Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3138302e302f32342d3332203d3e203531313637.roa
File: 3138352e3231352e3138302e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: aYNK/24AH+8wKRKcKgQK3/nIx3GlGnetYAZp301KoZs=
Subject key identifier: AD:95:F6:AE:CB:04:C4:AC:5F:92:05:66:BC:C3:B2:33:E7:57:08:14
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 351CE9617B7FB819AAF944A508616B8C24B80D92
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3138302e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:02 +0000
ROA not before: Mon 27 Jan 2025 09:40:02 +0000
ROA not after: Mon 26 Jan 2026 09:45:02 +0000
asID: 51167
IP address blocks: 185.215.180.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:1c:e9:61:7b:7f:b8:19:aa:f9:44:a5:08:61:6b:8c:24:b8:0d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:02 2025 GMT
Not After : Jan 26 09:45:02 2026 GMT
Subject: CN=AD95F6AECB04C4AC5F920566BCC3B233E7570814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e8:e7:89:cd:d2:7c:3b:67:30:e1:3c:e7:5f:
a2:e4:c4:1f:f8:cd:f6:1b:38:3c:e3:68:81:64:db:
07:24:f7:c6:c1:f8:f2:96:c6:29:4a:ee:e8:ae:d5:
da:d0:08:1b:79:b7:9f:4e:0f:9f:aa:ff:53:d4:82:
c5:38:64:ac:d3:f7:6b:09:d2:98:2d:56:dc:f2:62:
c0:a9:e7:12:b5:a3:e6:45:3a:3c:10:69:85:d7:00:
83:fa:a2:75:28:66:73:23:00:67:1f:27:82:59:63:
2a:d8:8d:2c:4f:de:9c:6c:8d:0e:44:6d:6a:8e:a9:
32:d9:4a:53:b3:2e:e7:1c:74:fb:c1:16:05:60:d0:
ce:50:f3:05:53:bc:86:36:b6:53:35:80:db:42:e6:
b8:07:07:85:a3:6e:d1:33:0f:27:b4:99:54:b7:83:
5b:b0:cc:e4:5f:63:ac:88:af:bd:5a:c9:d2:51:81:
c7:27:85:53:fd:be:8c:57:23:ee:96:a9:0e:99:c9:
17:c4:40:bf:39:99:69:bf:a5:19:2b:a3:d8:0b:5b:
35:a9:32:36:0a:90:6e:48:46:5b:76:d8:ec:74:1d:
f4:70:b4:c5:bc:ab:a5:4f:2c:3c:31:f0:cf:0a:3a:
23:7c:8d:ba:38:47:5b:04:81:6e:53:80:57:97:76:
8f:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:95:F6:AE:CB:04:C4:AC:5F:92:05:66:BC:C3:B2:33:E7:57:08:14
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231352e3138302e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.180.0/24
Signature Algorithm: sha256WithRSAEncryption
72:99:5f:44:bb:f3:3a:01:a1:26:5b:41:cc:cf:14:9e:83:cd:
c1:c7:46:8d:7c:f7:05:73:46:ea:7c:29:ea:14:52:ae:06:17:
97:e6:e1:15:6c:a2:a0:bc:a6:48:e0:a6:68:90:71:11:0b:5c:
d5:66:84:22:f1:c9:21:ef:6b:93:cb:8e:be:72:c9:eb:8b:62:
08:3a:2b:40:a7:1a:70:f3:4a:d7:79:43:af:21:3a:3f:fd:d2:
e6:6f:8f:a4:54:78:5d:d4:ff:9a:31:9d:ae:6b:94:2a:21:fd:
a9:e5:0b:09:8e:cb:60:1c:f6:53:3c:72:9d:ff:98:98:ac:d9:
50:31:48:dc:7a:02:f5:02:1d:78:b9:8c:10:6e:c3:c0:b0:70:
1a:9a:76:d4:92:46:67:91:f2:5f:7f:27:ec:74:47:c3:60:aa:
1e:6e:fa:78:0e:31:08:63:56:00:a1:cd:37:26:53:8a:69:18:
ab:db:5c:48:d0:ea:64:e4:99:c4:87:67:6a:db:2e:84:ae:5c:
49:d9:2f:52:51:88:42:db:f6:cf:6c:42:36:1c:ba:9a:bf:70:
73:ab:0c:7b:bd:89:e9:d9:c0:b1:ba:28:47:68:19:d0:bc:44:
ec:18:d5:5c:c0:2d:8e:0c:e4:a7:e2:36:a1:5b:fb:5b:65:4e:
f7:e1:53:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNRzpYXt/uBmq+USlCGFrjCS4DZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDJaFw0yNjAxMjYwOTQ1MDJaMDMxMTAvBgNV
BAMTKEFEOTVGNkFFQ0IwNEM0QUM1RjkyMDU2NkJDQzNCMjMzRTc1NzA4MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp6OeJzdJ8O2cw4TznX6LkxB/4
zfYbODzjaIFk2wck98bB+PKWxilK7uiu1drQCBt5t59OD5+q/1PUgsU4ZKzT92sJ
0pgtVtzyYsCp5xK1o+ZFOjwQaYXXAIP6onUoZnMjAGcfJ4JZYyrYjSxP3pxsjQ5E
bWqOqTLZSlOzLuccdPvBFgVg0M5Q8wVTvIY2tlM1gNtC5rgHB4WjbtEzDye0mVS3
g1uwzORfY6yIr71aydJRgccnhVP9voxXI+6WqQ6ZyRfEQL85mWm/pRkro9gLWzWp
MjYKkG5IRlt22Ox0HfRwtMW8q6VPLDwx8M8KOiN8jbo4R1sEgW5TgFeXdo9dAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUrZX2rssExKxfkgVmvMOyM+dXCBQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzUyZTMx
MzgzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC517QwDQYJKoZIhvcNAQELBQADggEBAHKZX0S78zoBoSZbQczPFJ6DzcHHRo18
9wVzRup8KeoUUq4GF5fm4RVsoqC8pkjgpmiQcRELXNVmhCLxySHva5PLjr5yyeuL
Ygg6K0CnGnDzStd5Q68hOj/90uZvj6RUeF3U/5oxna5rlCoh/anlCwmOy2Ac9lM8
cp3/mJis2VAxSNx6AvUCHXi5jBBuw8CwcBqadtSSRmeR8l9/J+x0R8Ngqh5u+ngO
MQhjVgChzTcmU4ppGKvbXEjQ6mTkmcSHZ2rbLoSuXEnZL1JRiELb9s9sQjYcupq/
cHOrDHu9ienZwLG6KEdoGdC8ROwY1VzALY4M5KfiNqFb+1tlTvfhU/8=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:20:33 2025 by rpki-client