Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
File: 3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: dK90dn7NQqCkjclc26rR+8f0J0E98dvZJAj/fA6MZ9M=
Subject key identifier: 2A:AB:56:AE:66:D5:4D:2B:9C:9C:FB:DA:FA:57:FB:59:F9:B3:E4:F8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6901204119BA90A27BD6CD8A982D0BD97485C57E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:30 +0000
ROA not before: Mon 27 Jan 2025 09:40:30 +0000
ROA not after: Mon 26 Jan 2026 09:45:30 +0000
asID: 136787
IP address blocks: 194.233.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:01:20:41:19:ba:90:a2:7b:d6:cd:8a:98:2d:0b:d9:74:85:c5:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:30 2025 GMT
Not After : Jan 26 09:45:30 2026 GMT
Subject: CN=2AAB56AE66D54D2B9C9CFBDAFA57FB59F9B3E4F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:22:9c:6e:64:c1:c8:2d:be:a5:12:06:ad:3b:
7d:ce:f7:8d:54:75:ad:a2:e7:fc:ea:a1:12:bc:23:
07:ea:2a:0b:c6:69:5a:4a:71:31:b5:00:01:eb:6b:
62:31:99:d8:5c:68:61:3e:ee:e9:b3:a3:b9:93:f1:
b9:53:d1:82:59:e5:69:cf:34:85:ad:19:0a:11:8e:
18:63:36:b7:65:b2:20:f0:c8:0c:90:5a:fb:4d:11:
f3:05:82:f7:c6:92:cd:a2:8f:5e:96:da:54:87:e7:
40:b2:ac:46:1b:8f:35:fc:7c:ca:0d:40:77:83:d0:
fa:02:25:37:a7:d4:ef:4b:2c:3d:e4:03:55:9b:bb:
2f:45:56:fc:05:70:7f:f5:a3:b7:6b:da:06:51:45:
19:26:9a:2a:9c:74:f9:e5:e1:87:03:7f:45:57:f2:
27:09:b9:71:ad:5f:eb:ec:23:28:0c:b6:5a:f0:4c:
71:bf:04:75:e0:ec:38:59:95:ca:dd:e0:c8:c3:b0:
e1:43:b9:df:5e:95:60:5a:dc:b6:92:6d:df:d5:cb:
cc:3b:d7:81:71:7f:b2:f6:00:14:68:68:aa:96:88:
f2:99:6f:dd:4e:8a:ce:19:c8:47:8e:ba:59:74:ac:
03:78:60:63:18:c8:71:9c:63:2c:7d:fd:20:8a:75:
45:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AB:56:AE:66:D5:4D:2B:9C:9C:FB:DA:FA:57:FB:59:F9:B3:E4:F8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3233332e39392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.233.99.0/24
Signature Algorithm: sha256WithRSAEncryption
02:17:d4:21:72:15:d7:2e:a8:cb:d0:b4:f4:b9:bf:11:35:62:
80:78:68:4c:0c:37:a1:ce:b8:05:df:48:ad:eb:8c:08:bc:44:
20:aa:8a:27:b0:d5:72:34:d4:67:5b:36:15:ff:c4:fc:61:98:
f2:ae:4b:38:af:1b:c8:78:d3:8b:65:45:d7:a9:15:5a:d5:14:
11:10:f8:e4:ca:c2:bd:ee:92:4a:5d:c0:fa:00:a4:0f:43:29:
cc:af:28:96:32:38:9c:6c:00:b1:b4:b4:8f:e2:b8:34:44:c5:
4e:05:af:b2:29:f8:d5:1b:b3:cc:f6:ba:82:db:2f:d8:98:34:
c8:20:4a:72:fb:93:5d:4c:7e:b4:dd:81:65:3c:ec:f4:19:1d:
17:06:43:a7:18:93:d4:ca:5b:ee:32:a8:4c:42:ef:1c:78:89:
1a:7d:d6:fc:d8:31:f5:55:22:de:1a:a0:91:c5:8b:19:e3:a3:
94:7c:2d:6b:6c:7b:93:b6:01:9d:1b:d2:98:0a:b0:6d:e3:17:
8b:ce:b4:c2:bc:57:47:5c:be:96:1c:68:22:06:7e:e3:ce:02:
2a:58:b3:a5:e7:08:df:d3:02:d4:d1:c6:40:05:0c:db:4d:ef:
d6:5f:28:d3:64:97:16:83:cb:bc:3c:fd:0e:7b:ac:79:b5:f6:
1a:64:06:3c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaQEgQRm6kKJ71s2KmC0L2XSFxX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMzBaFw0yNjAxMjYwOTQ1MzBaMDMxMTAvBgNV
BAMTKDJBQUI1NkFFNjZENTREMkI5QzlDRkJEQUZBNTdGQjU5RjlCM0U0RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoIpxuZMHILb6lEgatO33O941U
da2i5/zqoRK8IwfqKgvGaVpKcTG1AAHra2IxmdhcaGE+7umzo7mT8blT0YJZ5WnP
NIWtGQoRjhhjNrdlsiDwyAyQWvtNEfMFgvfGks2ij16W2lSH50CyrEYbjzX8fMoN
QHeD0PoCJTen1O9LLD3kA1Wbuy9FVvwFcH/1o7dr2gZRRRkmmiqcdPnl4YcDf0VX
8icJuXGtX+vsIygMtlrwTHG/BHXg7DhZlcrd4MjDsOFDud9elWBa3LaSbd/Vy8w7
14Fxf7L2ABRoaKqWiPKZb91Ois4ZyEeOull0rAN4YGMYyHGcYyx9/SCKdUU7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKqtWrmbVTSucnPva+lf7Wfmz5PgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMjMzMzMyZTM5
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADC6WMwDQYJKoZIhvcNAQELBQADggEBAAIX1CFyFdcuqMvQtPS5vxE1YoB4aEwM
N6HOuAXfSK3rjAi8RCCqiiew1XI01GdbNhX/xPxhmPKuSzivG8h404tlRdepFVrV
FBEQ+OTKwr3ukkpdwPoApA9DKcyvKJYyOJxsALG0tI/iuDRExU4Fr7Ip+NUbs8z2
uoLbL9iYNMggSnL7k11MfrTdgWU87PQZHRcGQ6cYk9TKW+4yqExC7xx4iRp91vzY
MfVVIt4aoJHFixnjo5R8LWtse5O2AZ0b0pgKsG3jF4vOtMK8V0dcvpYcaCIGfuPO
AipYs6XnCN/TAtTRxkAFDNtN79ZfKNNklxaDy7w8/Q57rHm19hpkBjw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:13:05 2025 by rpki-client