Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e37322e302f32312d3332203d3e203430303231.roa
File: 38302e3139302e37322e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: H1EuBfBc5qiZtw2z2kWIlqSrg0uQ7NamU7EpSfa6PuI=
Subject key identifier: DA:5C:BC:8A:F5:9F:86:03:01:57:05:7A:BE:9A:2C:FA:6D:72:7B:4A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5147D513B04EA9CC4FA0B79AAEEE7CCC8B682806
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e37322e302f32312d3332203d3e203430303231.roa
Signing time: Tue 18 Feb 2025 10:45:43 +0000
ROA not before: Tue 18 Feb 2025 10:40:43 +0000
ROA not after: Tue 17 Feb 2026 10:45:43 +0000
asID: 40021
IP address blocks: 80.190.72.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:47:d5:13:b0:4e:a9:cc:4f:a0:b7:9a:ae:ee:7c:cc:8b:68:28:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 18 10:40:43 2025 GMT
Not After : Feb 17 10:45:43 2026 GMT
Subject: CN=DA5CBC8AF59F86030157057ABE9A2CFA6D727B4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:38:01:d3:0b:01:b9:4c:96:cb:05:58:cf:81:
47:5c:eb:af:f0:b7:8c:81:c4:0b:1f:90:61:8b:11:
84:01:e1:42:79:e1:ad:fb:c3:d7:11:e3:9f:b8:2a:
95:bc:52:2d:0a:aa:6e:65:be:b3:66:bb:81:43:ed:
27:0e:57:e9:e6:71:0d:c1:83:d5:00:5d:36:2e:68:
47:69:ab:a6:ec:6d:ce:74:f5:6d:b0:5d:5f:26:b2:
4c:4b:ea:1a:58:0e:14:79:a9:25:b3:e6:77:64:35:
a7:d0:6b:45:71:e0:ad:ec:c8:0f:9b:4a:e3:d3:af:
ad:5a:bb:98:4b:6f:2a:8b:84:88:c3:ea:b5:41:20:
8a:c6:09:13:53:b3:12:a4:55:09:db:35:12:62:b1:
2f:3a:5d:97:c1:50:5b:c8:e7:1e:fb:88:76:64:16:
0f:eb:2c:a8:a5:18:83:4e:ff:04:ad:87:55:a5:8f:
11:0d:3a:11:90:df:d0:90:34:b8:58:e9:46:d2:05:
10:6e:b9:f7:bd:f9:66:9e:21:bd:81:f0:ad:7f:f0:
6b:6c:19:d6:2a:b4:11:23:45:1c:00:5b:7d:79:ae:
61:cc:ea:55:43:7c:ae:f1:ce:e8:13:00:57:96:6d:
0c:31:cd:3e:e6:1d:38:46:15:e2:91:74:f3:56:2a:
da:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5C:BC:8A:F5:9F:86:03:01:57:05:7A:BE:9A:2C:FA:6D:72:7B:4A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38302e3139302e37322e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.190.72.0/21
Signature Algorithm: sha256WithRSAEncryption
97:dd:4a:d8:4d:1d:ff:aa:92:89:34:30:61:cb:b7:31:5b:45:
6c:67:e5:24:98:4c:b5:3d:fd:32:c6:4d:46:9e:fc:3d:5e:87:
02:f9:c0:ad:23:79:5e:7c:c0:f6:31:96:94:2d:90:f4:4e:fd:
5e:1f:52:cb:f6:82:79:07:d6:ff:42:a1:c9:a8:55:dc:e8:81:
e9:bc:a9:40:71:7a:73:8c:85:fc:45:fe:5e:d0:39:86:24:eb:
75:8f:2b:a3:a6:2d:26:e3:51:f6:5e:62:79:64:62:1b:f3:a3:
e2:33:25:7b:87:d6:66:32:db:9f:10:f0:dd:ae:2f:bd:f2:0f:
e5:76:64:c1:6f:e5:b3:7c:3e:a8:82:53:64:da:3c:cf:68:fa:
4c:e8:95:6c:8e:8a:57:ec:b1:aa:a7:cd:e8:34:82:10:bb:b3:
dc:64:f8:08:ce:1d:f2:3a:f9:5c:60:73:70:47:1a:87:9d:d4:
07:a4:c3:30:e4:de:90:e4:e0:c2:6b:56:ac:59:20:ed:51:e2:
19:fc:b1:20:e8:5d:8c:2b:9c:32:34:00:e8:8b:90:03:fb:be:
af:a1:f5:a7:bd:8f:14:62:c2:fb:6e:78:84:4d:0f:60:cd:c1:
18:9b:23:cc:4c:6f:06:ba:e1:bb:9b:9e:ba:1e:b1:a1:2a:29:
71:14:d0:18
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUUfVE7BOqcxPoLearu58zItoKAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMTgxMDQwNDNaFw0yNjAyMTcxMDQ1NDNaMDMxMTAvBgNV
BAMTKERBNUNCQzhBRjU5Rjg2MDMwMTU3MDU3QUJFOUEyQ0ZBNkQ3MjdCNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOAHTCwG5TJbLBVjPgUdc66/w
t4yBxAsfkGGLEYQB4UJ54a37w9cR45+4KpW8Ui0Kqm5lvrNmu4FD7ScOV+nmcQ3B
g9UAXTYuaEdpq6bsbc509W2wXV8mskxL6hpYDhR5qSWz5ndkNafQa0Vx4K3syA+b
SuPTr61au5hLbyqLhIjD6rVBIIrGCRNTsxKkVQnbNRJisS86XZfBUFvI5x77iHZk
Fg/rLKilGINO/wSth1WljxENOhGQ39CQNLhY6UbSBRBuufe9+WaeIb2B8K1/8Gts
GdYqtBEjRRwAW315rmHM6lVDfK7xzugTAFeWbQwxzT7mHThGFeKRdPNWKtrdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2ly8ivWfhgMBVwV6vpos+m1ye0owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMDJlMzEzOTMwMmUzNzMy
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzQzMDMwMzIzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1C+
SDANBgkqhkiG9w0BAQsFAAOCAQEAl91K2E0d/6qSiTQwYcu3MVtFbGflJJhMtT39
MsZNRp78PV6HAvnArSN5XnzA9jGWlC2Q9E79Xh9Sy/aCeQfW/0KhyahV3OiB6byp
QHF6c4yF/EX+XtA5hiTrdY8ro6YtJuNR9l5ieWRiG/Oj4jMle4fWZjLbnxDw3a4v
vfIP5XZkwW/ls3w+qIJTZNo8z2j6TOiVbI6KV+yxqqfN6DSCELuz3GT4CM4d8jr5
XGBzcEcah53UB6TDMOTekOTgwmtWrFkg7VHiGfyxIOhdjCucMjQA6IuQA/u+r6H1
p72PFGLC+254hE0PYM3BGJsjzExvBrrhu5ueuh6xoSopcRTQGA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:57:24 2025 by rpki-client