:b5:6e:25:3d:b0:c3:07:2e:8c:
39:ef:83:9e:64:78:1b:3b:21:bb:19:00:67:04:12:
f2:c2:fd:d0:b9:7c:fd:ce:48:c4:d7:9f:63:7d:ac:
07:a4:c7:16:7b:b2:ce:5d:56:19:84:95:ee:e7:00:
df:85:60:43:c3:9b:d9:d0:98:b3:02:8e:58:24:5a:
65:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:DE:24:A4:60:D7:A7:A9:7E:81:66:46:5B:BA:C5:8C:01:90:D0:25
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231302e3134342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.144.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:32:55:8c:63:64:d7:39:07:c3:59:71:30:8f:ec:bf:6d:a2:
f4:a1:9b:a7:fe:96:b5:f4:57:ed:10:9e:9c:d8:38:29:b0:d1:
c6:66:18:e4:97:09:09:af:e5:72:9a:e4:45:b2:e0:a1:e9:69:
20:bb:d1:5a:8d:69:53:d5:ff:79:c2:48:ef:4b:04:27:32:e5:
09:a3:22:9d:52:76:79:6e:5e:bd:ac:8d:95:74:6c:36:30:60:
a8:0f:c8:df:69:22:1b:45:43:f1:72:88:fc:3e:11:3a:cd:11:
2c:b6:bb:cb:ca:d9:9b:b8:12:49:3e:9c:38:e6:da:c4:8b:37:
31:df:f5:c4:fb:d4:9a:9d:29:c4:45:22:8d:f5:b5:8f:43:a6:
e9:8f:e3:e6:57:56:52:96:71:2f:f7:68:fe:16:79:d2:79:b9:
c8:68:fb:37:11:0b:5d:0c:1b:52:fa:5b:1f:07:8f:c0:c3:1d:
2d:ab:f7:65:0e:5b:03:1e:fd:ef:0c:4f:30:e4:82:77:e4:e1:
74:f3:ec:4f:15:42:52:54:46:b4:b4:08:9d:ef:c2:04:1a:9c:
83:d6:54:7b:97:49:c1:34:a7:fa:ea:39:dd:c3:8e:7e:7e:5d:
b2:39:29:89:64:b8:f5:22:b7:48:1f:2d:74:c6:fb:26:97:3f:
96:d7:88:17
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMlfELwvMaK8K8mLOdo8f4OKS9OAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDhaFw0yNjAxMjYwOTQ1MDhaMDMxMTAvBgNV
BAMTKDMwREUyNEE0NjBEN0E3QTk3RTgxNjY0NjVCQkFDNThDMDE5MEQwMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh5PCNRxNR6K29b+k9cbvmgBuP
0F6Z32KyOO251ccZyO4uHH42fJEDoiFePb30vBuDzAYQnvIxZaW+YDb8uBiaOJU2
g+Hb+0S+2iAUc1+ku8A1UWpkhmYW8n9fovN3pgitUS0bkUbP6p6miHPBZ7mVBaj3
q4VevbtZNe8W7XsOtpD5b87z1wjdeiRwF3rQsFhNPdrJIEIa8yU1HcKQOpP2NpJw
P43WjFgQsm8/XXVrvoYgn4xzVUHcE7VuJT2wwwcujDnvg55keBs7IbsZAGcEEvLC
/dC5fP3OSMTXn2N9rAekxxZ7ss5dVhmEle7nAN+FYEPDm9nQmLMCjlgkWmXdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMN4kpGDXp6l+gWZGW7rFjAGQ0CUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzAyZTMx
MzQzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK50pAwDQYJKoZIhvcNAQELBQADggEBAB8yVYxjZNc5B8NZcTCP7L9tovShm6f+
lrX0V+0QnpzYOCmw0cZmGOSXCQmv5XKa5EWy4KHpaSC70VqNaVPV/3nCSO9LBCcy
5QmjIp1SdnluXr2sjZV0bDYwYKgPyN9pIhtFQ/FyiPw+ETrNESy2u8vK2Zu4Ekk+
nDjm2sSLNzHf9cT71JqdKcRFIo31tY9DpumP4+ZXVlKWcS/3aP4WedJ5ucho+zcR
C10MG1L6Wx8Hj8DDHS2r92UOWwMe/e8MTzDkgnfk4XTz7E8VQlJURrS0CJ3vwgQa
nIPWVHuXScE0p/rqOd3Djn5+XbI5KYlkuPUit0gfLXTG+yaXP5bXiBc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:07:07 2025 by rpki-client