Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233322e302f32312d3332203d3e203531313637.roa
File: 37372e3233372e3233322e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: cCQyoQD/D5D6OCj1LoDIpWXviXHErMLkBQ/703+f5Ew=
Subject key identifier: 90:A0:86:A8:03:08:6B:77:63:95:34:AA:DB:DD:36:34:CD:EB:69:B3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7395EB2455738E04C4573E7C2C14BCF2DD4B233F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233322e302f32312d3332203d3e203531313637.roa
Signing time: Tue 11 Mar 2025 07:45:52 +0000
ROA not before: Tue 11 Mar 2025 07:40:52 +0000
ROA not after: Tue 10 Mar 2026 07:45:52 +0000
asID: 51167
IP address blocks: 77.237.232.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:95:eb:24:55:73:8e:04:c4:57:3e:7c:2c:14:bc:f2:dd:4b:23:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 11 07:40:52 2025 GMT
Not After : Mar 10 07:45:52 2026 GMT
Subject: CN=90A086A803086B77639534AADBDD3634CDEB69B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:71:bd:25:ad:55:9a:38:ee:67:b0:dc:57:c6:
4b:de:33:c4:59:a3:54:9a:b3:bb:7e:5f:4a:0a:c0:
7e:e0:83:2e:67:a4:b5:ab:d9:19:a2:6a:b6:f9:1f:
98:df:a8:32:77:db:7a:e5:e5:d3:f4:8e:c4:0d:04:
6e:98:06:a8:98:78:e4:2d:d8:75:71:2d:b5:38:55:
05:2e:6c:aa:b6:0e:93:02:0c:97:c2:7a:dc:47:4c:
b5:5b:51:af:fc:4d:4b:f0:e7:8a:f7:3a:dd:14:d7:
e4:82:74:61:e1:c2:1c:18:d3:ad:08:1b:6d:33:35:
ef:b7:a0:e7:15:63:7c:1f:e3:14:40:59:3c:55:25:
e4:99:4a:20:a0:1c:ac:cd:29:50:a0:f9:9a:80:31:
31:71:1a:76:79:29:51:cc:62:57:99:e4:c7:37:67:
22:e9:72:1d:0e:ec:e5:72:07:b9:3a:84:36:25:10:
4e:d1:90:a6:87:f9:56:9a:c6:73:8e:1c:74:17:ab:
4f:a3:22:cf:9e:7b:b4:df:66:60:74:73:5e:99:68:
cc:9b:ed:20:3e:89:eb:d2:a0:57:52:ff:7c:be:19:
df:75:97:53:2f:5f:45:34:05:8b:fb:00:b5:fc:ff:
28:56:bd:ed:8b:37:52:4e:47:57:90:59:76:80:d2:
42:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A0:86:A8:03:08:6B:77:63:95:34:AA:DB:DD:36:34:CD:EB:69:B3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/37372e3233372e3233322e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.237.232.0/21
Signature Algorithm: sha256WithRSAEncryption
97:fb:7a:cf:4c:ab:8f:e7:4f:95:85:ff:8c:aa:f1:04:b7:01:
27:f9:9e:40:36:35:67:25:34:75:36:d4:4f:1a:b5:84:b6:47:
47:28:2b:dd:cf:1e:ab:be:ab:ba:e1:38:36:16:e3:0d:74:3b:
6d:7c:90:99:5c:5a:c2:cb:3f:00:ee:5e:64:aa:4a:af:a1:7f:
df:4b:a8:a0:06:63:4a:48:2f:73:c0:af:91:67:3a:41:54:36:
bd:b0:46:9c:03:c1:d6:42:3d:0b:23:61:ef:a2:29:cd:31:f0:
ee:69:3e:23:ae:59:24:fb:cf:6b:92:46:92:1d:3a:41:19:a0:
7a:89:2e:f3:b2:9d:44:85:1c:bf:c2:e3:48:8c:6b:ee:95:ec:
7e:7a:e8:94:7f:c2:59:73:69:99:ba:e3:13:f3:b4:7c:bc:34:
9f:6d:c9:46:78:d7:45:bf:a1:53:3f:d9:d7:6c:ff:82:74:37:
aa:04:98:ea:f5:99:d0:e9:7b:4b:c7:a4:e6:d5:f6:9e:45:a0:
2b:92:ee:ec:c0:be:7e:03:54:7c:04:a9:3a:b8:b5:5c:a2:10:
90:8c:89:af:55:54:ac:eb:e2:30:d2:7d:7e:a6:17:90:86:c4:
43:2e:41:ae:87:1d:c8:dd:07:6e:17:ec:21:95:e8:f2:8e:cf:
8b:7e:67:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc5XrJFVzjgTEVz58LBS88t1LIz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAzMTEwNzQwNTJaFw0yNjAzMTAwNzQ1NTJaMDMxMTAvBgNV
BAMTKDkwQTA4NkE4MDMwODZCNzc2Mzk1MzRBQURCREQzNjM0Q0RFQjY5QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDocb0lrVWaOO5nsNxXxkveM8RZ
o1Sas7t+X0oKwH7ggy5npLWr2Rmiarb5H5jfqDJ323rl5dP0jsQNBG6YBqiYeOQt
2HVxLbU4VQUubKq2DpMCDJfCetxHTLVbUa/8TUvw54r3Ot0U1+SCdGHhwhwY060I
G20zNe+3oOcVY3wf4xRAWTxVJeSZSiCgHKzNKVCg+ZqAMTFxGnZ5KVHMYleZ5Mc3
ZyLpch0O7OVyB7k6hDYlEE7RkKaH+VaaxnOOHHQXq0+jIs+ee7TfZmB0c16ZaMyb
7SA+ievSoFdS/3y+Gd91l1MvX0U0BYv7ALX8/yhWve2LN1JOR1eQWXaA0kIJAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkKCGqAMIa3djlTSq2902NM3rabMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzczNzJlMzIzMzM3MmUzMjMz
MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD
Te3oMA0GCSqGSIb3DQEBCwUAA4IBAQCX+3rPTKuP50+Vhf+MqvEEtwEn+Z5ANjVn
JTR1NtRPGrWEtkdHKCvdzx6rvqu64Tg2FuMNdDttfJCZXFrCyz8A7l5kqkqvoX/f
S6igBmNKSC9zwK+RZzpBVDa9sEacA8HWQj0LI2HvoinNMfDuaT4jrlkk+89rkkaS
HTpBGaB6iS7zsp1EhRy/wuNIjGvulex+euiUf8JZc2mZuuMT87R8vDSfbclGeNdF
v6FTP9nXbP+CdDeqBJjq9ZnQ6XtLx6Tm1faeRaArku7swL5+A1R8BKk6uLVcohCQ
jImvVVSs6+Iw0n1+pheQhsRDLkGuhx3I3QduF+whlejyjs+Lfmfe
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:05:01 2025 by rpki-client