Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
File: 3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: mpeRiql6jXGD782i8i0uMeop39+2tnXQOX1x9mYnv1M=
Subject key identifier: E1:17:16:1C:F2:75:35:CC:A2:B2:73:33:97:0B:FD:83:4A:7B:1A:D4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38F8672540D3EC623DB1711DBBFA1F5ACDCDA639
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:36 +0000
ROA not before: Sat 01 Feb 2025 22:40:36 +0000
ROA not after: Sat 31 Jan 2026 22:45:36 +0000
asID: 136787
IP address blocks: 193.189.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:f8:67:25:40:d3:ec:62:3d:b1:71:1d:bb:fa:1f:5a:cd:cd:a6:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:36 2025 GMT
Not After : Jan 31 22:45:36 2026 GMT
Subject: CN=E117161CF27535CCA2B27333970BFD834A7B1AD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7d:7c:d3:ee:33:45:fe:dc:7e:13:43:e1:ed:
ea:17:06:f9:9e:fc:db:31:1b:40:42:6c:ce:12:c7:
e2:70:74:3b:70:5c:a4:da:04:db:13:dc:c9:58:9f:
c6:1e:5d:c0:ac:ff:27:17:ec:af:fb:19:93:7a:f4:
23:f8:0c:32:94:16:9e:1f:b8:da:c7:5a:a0:ea:d8:
96:87:f2:73:29:f5:0d:50:a6:45:9d:55:ea:92:81:
9a:a8:f6:e9:89:b1:de:bd:ad:9d:32:0c:0f:27:cb:
72:5f:27:f0:8b:de:50:58:d9:db:f3:2e:fb:da:97:
26:ab:f5:ee:1f:5a:68:55:b2:4f:c8:4e:ec:c2:07:
93:e2:c2:90:db:bd:4c:a3:58:7e:e6:b4:92:1e:3a:
26:7e:94:8f:ec:93:16:f4:40:ce:2c:2a:96:dc:20:
8a:af:9d:d0:de:79:24:71:4f:af:31:73:4b:0c:de:
b9:17:3d:67:7a:a7:c4:4d:79:96:47:ac:ac:cd:6f:
3b:ef:4e:04:1f:ff:30:0e:22:f0:af:16:69:30:75:
fb:25:cd:9b:0a:bc:06:03:ad:f7:5b:1f:e4:1d:05:
59:17:36:52:20:ef:d6:c5:d0:54:7d:b0:69:c3:ce:
67:8c:82:5b:d2:c7:55:a9:c1:c9:a6:39:64:ad:98:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:17:16:1C:F2:75:35:CC:A2:B2:73:33:97:0B:FD:83:4A:7B:1A:D4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139332e3138392e3130372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:82:82:10:fd:d1:b3:07:39:f6:f5:b4:81:a6:3d:62:e1:77:
e2:0e:cb:3c:6e:cd:5e:f0:81:62:29:c8:ba:21:ac:48:68:ee:
40:4d:8a:7b:d4:f9:c9:48:3d:83:5b:c3:85:ad:74:6a:40:ec:
c2:a1:c3:bc:e9:50:b8:79:7b:83:65:ff:5a:9e:2e:06:5e:7a:
05:f6:4a:28:37:37:a5:cb:65:0c:fe:f5:55:19:5c:70:47:dd:
b5:50:ac:3d:87:73:ef:e8:38:9c:5c:a3:f1:12:4f:95:76:5e:
9d:29:ca:d9:94:0a:62:3b:40:d7:39:e6:a7:f3:9c:7f:25:e2:
41:e5:ac:44:ee:a5:66:05:4c:88:a5:a4:66:56:88:d4:3f:a5:
bc:33:90:4b:5c:46:b8:f6:3a:85:bd:ef:61:df:41:96:7a:4e:
fa:b5:c9:89:0d:9a:a1:af:54:b8:be:38:1f:94:92:c8:7e:a7:
60:90:1f:18:58:e3:b2:3b:c1:00:df:92:ad:7c:a7:3e:9c:ae:
3e:f1:1d:bb:dd:9f:ea:a8:3a:ee:c8:5e:cb:e2:cb:18:80:8b:
99:24:6d:0f:87:28:d2:bd:a2:07:8a:80:6c:ae:3f:a2:5a:2d:
e7:3b:4a:d0:bf:5d:18:c8:33:0e:ab:1f:e3:48:17:b3:00:17:
4f:b1:f0:28
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOPhnJUDT7GI9sXEdu/ofWs3NpjkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzZaFw0yNjAxMzEyMjQ1MzZaMDMxMTAvBgNV
BAMTKEUxMTcxNjFDRjI3NTM1Q0NBMkIyNzMzMzk3MEJGRDgzNEE3QjFBRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfXzT7jNF/tx+E0Ph7eoXBvme
/NsxG0BCbM4Sx+JwdDtwXKTaBNsT3MlYn8YeXcCs/ycX7K/7GZN69CP4DDKUFp4f
uNrHWqDq2JaH8nMp9Q1QpkWdVeqSgZqo9umJsd69rZ0yDA8ny3JfJ/CL3lBY2dvz
Lvvalyar9e4fWmhVsk/ITuzCB5PiwpDbvUyjWH7mtJIeOiZ+lI/skxb0QM4sKpbc
IIqvndDeeSRxT68xc0sM3rkXPWd6p8RNeZZHrKzNbzvvTgQf/zAOIvCvFmkwdfsl
zZsKvAYDrfdbH+QdBVkXNlIg79bF0FR9sGnDzmeMglvSx1WpwcmmOWStmKfHAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU4RcWHPJ1NcyisnMzlwv9g0p7GtQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTMzMmUzMTM4MzkyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMG9azANBgkqhkiG9w0BAQsFAAOCAQEAG4KCEP3Rswc59vW0gaY9YuF34g7L
PG7NXvCBYinIuiGsSGjuQE2Ke9T5yUg9g1vDha10akDswqHDvOlQuHl7g2X/Wp4u
Bl56BfZKKDc3pctlDP71VRlccEfdtVCsPYdz7+g4nFyj8RJPlXZenSnK2ZQKYjtA
1znmp/OcfyXiQeWsRO6lZgVMiKWkZlaI1D+lvDOQS1xGuPY6hb3vYd9BlnpO+rXJ
iQ2aoa9UuL44H5SSyH6nYJAfGFjjsjvBAN+SrXynPpyuPvEdu92f6qg67shey+LL
GICLmSRtD4co0r2iB4qAbK4/olot5ztK0L9dGMgzDqsf40gXswAXT7HwKA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:28 2025 by rpki-client