Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
File: 3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: KizjE/ycad1zIu3A2hVzqNrdeNoXsnWwfCKGgBP/4v4=
Subject key identifier: 7A:A3:94:15:60:82:EE:9E:97:D9:62:43:FD:C1:BC:43:02:4C:3A:A8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21283BD9B95FE1E6DAF0838B44F08C03381F338C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
Signing time: Wed 19 Mar 2025 13:45:53 +0000
ROA not before: Wed 19 Mar 2025 13:40:53 +0000
ROA not after: Wed 18 Mar 2026 13:45:53 +0000
asID: 203380
IP address blocks: 185.214.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:28:3b:d9:b9:5f:e1:e6:da:f0:83:8b:44:f0:8c:03:38:1f:33:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 19 13:40:53 2025 GMT
Not After : Mar 18 13:45:53 2026 GMT
Subject: CN=7AA394156082EE9E97D96243FDC1BC43024C3AA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:45:28:35:ba:49:c6:b4:46:57:53:be:37:40:
fe:1b:4c:62:3f:75:90:d0:b0:cb:75:ca:c5:6a:96:
b8:c8:82:25:13:71:91:fd:be:8e:55:94:a5:9f:f5:
59:07:e4:f0:ad:bd:ce:55:17:03:de:e4:3a:5a:74:
1d:b3:da:42:97:c5:d3:36:1e:4b:51:9a:1c:cb:10:
a2:b4:4a:54:ce:d2:f4:e5:35:a1:39:39:4f:8c:d2:
7c:e2:83:20:3c:de:1d:f4:1b:be:6c:8b:01:15:4e:
f4:39:f2:83:e3:e9:35:05:65:b1:36:24:a4:c4:c8:
8a:ec:a9:73:92:96:30:9c:14:9e:02:ec:0a:b0:61:
16:45:61:c7:6d:28:57:fe:62:ac:ff:59:6e:8a:9c:
b4:d9:db:c9:ad:ef:27:3e:7e:ea:88:32:75:07:16:
14:98:53:54:b2:e8:37:9d:d5:c6:2d:7a:c3:e0:38:
3d:24:e1:95:c4:c0:ca:82:e5:df:ce:d2:bf:19:a6:
59:38:b7:93:ce:13:65:93:24:d3:f7:11:89:dd:70:
0e:63:97:5f:32:51:97:af:d2:2e:48:49:76:21:97:
5f:b1:f5:80:20:ab:14:f7:df:ce:e1:ae:5c:47:60:
0b:17:82:76:5f:7a:e8:10:43:14:f2:52:ed:77:de:
87:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:A3:94:15:60:82:EE:9E:97:D9:62:43:FD:C1:BC:43:02:4C:3A:A8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231342e39392e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.99.0/24
Signature Algorithm: sha256WithRSAEncryption
84:50:45:a4:d2:3b:80:c3:0b:7e:a8:91:a5:0c:60:20:55:e6:
79:9c:d7:75:ae:b0:2a:9e:9f:09:3d:6b:30:8f:0f:cf:c8:0d:
bb:59:8f:b7:57:34:a5:dd:b8:41:75:e7:c5:e7:ca:0b:c0:24:
48:d5:92:bf:b6:09:47:fb:00:ab:bf:f0:37:4d:4c:18:13:3b:
ff:96:5e:49:e4:da:5a:9f:60:26:c7:18:e0:3e:74:7b:f1:0c:
2d:e8:c9:a3:7c:0c:74:9f:ef:3c:dc:11:9e:d3:a4:33:47:b7:
79:28:df:b4:2c:27:cc:84:bc:f9:df:9e:a3:37:60:9f:c7:8b:
25:3b:1f:b8:01:06:b5:be:fc:bc:df:f4:04:cd:f3:0a:ae:1d:
7c:a8:eb:55:4a:7d:6b:d0:b0:e6:85:81:78:1e:42:c9:5a:3e:
9c:3b:3e:34:a0:ea:be:b4:94:eb:9f:32:bb:01:49:ca:7b:e2:
d7:e7:42:aa:ec:67:6a:37:e9:38:21:62:d5:74:a6:78:cd:10:
90:4f:17:3a:84:0a:eb:f9:87:04:9b:a6:46:ad:af:16:f0:93:
68:56:06:bd:a8:7e:ed:f4:54:54:27:a1:00:c3:a7:67:87:da:
2c:c3:dd:ce:c6:80:12:cc:b7:75:d3:ab:e1:cd:81:3c:86:10:
04:77:71:57
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUISg72blf4eba8IOLRPCMAzgfM4wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMTkxMzQwNTNaFw0yNjAzMTgxMzQ1NTNaMDMxMTAvBgNV
BAMTKDdBQTM5NDE1NjA4MkVFOUU5N0Q5NjI0M0ZEQzFCQzQzMDI0QzNBQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4RSg1uknGtEZXU743QP4bTGI/
dZDQsMt1ysVqlrjIgiUTcZH9vo5VlKWf9VkH5PCtvc5VFwPe5DpadB2z2kKXxdM2
HktRmhzLEKK0SlTO0vTlNaE5OU+M0nzigyA83h30G75siwEVTvQ58oPj6TUFZbE2
JKTEyIrsqXOSljCcFJ4C7AqwYRZFYcdtKFf+Yqz/WW6KnLTZ28mt7yc+fuqIMnUH
FhSYU1Sy6Ded1cYtesPgOD0k4ZXEwMqC5d/O0r8Zplk4t5POE2WTJNP3EYndcA5j
l18yUZev0i5ISXYhl1+x9YAgqxT3387hrlxHYAsXgnZfeugQQxTyUu133odpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUeqOUFWCC7p6X2WJD/cG8QwJMOqgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzQyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzMzMzM4MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51mMwDQYJKoZIhvcNAQELBQADggEBAIRQRaTSO4DDC36okaUMYCBV5nmc13Wu
sCqenwk9azCPD8/IDbtZj7dXNKXduEF158XnygvAJEjVkr+2CUf7AKu/8DdNTBgT
O/+WXknk2lqfYCbHGOA+dHvxDC3oyaN8DHSf7zzcEZ7TpDNHt3ko37QsJ8yEvPnf
nqM3YJ/HiyU7H7gBBrW+/Lzf9ATN8wquHXyo61VKfWvQsOaFgXgeQslaPpw7PjSg
6r60lOufMrsBScp74tfnQqrsZ2o36TghYtV0pnjNEJBPFzqECuv5hwSbpkatrxbw
k2hWBr2ofu30VFQnoQDDp2eH2izD3c7GgBLMt3XTq+HNgTyGEAR3cVc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:19:41 2025 by rpki-client