Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e38352e302e302f32312d3234203d3e203437353833.roa
File: 3231322e38352e302e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: MHPTRYMsm2exa8zTb1x8TwO/qoUWwSaOz40jSLDYiOo=
Subject key identifier: FF:22:62:84:B3:1D:56:36:8C:FB:1B:4C:A0:A0:C5:4E:86:DE:45:2D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 204331974C424E4C5A1236BCEBD5B33D2B3EFBAD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e38352e302e302f32312d3234203d3e203437353833.roa
Signing time: Fri 28 Feb 2025 12:00:15 +0000
ROA not before: Fri 28 Feb 2025 11:55:15 +0000
ROA not after: Fri 27 Feb 2026 12:00:15 +0000
asID: 47583
IP address blocks: 212.85.0.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:43:31:97:4c:42:4e:4c:5a:12:36:bc:eb:d5:b3:3d:2b:3e:fb:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 28 11:55:15 2025 GMT
Not After : Feb 27 12:00:15 2026 GMT
Subject: CN=FF226284B31D56368CFB1B4CA0A0C54E86DE452D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:a4:f7:eb:a8:53:80:de:ef:2b:50:72:50:
6d:14:3c:57:7e:c7:02:12:5e:14:ab:a4:e8:ef:99:
89:fa:01:b5:a6:10:bd:6a:d8:4a:2e:92:3e:cd:9e:
15:36:8b:06:2e:7e:ef:b2:2a:8b:ff:cb:7d:52:6e:
3a:b5:97:ed:5c:b2:af:a7:12:e4:55:77:ca:a1:66:
13:cd:2f:d2:33:18:6a:7d:a0:32:83:cf:2e:f7:46:
32:94:c1:7e:06:a3:e4:7a:a7:54:bd:5a:8f:61:d4:
85:7f:53:db:23:3c:17:cf:89:b6:ce:db:20:4c:98:
7e:83:ff:9a:b9:9e:25:d1:23:a6:84:f7:38:12:bc:
30:6a:17:10:46:8f:9d:ac:2f:54:63:e0:fc:63:87:
7a:d0:91:1b:b0:f9:b9:90:ac:a3:d0:6b:55:0d:1f:
f8:1f:de:4e:25:e1:29:86:de:a0:5b:dc:6a:31:e1:
6b:a9:28:d7:18:2f:f6:38:85:aa:fd:8b:26:c1:bc:
23:0f:f0:52:7b:1d:4b:08:7f:3c:a9:cc:b6:ce:7c:
92:df:42:7b:c5:32:4f:d6:5a:50:37:92:74:ec:68:
b9:75:a3:e1:ff:8f:18:4e:59:80:58:84:b1:57:c6:
5d:c7:41:a3:57:2e:95:94:77:01:bd:5b:80:0b:2a:
61:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:22:62:84:B3:1D:56:36:8C:FB:1B:4C:A0:A0:C5:4E:86:DE:45:2D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e38352e302e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.85.0.0/21
Signature Algorithm: sha256WithRSAEncryption
10:76:96:e8:f0:6a:fb:e2:c6:21:a6:8d:60:c2:d3:b0:9c:93:
01:b7:72:5f:4a:5e:ea:b7:86:1a:2b:25:6c:cb:e5:da:88:3d:
5d:06:f3:b0:43:14:42:7c:79:42:9c:47:36:e9:77:ba:35:b7:
75:82:da:19:54:bb:63:34:2b:fb:fa:de:ca:75:ef:4a:c3:44:
a4:e2:1a:4a:bb:a8:f9:e7:e5:8a:54:fe:55:be:5b:a2:ee:f0:
41:7b:c8:6b:75:3a:d3:de:de:26:a4:a2:41:a8:a8:f9:10:63:
eb:1b:2f:1a:b3:d7:07:e2:cc:ba:9e:40:be:98:28:ad:48:e0:
41:5f:4d:f1:8f:74:23:00:f0:8c:d9:33:54:5b:1a:16:56:ed:
2f:50:b9:89:d4:d5:70:2d:db:54:73:40:6a:64:02:6c:8d:3c:
3c:e4:aa:69:81:de:84:9a:2c:dc:ef:c3:78:4b:08:a6:81:0a:
36:18:aa:01:e4:c3:2d:cc:f6:8d:5a:88:0a:dc:39:57:0c:02:
b7:3d:f8:f1:ab:e6:c5:d2:77:b7:d5:6e:34:e5:4e:de:b4:59:
6a:86:22:1d:55:ff:26:c0:32:9d:88:c2:87:60:70:b4:d5:d3:
f8:71:a2:f5:94:b3:eb:6a:d3:2f:70:fa:25:a9:5b:0e:b2:08:
18:2b:55:12
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIEMxl0xCTkxaEja869WzPSs++60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMjgxMTU1MTVaFw0yNjAyMjcxMjAwMTVaMDMxMTAvBgNV
BAMTKEZGMjI2Mjg0QjMxRDU2MzY4Q0ZCMUI0Q0EwQTBDNTRFODZERTQ1MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0FqT366hTgN7vK1ByUG0UPFd+
xwISXhSrpOjvmYn6AbWmEL1q2Eoukj7NnhU2iwYufu+yKov/y31Sbjq1l+1csq+n
EuRVd8qhZhPNL9IzGGp9oDKDzy73RjKUwX4Go+R6p1S9Wo9h1IV/U9sjPBfPibbO
2yBMmH6D/5q5niXRI6aE9zgSvDBqFxBGj52sL1Rj4Pxjh3rQkRuw+bmQrKPQa1UN
H/gf3k4l4SmG3qBb3Gox4WupKNcYL/Y4har9iybBvCMP8FJ7HUsIfzypzLbOfJLf
QnvFMk/WWlA3knTsaLl1o+H/jxhOWYBYhLFXxl3HQaNXLpWUdwG9W4ALKmGXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU/yJihLMdVjaM+xtMoKDFTobeRS0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzODM1MmUzMDJl
MzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPUVQAw
DQYJKoZIhvcNAQELBQADggEBABB2lujwavvixiGmjWDC07CckwG3cl9KXuq3hhor
JWzL5dqIPV0G87BDFEJ8eUKcRzbpd7o1t3WC2hlUu2M0K/v63sp170rDRKTiGkq7
qPnn5YpU/lW+W6Lu8EF7yGt1OtPe3iakokGoqPkQY+sbLxqz1wfizLqeQL6YKK1I
4EFfTfGPdCMA8IzZM1RbGhZW7S9QuYnU1XAt21RzQGpkAmyNPDzkqmmB3oSaLNzv
w3hLCKaBCjYYqgHkwy3M9o1aiArcOVcMArc9+PGr5sXSd7fVbjTlTt60WWqGIh1V
/ybAMp2IwodgcLTV0/hxovWUs+tq0y9w+iWpWw6yCBgrVRI=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:01:42 2025 by rpki-client