Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa
File: 3231372e32312e37362e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: VnaO2w69iBXHS1Xt1u898jSWf9Z2plpD8yP2fQ1hVIY=
Subject key identifier: F4:E6:07:77:AD:EA:6A:65:40:7E:ED:70:9D:3A:58:1E:4D:B3:2C:D3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 563A2904CD63B30C10F0668EF82776F025692A25
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa
Signing time: Mon 27 Jan 2025 09:44:59 +0000
ROA not before: Mon 27 Jan 2025 09:39:59 +0000
ROA not after: Mon 26 Jan 2026 09:44:59 +0000
asID: 47583
IP address blocks: 217.21.76.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:3a:29:04:cd:63:b3:0c:10:f0:66:8e:f8:27:76:f0:25:69:2a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:59 2025 GMT
Not After : Jan 26 09:44:59 2026 GMT
Subject: CN=F4E60777ADEA6A65407EED709D3A581E4DB32CD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3f:d5:66:57:49:2b:72:02:b3:90:9c:68:5d:
30:f0:84:8a:de:d4:ef:f3:11:4c:95:54:a8:1d:b9:
0a:bb:91:80:65:4f:6f:7a:50:f6:6b:6b:bd:ba:16:
d5:b7:11:76:e6:8e:40:fa:a0:1a:dd:2a:e3:a9:7c:
9e:8b:db:b8:f5:d4:7e:bd:b0:30:cc:a5:7c:24:3e:
29:af:6d:cc:47:a5:70:a9:7d:2b:aa:2e:e0:25:8e:
c4:29:51:f8:ec:ad:2b:8e:f7:f4:8d:d8:54:22:0e:
6e:75:3d:e6:bd:7b:fd:59:13:f8:13:b1:9b:3e:3d:
98:02:7d:0c:fc:1d:85:f4:c5:78:f4:97:1c:40:a0:
d9:b5:44:48:4d:25:4a:2c:46:de:ee:64:44:81:6b:
f5:7d:9b:2d:61:10:97:95:10:bb:b8:2f:af:49:bb:
5d:18:3c:e0:d7:bb:7c:63:67:ef:4e:93:ac:38:d2:
b4:1d:df:08:70:90:81:cf:9a:06:b2:69:f0:08:17:
cf:fd:af:9a:91:15:0b:58:d7:9a:bf:3d:fa:f8:1c:
7a:bd:93:7c:ba:fd:91:6d:10:10:8c:ab:dc:df:81:
87:5f:b9:0e:2f:c4:56:9b:88:58:06:15:ea:b1:1a:
58:6e:f7:cd:10:3a:57:73:01:73:79:fd:af:dd:f3:
bd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:E6:07:77:AD:EA:6A:65:40:7E:ED:70:9D:3A:58:1E:4D:B3:2C:D3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.21.76.0/22
Signature Algorithm: sha256WithRSAEncryption
87:55:b7:a5:18:ca:d9:35:a6:b2:22:fc:00:49:7d:5b:73:ce:
8a:96:d9:06:54:83:05:50:3e:af:bf:c5:14:5e:10:ce:8a:a7:
11:ed:44:ad:59:79:e8:18:f0:55:e9:c3:b7:1a:0e:b3:05:79:
bf:c3:7e:bb:ea:9d:79:81:2b:8f:ff:12:1c:1d:e9:1e:ce:c5:
57:fe:cc:6c:80:eb:77:87:81:6f:29:19:0a:9e:3b:fa:a8:ea:
a2:74:bf:5a:2c:a8:57:7f:13:72:4e:3b:29:ee:f0:36:36:c7:
5a:50:94:6d:ad:fd:04:04:cf:0d:57:0b:dc:e1:fa:ac:3c:73:
db:72:19:96:f5:72:64:09:c6:74:ab:21:3a:f6:78:96:8d:ed:
6c:8c:16:05:7e:43:b2:32:43:c8:fb:f0:ff:d5:c8:1b:aa:b8:
c6:f7:03:1e:f1:09:bf:7d:31:be:f1:8a:92:a7:41:79:65:91:
47:15:b9:73:60:9b:e6:ba:59:ee:41:2b:29:78:16:54:44:f6:
be:86:88:4c:cc:fa:86:0c:b7:e0:65:28:3b:b9:0a:19:65:ff:
24:d5:cb:a4:c1:f0:43:61:61:fa:21:bc:43:d0:e1:a6:14:97:
b1:f8:d8:4e:a3:2a:67:f5:fc:b2:fd:c8:4f:79:19:46:28:75:
c8:8f:f5:2a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUVjopBM1jswwQ8GaO+Cd28CVpKiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTlaFw0yNjAxMjYwOTQ0NTlaMDMxMTAvBgNV
BAMTKEY0RTYwNzc3QURFQTZBNjU0MDdFRUQ3MDlEM0E1ODFFNERCMzJDRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuP9VmV0krcgKzkJxoXTDwhIre
1O/zEUyVVKgduQq7kYBlT296UPZra726FtW3EXbmjkD6oBrdKuOpfJ6L27j11H69
sDDMpXwkPimvbcxHpXCpfSuqLuAljsQpUfjsrSuO9/SN2FQiDm51Pea9e/1ZE/gT
sZs+PZgCfQz8HYX0xXj0lxxAoNm1REhNJUosRt7uZESBa/V9my1hEJeVELu4L69J
u10YPODXu3xjZ+9Ok6w40rQd3whwkIHPmgayafAIF8/9r5qRFQtY15q/Pfr4HHq9
k3y6/ZFtEBCMq9zfgYdfuQ4vxFabiFgGFeqxGlhu980QOldzAXN5/a/d870vAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU9OYHd63qamVAfu1wnTpYHk2zLNMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMmUzNzM2
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkV
TDANBgkqhkiG9w0BAQsFAAOCAQEAh1W3pRjK2TWmsiL8AEl9W3POipbZBlSDBVA+
r7/FFF4QzoqnEe1ErVl56BjwVenDtxoOswV5v8N+u+qdeYErj/8SHB3pHs7FV/7M
bIDrd4eBbykZCp47+qjqonS/WiyoV38Tck47Ke7wNjbHWlCUba39BATPDVcL3OH6
rDxz23IZlvVyZAnGdKshOvZ4lo3tbIwWBX5DsjJDyPvw/9XIG6q4xvcDHvEJv30x
vvGKkqdBeWWRRxW5c2Cb5rpZ7kErKXgWVET2voaITMz6hgy34GUoO7kKGWX/JNXL
pMHwQ2Fh+iG8Q9DhphSXsfjYTqMqZ/X8sv3IT3kZRih1yI/1Kg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:02:01 2025 by rpki-client