Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
File: 3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa (raw, json)
Hash identifier: UI6DGlHw56numiwURv8/tx3KYH8v2/xi0AwgEb6/m1A=
Subject key identifier: 70:83:62:4F:BF:A4:C0:98:F0:BE:CE:D5:1C:3F:F0:B7:0B:16:C4:C9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 713D85C57C93AF4F1ACF46CDD5125DC1A9990913
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:16 +0000
ROA not before: Mon 27 Jan 2025 09:40:16 +0000
ROA not after: Mon 26 Jan 2026 09:45:16 +0000
asID: 40021
IP address blocks: 194.140.196.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:3d:85:c5:7c:93:af:4f:1a:cf:46:cd:d5:12:5d:c1:a9:99:09:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:16 2025 GMT
Not After : Jan 26 09:45:16 2026 GMT
Subject: CN=7083624FBFA4C098F0BECED51C3FF0B70B16C4C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:66:06:29:56:7e:f1:00:95:bf:a4:88:19:43:
38:5f:c1:af:5b:e8:91:2b:28:de:03:5b:e5:74:08:
94:8f:fa:69:4f:74:90:ab:2a:ca:34:72:fe:6d:09:
d5:1e:a2:3d:13:5a:e7:1b:67:82:1e:4b:31:c6:2e:
9d:81:ab:d6:d3:4d:3d:f2:a7:ef:f5:a7:2b:f5:ca:
c1:fd:c3:5a:ec:d1:52:10:ec:40:e8:af:e9:49:c9:
bd:08:46:54:60:ca:5f:84:36:5f:33:5d:32:a9:58:
85:77:ed:5b:5c:72:d7:29:44:82:83:3d:42:92:b9:
02:7b:93:b8:c9:f3:75:7b:9e:38:31:2d:4d:e7:22:
52:10:08:5e:c0:40:10:dc:22:db:20:60:93:0d:a4:
8d:62:7c:39:b9:63:2a:d8:f7:33:66:5f:d7:2a:6b:
30:a8:85:d4:27:4c:5a:a9:54:0f:d9:71:c5:87:e1:
33:86:d7:04:92:7f:e0:0a:29:c0:dc:5f:ea:b6:1c:
7c:83:ba:2a:f0:5c:ce:33:fe:f0:17:23:fb:4c:33:
c3:3d:b8:51:59:2a:8c:7e:80:cb:f3:ae:10:97:be:
c7:60:2e:91:95:78:18:7e:19:36:d2:53:3b:36:8b:
fb:76:6f:50:fb:74:c3:92:e4:51:f8:08:0e:f3:c8:
d0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:83:62:4F:BF:A4:C0:98:F0:BE:CE:D5:1C:3F:F0:B7:0B:16:C4:C9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.140.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:10:01:47:8c:b1:1e:06:93:56:50:0e:74:91:8f:e2:ad:e1:
0d:67:bc:3d:68:c5:b5:26:fb:15:01:cb:c3:9c:38:66:6f:49:
eb:4c:c5:e2:b9:f5:4a:27:b0:b7:5c:9f:d0:11:9f:be:45:09:
70:37:76:6f:b7:26:9d:9e:25:10:21:f4:cf:e6:40:3f:e2:3e:
09:e6:e4:ff:64:47:b3:db:9c:5e:f4:30:3c:8c:b7:ab:10:e8:
f3:c7:89:ca:ae:5f:f9:e4:0c:03:50:44:53:8c:2e:15:60:d5:
8f:37:c5:ab:ad:4f:a8:dd:c7:0f:08:65:ed:21:34:7c:a2:c3:
e8:62:49:7a:7a:09:5f:e8:06:eb:c8:d6:ea:bd:44:3c:39:2f:
2a:8d:c1:91:1e:fa:4c:03:53:88:70:e4:c8:52:3e:8c:15:b9:
3f:64:31:96:03:24:72:a2:f2:62:50:71:2f:9a:ca:02:68:45:
f3:83:5b:75:f8:73:56:57:1e:e7:09:33:2a:b7:2e:48:82:d5:
cc:29:b1:6c:0c:55:b6:37:91:2c:10:5a:bf:a6:94:6a:6d:b9:
e4:40:8c:a0:9f:4f:36:0a:82:3e:94:4b:db:c8:e8:d1:be:fa:
39:79:82:67:ac:fe:91:88:46:fa:c1:a2:65:bc:1c:e6:4e:e5:
aa:04:bf:3e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcT2FxXyTr08az0bN1RJdwamZCRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTZaFw0yNjAxMjYwOTQ1MTZaMDMxMTAvBgNV
BAMTKDcwODM2MjRGQkZBNEMwOThGMEJFQ0VENTFDM0ZGMEI3MEIxNkM0QzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlZgYpVn7xAJW/pIgZQzhfwa9b
6JErKN4DW+V0CJSP+mlPdJCrKso0cv5tCdUeoj0TWucbZ4IeSzHGLp2Bq9bTTT3y
p+/1pyv1ysH9w1rs0VIQ7EDor+lJyb0IRlRgyl+ENl8zXTKpWIV37VtcctcpRIKD
PUKSuQJ7k7jJ83V7njgxLU3nIlIQCF7AQBDcItsgYJMNpI1ifDm5YyrY9zNmX9cq
azCohdQnTFqpVA/ZccWH4TOG1wSSf+AKKcDcX+q2HHyDuirwXM4z/vAXI/tMM8M9
uFFZKox+gMvzrhCXvsdgLpGVeBh+GTbSUzs2i/t2b1D7dMOS5FH4CA7zyNDBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUcINiT7+kwJjwvs7VHD/wtwsWxMkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM0MzAyZTMx
MzkzNjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BALCjMQwDQYJKoZIhvcNAQELBQADggEBADoQAUeMsR4Gk1ZQDnSRj+Kt4Q1nvD1o
xbUm+xUBy8OcOGZvSetMxeK59UonsLdcn9ARn75FCXA3dm+3Jp2eJRAh9M/mQD/i
Pgnm5P9kR7PbnF70MDyMt6sQ6PPHicquX/nkDANQRFOMLhVg1Y83xautT6jdxw8I
Ze0hNHyiw+hiSXp6CV/oBuvI1uq9RDw5LyqNwZEe+kwDU4hw5MhSPowVuT9kMZYD
JHKi8mJQcS+aygJoRfODW3X4c1ZXHucJMyq3LkiC1cwpsWwMVbY3kSwQWr+mlGpt
ueRAjKCfTzYKgj6US9vI6NG++jl5gmes/pGIRvrBomW8HOZO5aoEvz4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:01:37 2025 by rpki-client