Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
File: 3231372e36352e3135322e302f32312d3234203d3e203437353833.roa (raw, json)
Hash identifier: LUt5renJCRf4nFBBS2bN/A7nQ9e/INvYxzH4lVFBN20=
Subject key identifier: F9:B7:14:2B:25:E8:18:F7:01:4B:4A:40:0E:FB:9D:9A:3F:F3:91:49
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5733853C62AA425AA89A3F6136157039075D01EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
Signing time: Fri 28 Mar 2025 14:48:04 +0000
ROA not before: Fri 28 Mar 2025 14:43:04 +0000
ROA not after: Fri 27 Mar 2026 14:48:04 +0000
asID: 47583
IP address blocks: 217.65.152.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:33:85:3c:62:aa:42:5a:a8:9a:3f:61:36:15:70:39:07:5d:01:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 28 14:43:04 2025 GMT
Not After : Mar 27 14:48:04 2026 GMT
Subject: CN=F9B7142B25E818F7014B4A400EFB9D9A3FF39149
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:58:5b:5c:a1:71:22:35:b4:3d:8d:f5:e0:dd:
51:91:cc:98:de:24:a3:1d:58:99:a2:aa:bd:a0:ce:
95:40:73:a9:4d:aa:b9:7a:f6:cc:0b:5e:bc:a7:71:
a3:47:18:0b:47:14:41:c9:6d:2f:71:36:05:c3:c9:
68:f3:6d:e5:0e:9e:bb:f4:46:a3:e8:b6:64:93:ea:
f1:6e:c9:ec:7a:35:7b:0f:a9:11:39:ba:b5:1e:35:
8a:3c:7c:93:15:fe:a3:6f:5e:98:6b:0b:b1:68:b9:
db:6e:7e:15:c2:23:fa:09:09:8a:1a:ad:9f:03:b5:
30:d4:7c:26:45:f2:f9:59:79:55:d1:1a:de:6b:56:
17:b2:78:df:90:7f:f3:2a:cb:1c:d0:0b:a8:32:a1:
ce:6b:92:4c:c6:e0:62:60:95:17:57:2c:be:cc:e5:
28:db:fe:28:65:90:d7:51:b7:71:fc:3e:30:09:6d:
fc:c5:ef:aa:31:90:db:78:b0:38:2c:78:b6:29:03:
03:06:91:28:8f:db:00:8b:db:6d:41:d6:3b:d3:c8:
7e:27:32:70:0f:9b:6c:0e:8d:c5:8e:01:00:de:84:
72:ad:15:89:e0:b0:7e:7e:84:11:ad:07:be:c9:1b:
d2:c5:4d:a0:67:ea:6a:c2:56:53:01:51:23:6f:2f:
83:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:B7:14:2B:25:E8:18:F7:01:4B:4A:40:0E:FB:9D:9A:3F:F3:91:49
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e36352e3135322e302f32312d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.65.152.0/21
Signature Algorithm: sha256WithRSAEncryption
86:6a:5c:e5:44:24:08:87:96:b3:c9:52:ce:3c:f5:7a:f9:e1:
7e:95:71:44:d2:21:15:5c:66:9d:5c:16:a0:1d:3b:cf:d0:00:
a2:58:3d:df:7f:6e:1c:e0:5d:73:ae:59:e8:a7:10:63:96:c7:
6e:1e:fb:fb:71:ce:82:9d:f6:78:03:d5:91:61:c0:23:ca:9b:
e4:06:8e:b5:d9:c7:0a:f2:2a:cb:56:cf:6e:f7:ce:71:42:cf:
fd:42:f2:e0:55:86:9a:34:2a:f4:ed:b5:06:f4:a0:b5:5b:6c:
3c:4d:3a:ae:bc:8c:af:20:2b:e5:23:57:42:70:77:fc:f9:bb:
80:64:3c:2c:a4:f7:18:cc:f0:09:9d:70:34:62:78:85:9f:79:
99:30:85:3e:cd:e3:8f:18:ab:45:4d:fe:58:2b:8d:8b:fe:5b:
71:28:20:d2:d4:7e:a9:cc:5f:c8:52:d1:8a:af:8d:78:82:fb:
c2:4f:c6:2c:6b:61:b1:e1:aa:f3:33:2c:8c:cf:0e:78:78:90:
30:ed:77:17:b8:85:57:12:6d:46:2f:7b:2c:e2:19:d9:90:09:
93:f8:66:c7:cb:f6:5f:9d:18:09:12:8e:2f:61:c9:6a:48:29:
a1:7f:45:a5:01:29:cb:a1:7c:ca:96:43:95:0e:57:be:b3:a4:
7a:d4:c0:93
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUVzOFPGKqQlqomj9hNhVwOQddAeswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMjgxNDQzMDRaFw0yNjAzMjcxNDQ4MDRaMDMxMTAvBgNV
BAMTKEY5QjcxNDJCMjVFODE4RjcwMTRCNEE0MDBFRkI5RDlBM0ZGMzkxNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQWFtcoXEiNbQ9jfXg3VGRzJje
JKMdWJmiqr2gzpVAc6lNqrl69swLXryncaNHGAtHFEHJbS9xNgXDyWjzbeUOnrv0
RqPotmST6vFuyex6NXsPqRE5urUeNYo8fJMV/qNvXphrC7FoudtufhXCI/oJCYoa
rZ8DtTDUfCZF8vlZeVXRGt5rVheyeN+Qf/MqyxzQC6gyoc5rkkzG4GJglRdXLL7M
5Sjb/ihlkNdRt3H8PjAJbfzF76oxkNt4sDgseLYpAwMGkSiP2wCL221B1jvTyH4n
MnAPm2wOjcWOAQDehHKtFYngsH5+hBGtB77JG9LFTaBn6mrCVlMBUSNvL4MfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+bcUKyXoGPcBS0pADvudmj/zkUkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNjM1MmUzMTM1
MzIyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
2UGYMA0GCSqGSIb3DQEBCwUAA4IBAQCGalzlRCQIh5azyVLOPPV6+eF+lXFE0iEV
XGadXBagHTvP0ACiWD3ff24c4F1zrlnopxBjlsduHvv7cc6CnfZ4A9WRYcAjypvk
Bo612ccK8irLVs9u985xQs/9QvLgVYaaNCr07bUG9KC1W2w8TTquvIyvICvlI1dC
cHf8+buAZDwspPcYzPAJnXA0YniFn3mZMIU+zeOPGKtFTf5YK42L/ltxKCDS1H6p
zF/IUtGKr414gvvCT8Ysa2Gx4arzMyyMzw54eJAw7XcXuIVXEm1GL3ss4hnZkAmT
+GbHy/ZfnRgJEo4vYclqSCmhf0WlASnLoXzKlkOVDle+s6R61MCT
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:03:39 2025 by rpki-client