Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
File: 3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa (raw, json)
Hash identifier: Q0T+mFDA5JQj1+9B8SzihmLOrlNcb/dgq9BtTLOAFxw=
Subject key identifier: 9F:C2:48:20:E8:57:26:29:0C:D5:D5:0D:3C:D4:5A:5F:80:4A:78:96
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 13BD6017582D51C5A9C5078C46200B7F1DBB3DE2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
Signing time: Thu 06 Mar 2025 20:45:51 +0000
ROA not before: Thu 06 Mar 2025 20:40:51 +0000
ROA not after: Thu 05 Mar 2026 20:45:51 +0000
asID: 141995
IP address blocks: 217.15.160.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:bd:60:17:58:2d:51:c5:a9:c5:07:8c:46:20:0b:7f:1d:bb:3d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 6 20:40:51 2025 GMT
Not After : Mar 5 20:45:51 2026 GMT
Subject: CN=9FC24820E85726290CD5D50D3CD45A5F804A7896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ba:39:cf:84:a6:44:11:3d:dd:52:8b:ae:7a:
52:65:d8:c7:e3:36:86:72:5b:20:40:c4:58:de:6a:
72:8a:40:6f:dd:27:23:12:f9:78:ee:bd:7d:8e:c7:
b0:f2:c8:18:6e:44:18:d7:fc:0e:f8:c1:15:ab:7d:
c7:1a:bc:0c:72:99:0c:ff:98:14:63:00:58:12:f9:
be:d1:54:e1:32:ca:5d:ef:16:06:ee:39:7d:d2:59:
03:ac:87:de:03:c4:a0:2e:56:9c:b3:98:57:df:70:
a4:8c:ec:56:60:17:a2:9f:13:9a:00:f2:c6:40:18:
e5:74:a1:61:72:17:8b:72:24:14:b5:f4:5b:2d:bf:
b8:02:64:fb:13:a3:2a:c3:b2:e3:5b:81:7f:69:4a:
c7:6d:3b:a3:90:3e:bc:e0:e2:a7:d8:65:44:4a:96:
a3:6b:2b:7a:e5:05:25:96:5b:0f:d1:fb:cb:aa:68:
72:38:4a:47:9a:4b:5d:b2:f5:cc:37:64:7c:ee:81:
43:27:8b:5f:09:d5:b2:60:6b:3b:a4:c9:b1:d7:ad:
5e:ca:12:60:53:86:99:9a:c6:fd:a1:93:2f:85:bc:
c9:82:84:b9:a9:a6:0e:ae:9f:3b:02:a1:f7:4f:85:
0b:16:59:91:6f:cd:45:59:33:db:3c:4e:b5:4e:d0:
83:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C2:48:20:E8:57:26:29:0C:D5:D5:0D:3C:D4:5A:5F:80:4A:78:96
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e31352e3136302e302f32312d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.15.160.0/21
Signature Algorithm: sha256WithRSAEncryption
49:a0:37:46:ca:fa:ac:5e:ed:52:cc:ae:f6:de:c2:61:07:30:
ba:81:40:a6:2e:53:46:3c:45:37:75:2c:de:43:42:50:d6:76:
26:8d:74:2e:6d:8b:52:bc:9f:4a:c2:f2:d4:5d:dd:74:33:63:
96:d5:c8:e1:df:53:89:16:a3:77:d3:ce:76:79:3a:c0:69:b4:
de:b6:b7:32:25:9a:f8:31:00:01:fa:10:e6:3f:b0:33:a8:0d:
7e:0d:e0:16:99:b9:76:d7:5a:aa:bb:b0:ed:dd:c2:e5:d7:00:
2c:78:d3:ee:ad:94:c8:17:85:c8:71:6b:45:e1:50:f0:ae:d8:
71:60:52:35:9c:7b:dd:c7:ec:c5:0e:5a:f9:76:f1:94:1e:00:
bd:da:9e:c7:c6:d0:41:24:3d:51:80:c3:21:03:0f:fe:5d:04:
78:38:84:1a:49:0b:4b:d0:6b:37:4d:99:86:dd:b0:e0:27:80:
a7:82:45:88:5e:28:d3:48:01:1e:1c:20:b5:78:a2:85:6f:7a:
5a:4a:84:ed:a2:d4:d1:13:67:a5:51:1a:cb:bf:7f:d2:be:8f:
49:ee:a6:7a:2e:eb:a8:a1:e2:79:4f:69:f6:4d:de:13:8c:2e:
91:80:e2:cc:cf:d4:2d:58:b9:d0:f1:1b:14:1e:33:85:27:62:
9f:02:a7:cb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE71gF1gtUcWpxQeMRiALfx27PeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMDYyMDQwNTFaFw0yNjAzMDUyMDQ1NTFaMDMxMTAvBgNV
BAMTKDlGQzI0ODIwRTg1NzI2MjkwQ0Q1RDUwRDNDRDQ1QTVGODA0QTc4OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7ujnPhKZEET3dUouuelJl2Mfj
NoZyWyBAxFjeanKKQG/dJyMS+XjuvX2Ox7DyyBhuRBjX/A74wRWrfccavAxymQz/
mBRjAFgS+b7RVOEyyl3vFgbuOX3SWQOsh94DxKAuVpyzmFffcKSM7FZgF6KfE5oA
8sZAGOV0oWFyF4tyJBS19Fstv7gCZPsToyrDsuNbgX9pSsdtO6OQPrzg4qfYZURK
lqNrK3rlBSWWWw/R+8uqaHI4SkeaS12y9cw3ZHzugUMni18J1bJgazukybHXrV7K
EmBThpmaxv2hky+FvMmChLmppg6unzsCofdPhQsWWZFvzUVZM9s8TrVO0INLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUn8JIIOhXJikM1dUNPNRaX4BKeJYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMTM1MmUzMTM2
MzAyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAPZD6AwDQYJKoZIhvcNAQELBQADggEBAEmgN0bK+qxe7VLMrvbewmEHMLqBQKYu
U0Y8RTd1LN5DQlDWdiaNdC5ti1K8n0rC8tRd3XQzY5bVyOHfU4kWo3fTznZ5OsBp
tN62tzIlmvgxAAH6EOY/sDOoDX4N4BaZuXbXWqq7sO3dwuXXACx40+6tlMgXhchx
a0XhUPCu2HFgUjWce93H7MUOWvl28ZQeAL3ansfG0EEkPVGAwyEDD/5dBHg4hBpJ
C0vQazdNmYbdsOAngKeCRYheKNNIAR4cILV4ooVvelpKhO2i1NETZ6VRGsu/f9K+
j0nupnou66ih4nlPafZN3hOMLpGA4szP1C1YudDxGxQeM4UnYp8Cp8s=
-----END CERTIFICATE-----
Generated at Thu Apr 3 03:34:48 2025 by rpki-client