Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
File: 3139342e3136332e34342e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: UdlqSyXPo97WNBWqewO0h+yXRGQDMJFM8aJn8O96eIg=
Subject key identifier: 5A:00:BE:4C:8E:32:F0:1B:16:81:BA:1A:5D:58:DF:6A:B7:B9:4A:DA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 587B0B19FA2F5F39D0515A8699DAC283822C96D8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:45:09 +0000
ROA not before: Mon 27 Jan 2025 09:40:09 +0000
ROA not after: Mon 26 Jan 2026 09:45:09 +0000
asID: 47583
IP address blocks: 194.163.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:7b:0b:19:fa:2f:5f:39:d0:51:5a:86:99:da:c2:83:82:2c:96:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:09 2025 GMT
Not After : Jan 26 09:45:09 2026 GMT
Subject: CN=5A00BE4C8E32F01B1681BA1A5D58DF6AB7B94ADA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ce:c5:38:b7:e5:aa:9d:ad:e6:78:46:b5:9b:
1b:1a:49:6b:7b:4e:f7:b2:74:46:db:ce:65:df:d1:
89:6e:ec:5d:6f:7e:97:e0:5f:c1:52:b2:6e:a1:c1:
d0:51:d3:ba:16:be:3f:58:66:cb:61:a4:66:83:95:
55:9f:65:8c:b0:89:36:00:57:9f:db:c4:00:d4:3f:
29:40:28:d5:71:d8:eb:06:52:fc:e0:c7:b3:81:27:
d3:5d:15:a9:df:5d:35:49:9c:40:38:8d:35:a4:9c:
d4:c6:6c:ee:3e:2d:48:39:64:9e:f1:d6:df:ed:46:
d0:1f:7f:77:95:5f:9a:bb:28:ad:dd:10:97:75:8d:
50:e8:0f:62:87:87:df:fb:84:52:64:d2:ac:29:f3:
31:15:a6:30:bb:6c:e2:af:bb:f3:07:24:4c:9d:86:
c3:a6:60:57:74:2e:c5:00:09:62:b6:58:d7:0c:f9:
2b:0c:71:4c:27:3b:c7:21:40:ee:e5:e3:86:cd:87:
03:e4:d5:62:08:a6:1d:36:13:fe:76:18:30:5a:0b:
17:53:a5:12:5e:76:d5:d4:48:a9:57:c2:8b:70:5d:
10:00:a5:4d:6f:e3:1b:6a:1e:d0:d4:d4:d7:ef:9a:
c7:e6:fa:73:53:b4:2a:79:af:4c:31:54:1a:0e:d4:
cc:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:00:BE:4C:8E:32:F0:1B:16:81:BA:1A:5D:58:DF:6A:B7:B9:4A:DA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3136332e34342e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.44.0/22
Signature Algorithm: sha256WithRSAEncryption
84:3f:4c:26:dd:68:53:a5:ec:64:d2:cf:a6:13:f9:3c:be:2a:
3e:8d:51:67:9a:8c:23:76:2a:5f:72:98:43:23:aa:8c:fb:4b:
54:62:53:f7:99:28:f5:0b:15:73:c1:23:66:eb:d7:41:d1:1a:
80:b0:cd:96:15:90:70:9d:ca:28:28:3f:63:30:f5:d5:62:a3:
4e:ac:b2:f0:12:37:a0:ed:21:02:7e:d1:d8:d5:3c:62:2e:67:
a3:58:e5:f1:3c:91:5f:86:85:d4:3e:81:c3:0c:65:43:28:2c:
87:10:70:dc:3b:a8:52:35:d9:c1:27:99:db:88:e9:64:d7:8a:
91:2e:f7:6d:7d:45:f5:f0:4f:6c:3d:d7:ef:53:40:64:c5:05:
84:03:d2:33:5b:cf:59:ef:ff:4e:b1:70:9f:50:8f:53:92:82:
a6:dd:84:32:35:9a:2b:15:cf:95:37:b2:8a:c9:14:23:43:1f:
da:64:a8:da:c0:60:67:19:f5:14:9b:da:53:b5:a3:da:81:12:
d7:0f:73:c1:67:1a:38:dc:d2:06:fe:10:6e:6d:a9:fa:ad:3b:
af:b8:91:53:b7:01:7e:80:94:3d:e8:88:83:24:9c:c9:c9:63:
fb:17:7e:72:e7:d8:75:51:17:eb:43:64:61:f4:0a:62:0e:27:
0c:ee:57:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWHsLGfovXznQUVqGmdrCg4IsltgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDlaFw0yNjAxMjYwOTQ1MDlaMDMxMTAvBgNV
BAMTKDVBMDBCRTRDOEUzMkYwMUIxNjgxQkExQTVENThERjZBQjdCOTRBREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxzsU4t+Wqna3meEa1mxsaSWt7
TveydEbbzmXf0Ylu7F1vfpfgX8FSsm6hwdBR07oWvj9YZsthpGaDlVWfZYywiTYA
V5/bxADUPylAKNVx2OsGUvzgx7OBJ9NdFanfXTVJnEA4jTWknNTGbO4+LUg5ZJ7x
1t/tRtAff3eVX5q7KK3dEJd1jVDoD2KHh9/7hFJk0qwp8zEVpjC7bOKvu/MHJEyd
hsOmYFd0LsUACWK2WNcM+SsMcUwnO8chQO7l44bNhwPk1WIIph02E/52GDBaCxdT
pRJedtXUSKlXwotwXRAApU1v4xtqHtDU1Nfvmsfm+nNTtCp5r0wxVBoO1MwnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUWgC+TI4y8BsWgboaXVjfare5StowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM2MzMyZTM0
MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
wqMsMA0GCSqGSIb3DQEBCwUAA4IBAQCEP0wm3WhTpexk0s+mE/k8vio+jVFnmowj
dipfcphDI6qM+0tUYlP3mSj1CxVzwSNm69dB0RqAsM2WFZBwncooKD9jMPXVYqNO
rLLwEjeg7SECftHY1TxiLmejWOXxPJFfhoXUPoHDDGVDKCyHEHDcO6hSNdnBJ5nb
iOlk14qRLvdtfUX18E9sPdfvU0BkxQWEA9IzW89Z7/9OsXCfUI9TkoKm3YQyNZor
Fc+VN7KKyRQjQx/aZKjawGBnGfUUm9pTtaPagRLXD3PBZxo43NIG/hBuban6rTuv
uJFTtwF+gJQ96IiDJJzJyWP7F35y59h1URfrQ2Rh9ApiDicM7ldf
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:57:30 2025 by rpki-client