Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232342e3133362e302f32322d3234203d3e203437353833.roa
File: 3138352e3232342e3133362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: cG8KBO7c8zKVW5Y4FndwG+UhLbf6tNQaJq9Hkj0nLeg=
Subject key identifier: B4:60:7B:53:54:90:63:3E:A4:B7:81:6D:1E:BD:3B:BE:1B:D4:DA:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 712D39E3DA2C1E8064CDF61A1B753F33240B9E2B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232342e3133362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:12 +0000
ROA not before: Mon 27 Jan 2025 09:40:12 +0000
ROA not after: Mon 26 Jan 2026 09:45:12 +0000
asID: 47583
IP address blocks: 185.224.136.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:2d:39:e3:da:2c:1e:80:64:cd:f6:1a:1b:75:3f:33:24:0b:9e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:12 2025 GMT
Not After : Jan 26 09:45:12 2026 GMT
Subject: CN=B4607B535490633EA4B7816D1EBD3BBE1BD4DAC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6c:d9:3b:29:82:a2:fb:11:15:53:54:90:39:
0f:f1:c4:88:16:4a:13:00:34:72:5a:d3:35:bc:cb:
da:14:7b:9a:4e:6c:33:52:c4:da:f3:c6:87:8b:22:
3f:9a:fc:ba:23:96:49:cf:f5:c4:18:78:29:e2:4f:
c5:8f:45:31:b2:33:d8:f7:25:d8:14:9d:5f:9b:87:
28:45:ce:80:40:f6:b2:46:66:d7:33:bb:c3:d3:13:
89:6f:1b:48:ae:72:bd:48:5b:17:2c:30:da:2c:20:
2d:a7:63:63:bb:d8:6c:3b:11:50:df:b7:3c:60:76:
bc:15:6a:81:ef:59:85:f7:2a:9a:85:97:be:f4:c6:
b6:c3:7f:f6:06:d1:cb:33:80:e5:8f:62:94:77:97:
b6:30:23:f1:8d:39:55:db:f2:59:75:3e:77:01:b2:
c7:d6:b8:f4:2e:bc:f9:0f:ca:15:ef:b2:86:cb:ab:
aa:75:8e:af:c1:73:f3:78:b8:f3:e0:30:cf:0a:bb:
c2:c6:25:14:8f:29:80:51:68:36:14:68:32:fb:51:
75:ef:c3:02:39:b5:c6:7d:c1:df:da:ea:97:52:9e:
90:4c:e9:e9:21:22:62:fe:b5:25:ae:93:77:e6:c3:
1d:8b:3f:b5:3f:92:ef:a5:ce:a9:4c:d7:03:d0:11:
f7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:60:7B:53:54:90:63:3E:A4:B7:81:6D:1E:BD:3B:BE:1B:D4:DA:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232342e3133362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.136.0/22
Signature Algorithm: sha256WithRSAEncryption
78:47:c6:88:4a:98:ba:3d:87:c3:ee:df:90:4a:13:b8:b9:5d:
36:fc:63:ff:0d:ab:f7:5d:74:fe:22:2b:86:fe:ee:e6:e4:9e:
54:52:b1:70:7e:94:09:05:de:dd:6a:f4:73:ff:eb:b3:c6:d0:
1e:2d:a9:79:fb:d6:18:57:b6:f6:b3:95:37:da:88:c3:76:eb:
c1:16:da:2e:da:dd:d3:6d:00:6d:61:ae:48:7c:ac:ee:2b:72:
4b:ec:3c:f2:91:4a:46:e3:a0:9f:c4:60:fd:c5:c5:e4:f8:83:
d7:62:d5:d4:df:df:93:58:82:4c:ca:05:ac:db:6b:b9:43:46:
5b:1b:6d:2d:5c:10:c9:1c:09:b2:93:9f:07:d7:7d:8a:4f:dc:
10:0e:1a:3f:46:81:b3:dd:9d:34:ad:ab:86:de:08:86:41:e1:
2a:c9:b3:42:c0:c3:0c:44:81:a8:e0:20:f5:43:4f:5e:8f:9f:
01:ad:5d:79:a6:0d:53:86:cb:dd:a7:db:2d:2f:5b:00:4f:28:
fe:a6:38:cf:bc:0c:22:5c:7f:b7:53:10:db:69:d8:21:5f:55:
bb:d3:83:d3:5c:5b:c8:fa:0d:ac:51:50:38:bb:46:5d:8b:40:
83:4c:23:24:d9:59:a8:d6:ab:cb:a9:08:86:93:1e:cb:2c:fe:
ff:6f:2a:27
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcS0549osHoBkzfYaG3U/MyQLniswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTJaFw0yNjAxMjYwOTQ1MTJaMDMxMTAvBgNV
BAMTKEI0NjA3QjUzNTQ5MDYzM0VBNEI3ODE2RDFFQkQzQkJFMUJENERBQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpbNk7KYKi+xEVU1SQOQ/xxIgW
ShMANHJa0zW8y9oUe5pObDNSxNrzxoeLIj+a/LojlknP9cQYeCniT8WPRTGyM9j3
JdgUnV+bhyhFzoBA9rJGZtczu8PTE4lvG0iucr1IWxcsMNosIC2nY2O72Gw7EVDf
tzxgdrwVaoHvWYX3KpqFl770xrbDf/YG0cszgOWPYpR3l7YwI/GNOVXb8ll1PncB
ssfWuPQuvPkPyhXvsobLq6p1jq/Bc/N4uPPgMM8Ku8LGJRSPKYBRaDYUaDL7UXXv
wwI5tcZ9wd/a6pdSnpBM6ekhImL+tSWuk3fmwx2LP7U/ku+lzqlM1wPQEfd5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtGB7U1SQYz6kt4FtHr07vhvU2sMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzQyZTMx
MzMzNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAK54IgwDQYJKoZIhvcNAQELBQADggEBAHhHxohKmLo9h8Pu35BKE7i5XTb8Y/8N
q/dddP4iK4b+7ubknlRSsXB+lAkF3t1q9HP/67PG0B4tqXn71hhXtvazlTfaiMN2
68EW2i7a3dNtAG1hrkh8rO4rckvsPPKRSkbjoJ/EYP3FxeT4g9di1dTf35NYgkzK
Bazba7lDRlsbbS1cEMkcCbKTnwfXfYpP3BAOGj9GgbPdnTStq4beCIZB4SrJs0LA
wwxEgajgIPVDT16PnwGtXXmmDVOGy92n2y0vWwBPKP6mOM+8DCJcf7dTENtp2CFf
VbvTg9NcW8j6DaxRUDi7Rl2LQINMIyTZWajWq8upCIaTHsss/v9vKic=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:04:54 2025 by rpki-client