Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134382e302f32342d3332203d3e20313336373837.roa
File: 38322e3138302e3134382e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: 2Qb9vTehAuqyGO26i3x+UcpJdnvNz15RWItSV/xI6ZY=
Subject key identifier: FE:CA:15:55:3D:21:88:51:E9:28:0B:4C:90:73:C0:06:96:EF:6E:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4D3B7099CCA91391FCFB305AB5917E782A801E4F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134382e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:04 +0000
ROA not before: Mon 27 Jan 2025 09:40:04 +0000
ROA not after: Mon 26 Jan 2026 09:45:04 +0000
asID: 136787
IP address blocks: 82.180.148.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:3b:70:99:cc:a9:13:91:fc:fb:30:5a:b5:91:7e:78:2a:80:1e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:04 2025 GMT
Not After : Jan 26 09:45:04 2026 GMT
Subject: CN=FECA15553D218851E9280B4C9073C00696EF6E51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4d:8d:1b:bb:c9:ae:e5:5a:83:09:34:72:19:
ee:6e:82:94:2e:02:70:15:ba:e5:b4:91:09:2e:10:
c0:0c:2d:ad:c0:2d:96:65:27:c5:0e:53:27:d1:ce:
a1:ca:85:58:54:62:3d:5b:60:4d:34:70:20:a6:d1:
aa:ce:3d:fd:64:65:7d:91:2d:35:dc:3c:32:47:85:
58:bb:b6:37:96:5e:53:56:48:a4:38:ec:1a:c7:94:
2c:c3:11:2d:7d:ce:38:ad:26:48:e3:f4:6a:5e:f1:
0b:4b:19:97:6b:e3:c1:e2:72:0f:40:dc:9b:24:89:
9f:29:e0:24:0a:6c:d6:4e:73:b4:33:74:e4:85:f2:
42:4c:0e:dc:40:37:cc:24:25:c2:d3:d9:da:85:d4:
f2:72:b9:05:b0:72:26:05:7e:10:db:ea:20:60:cd:
5e:74:a4:0e:31:db:69:d2:67:ab:ed:b9:85:88:74:
12:1f:34:16:29:aa:70:44:40:3d:dd:71:a1:aa:b0:
b9:6c:54:e2:72:58:a4:50:33:d4:7b:32:f8:72:3a:
3b:1a:2c:28:13:15:14:fb:a6:41:42:db:05:2c:44:
ea:2f:39:d3:17:a1:bf:aa:d8:b0:4a:b8:5e:e9:8b:
83:db:ac:4e:cb:ca:31:d4:55:2e:90:98:36:85:96:
26:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:CA:15:55:3D:21:88:51:E9:28:0B:4C:90:73:C0:06:96:EF:6E:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3134382e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.180.148.0/24
Signature Algorithm: sha256WithRSAEncryption
69:39:19:10:a2:b9:04:8c:6a:56:b3:89:ca:8c:f6:b4:23:84:
61:97:97:a9:83:c5:f7:ee:d9:dc:a3:43:1c:61:3c:fb:00:98:
9d:80:7e:0a:03:a9:a6:26:83:87:35:33:db:23:ee:93:4c:bb:
c2:cf:da:aa:39:b0:1c:24:9b:4d:c4:8e:03:bf:ed:1e:c0:f1:
94:da:3b:a9:43:b4:bf:b8:88:a2:87:86:fb:03:cd:c1:85:46:
26:22:6a:5b:3c:eb:29:db:13:1e:f5:1d:18:1c:58:54:ef:36:
67:b1:c3:9f:fa:e7:26:6b:aa:84:50:0d:2a:3a:49:23:89:ef:
f6:26:35:8f:42:d3:29:aa:dd:cb:dd:28:9a:c3:a1:0c:e9:75:
59:42:5e:43:e6:9e:22:a7:d7:86:45:5c:6f:20:f2:b4:3e:e8:
c9:1a:ea:4c:4d:93:2b:87:db:41:93:be:35:4e:f9:5b:00:93:
30:fb:55:de:08:40:05:58:d5:50:26:76:40:df:e6:b0:87:c9:
63:f3:20:0e:f5:14:19:ca:31:04:4d:eb:6d:de:fe:85:57:78:
c0:cd:da:80:3f:57:1f:df:3d:50:71:0d:94:bd:e2:90:6c:58:
34:ef:f5:73:62:2c:39:9b:7b:c6:8b:a0:56:7d:4a:31:15:5e:
93:c8:4b:65
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTTtwmcypE5H8+zBatZF+eCqAHk8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDRaFw0yNjAxMjYwOTQ1MDRaMDMxMTAvBgNV
BAMTKEZFQ0ExNTU1M0QyMTg4NTFFOTI4MEI0QzkwNzNDMDA2OTZFRjZFNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqTY0bu8mu5VqDCTRyGe5ugpQu
AnAVuuW0kQkuEMAMLa3ALZZlJ8UOUyfRzqHKhVhUYj1bYE00cCCm0arOPf1kZX2R
LTXcPDJHhVi7tjeWXlNWSKQ47BrHlCzDES19zjitJkjj9Gpe8QtLGZdr48Hicg9A
3JskiZ8p4CQKbNZOc7QzdOSF8kJMDtxAN8wkJcLT2dqF1PJyuQWwciYFfhDb6iBg
zV50pA4x22nSZ6vtuYWIdBIfNBYpqnBEQD3dcaGqsLlsVOJyWKRQM9R7MvhyOjsa
LCgTFRT7pkFC2wUsROovOdMXob+q2LBKuF7pi4PbrE7LyjHUVS6QmDaFlibVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/soVVT0hiFHpKAtMkHPABpbvblEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM0
MzgyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABStJQwDQYJKoZIhvcNAQELBQADggEBAGk5GRCiuQSMalazicqM9rQjhGGXl6mD
xffu2dyjQxxhPPsAmJ2AfgoDqaYmg4c1M9sj7pNMu8LP2qo5sBwkm03EjgO/7R7A
8ZTaO6lDtL+4iKKHhvsDzcGFRiYials86ynbEx71HRgcWFTvNmexw5/65yZrqoRQ
DSo6SSOJ7/YmNY9C0ymq3cvdKJrDoQzpdVlCXkPmniKn14ZFXG8g8rQ+6Mka6kxN
kyuH20GTvjVO+VsAkzD7Vd4IQAVY1VAmdkDf5rCHyWPzIA71FBnKMQRN623e/oVX
eMDN2oA/Vx/fPVBxDZS94pBsWDTv9XNiLDmbe8aLoFZ9SjEVXpPIS2U=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:14:09 2025 by rpki-client