Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
File: 3231372e36352e3134342e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: bgR5FOXo63bjMXtWFzsr/0L5RZb/XBrRwgK4MBTfIzc=
Subject key identifier: 25:27:85:B5:D4:3D:06:87:55:1D:54:92:0D:A3:9E:BB:90:76:42:DF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 39183302435B2AC2A7FB5C9D08260A0738F40ECD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
Signing time: Fri 28 Mar 2025 14:47:37 +0000
ROA not before: Fri 28 Mar 2025 14:42:37 +0000
ROA not after: Fri 27 Mar 2026 14:47:37 +0000
asID: 47583
IP address blocks: 217.65.144.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:18:33:02:43:5b:2a:c2:a7:fb:5c:9d:08:26:0a:07:38:f4:0e:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 28 14:42:37 2025 GMT
Not After : Mar 27 14:47:37 2026 GMT
Subject: CN=252785B5D43D0687551D54920DA39EBB907642DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ef:09:0f:51:a5:2f:30:c3:d2:8f:83:99:b2:
9d:6d:7e:f6:3a:cb:f3:31:8d:44:19:2f:7e:ce:17:
27:7b:47:29:91:a9:91:e8:f3:30:c4:3f:19:a2:8a:
34:d9:17:70:50:bc:42:79:d1:9c:ab:7f:e2:c4:30:
c3:4f:1a:e7:39:7a:81:3e:d6:51:b1:16:68:6e:07:
4d:1d:a8:d4:c1:de:d9:7d:0d:81:d3:07:7a:9d:bd:
d1:ad:c4:40:56:ad:46:66:ce:12:73:1c:f0:7e:15:
25:1c:50:8a:c6:4b:a6:3e:72:ae:32:70:ee:ff:26:
08:76:ce:9b:fc:94:b6:02:3e:2d:9d:1a:50:3a:54:
d0:d1:64:48:d3:f0:0d:d5:58:fe:5b:d9:3d:9e:2b:
21:b2:37:d8:f3:79:95:56:3c:3b:51:e8:68:58:c2:
40:4c:fa:33:ec:c7:7f:80:3b:8c:cd:6a:4e:9f:a6:
b2:12:5e:1f:a1:fc:87:6c:b5:30:0f:3b:e4:75:c7:
70:31:67:de:20:9f:ed:0a:09:62:de:67:4a:55:19:
d0:ce:53:20:17:8a:d1:d7:34:82:88:7b:53:89:b3:
79:a5:65:49:43:39:5a:99:c2:60:a5:a0:a8:da:14:
6c:da:4a:a4:da:7f:ce:e3:14:3e:12:e4:40:e3:c8:
ad:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:27:85:B5:D4:3D:06:87:55:1D:54:92:0D:A3:9E:BB:90:76:42:DF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3134342e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.144.0/21
Signature Algorithm: sha256WithRSAEncryption
a1:60:9c:48:aa:7b:23:32:be:71:96:8e:83:ee:b7:f9:ff:19:
a7:5d:15:d8:61:0d:d1:9a:0c:ee:cb:68:95:06:d0:89:ac:51:
45:a7:09:f0:de:77:be:c1:ca:d9:1e:94:59:d4:a9:14:27:d0:
67:58:0d:2e:96:12:aa:84:08:9d:26:60:71:a5:d5:5b:cd:5d:
19:42:e0:88:01:25:47:e3:4e:94:1d:81:81:ce:75:ea:37:18:
d8:f3:88:04:47:b8:09:15:b2:e6:f8:b0:65:06:5e:d9:bf:15:
9a:cd:27:0b:fb:64:ab:82:09:cf:88:ff:36:80:b1:e7:f5:0f:
61:2d:08:29:14:85:56:18:6c:ec:b0:58:97:d7:4b:17:1a:aa:
c9:c8:88:6b:13:b1:68:17:ba:33:0f:86:c5:ec:e6:6d:6b:82:
e9:b6:63:b1:b5:c0:a5:b2:ac:c3:7e:dc:04:57:5e:22:75:19:
c3:4c:5a:a8:47:7a:8c:1c:fb:6c:e3:41:34:0d:fb:5e:7f:44:
ae:d5:a9:95:84:b7:31:54:30:b4:cd:75:e6:ae:dd:b1:c6:63:
73:fb:c3:4b:84:7f:21:ff:90:2e:24:1d:af:9f:97:24:58:32:
51:83:87:76:6d:48:05:27:4b:18:20:7b:01:06:fe:15:d5:29:
3c:c3:d4:42
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUORgzAkNbKsKn+1ydCCYKBzj0Ds0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMjgxNDQyMzdaFw0yNjAzMjcxNDQ3MzdaMDMxMTAvBgNV
BAMTKDI1Mjc4NUI1RDQzRDA2ODc1NTFENTQ5MjBEQTM5RUJCOTA3NjQyREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP7wkPUaUvMMPSj4OZsp1tfvY6
y/MxjUQZL37OFyd7RymRqZHo8zDEPxmiijTZF3BQvEJ50Zyrf+LEMMNPGuc5eoE+
1lGxFmhuB00dqNTB3tl9DYHTB3qdvdGtxEBWrUZmzhJzHPB+FSUcUIrGS6Y+cq4y
cO7/Jgh2zpv8lLYCPi2dGlA6VNDRZEjT8A3VWP5b2T2eKyGyN9jzeZVWPDtR6GhY
wkBM+jPsx3+AO4zNak6fprISXh+h/IdstTAPO+R1x3AxZ94gn+0KCWLeZ0pVGdDO
UyAXitHXNIKIe1OJs3mlZUlDOVqZwmCloKjaFGzaSqTaf87jFD4S5EDjyK09AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUJSeFtdQ9BodVHVSSDaOeu5B2Qt8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNjM1MmUzMTM0
MzQyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2UGQMA0GCSqGSIb3DQEBCwUAA4IBAQChYJxIqnsjMr5xlo6D7rf5/xmnXRXYYQ3R
mgzuy2iVBtCJrFFFpwnw3ne+wcrZHpRZ1KkUJ9BnWA0ulhKqhAidJmBxpdVbzV0Z
QuCIASVH406UHYGBznXqNxjY84gER7gJFbLm+LBlBl7ZvxWazScL+2SrggnPiP82
gLHn9Q9hLQgpFIVWGGzssFiX10sXGqrJyIhrE7FoF7ozD4bF7OZta4LptmOxtcCl
sqzDftwEV14idRnDTFqoR3qMHPts40E0Dftef0Su1amVhLcxVDC0zXXmrt2xxmNz
+8NLhH8h/5AuJB2vn5ckWDJRg4d2bUgFJ0sYIHsBBv4V1Sk8w9RC
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:02:33 2025 by rpki-client