Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3230382e32302e302f32322d3332203d3e203531313637.roa
File: 38322e3230382e32302e302f32322d3332203d3e203531313637.roa (raw, json)
Hash identifier: Hlqjjo57En3n6RbefW1zt7YWaZFqWLpkMbpuXw5vtag=
Subject key identifier: 30:92:05:99:4D:0D:24:78:06:A5:78:90:4C:58:0E:6C:23:00:2D:1E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0BB3E976F7FF26371649E8F6BDE7D1DD396108CF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3230382e32302e302f32322d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:18 +0000
ROA not before: Mon 27 Jan 2025 09:40:18 +0000
ROA not after: Mon 26 Jan 2026 09:45:18 +0000
asID: 51167
IP address blocks: 82.208.20.0/22 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:b3:e9:76:f7:ff:26:37:16:49:e8:f6:bd:e7:d1:dd:39:61:08:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:18 2025 GMT
Not After : Jan 26 09:45:18 2026 GMT
Subject: CN=309205994D0D247806A578904C580E6C23002D1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a6:ad:10:cb:85:f5:3b:50:04:64:7e:b5:6f:
32:e0:cb:98:01:d3:95:49:1b:27:a8:31:56:e7:d2:
fd:6d:3f:3d:13:da:02:24:9d:05:6c:8a:21:bf:64:
2b:bd:d4:9f:c0:ef:fc:d2:30:98:18:5c:fd:73:2b:
24:24:20:29:85:31:15:c8:91:1b:dc:45:3f:47:2f:
a8:e5:ab:61:f6:81:16:7f:a8:f2:dd:18:21:21:a3:
20:f5:42:35:20:62:ac:b4:c1:a2:a8:d5:c1:bc:94:
90:3b:6c:8a:f5:6c:e9:33:a8:e6:3e:16:e8:d2:72:
fb:c0:5a:e3:24:37:d3:80:7e:a2:aa:31:32:c1:7d:
82:64:a8:28:dc:c8:a7:eb:91:4b:01:c7:bd:d1:9a:
9d:df:16:d0:9e:0d:89:1f:32:6f:45:46:27:4d:eb:
56:6f:2f:6a:9d:8c:df:07:46:db:73:0d:52:e6:61:
30:3b:7a:7c:74:a9:68:2e:8f:e0:66:52:f8:36:14:
52:00:24:52:92:95:f0:16:42:46:db:9e:d4:1f:4d:
5b:71:ce:43:88:07:f8:18:cf:21:48:6d:1e:13:38:
1c:e8:e0:71:fe:f5:fc:65:f1:88:23:87:0e:8e:09:
57:ee:d7:95:b1:5d:8f:6d:2b:2c:5e:90:61:99:e5:
6e:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:92:05:99:4D:0D:24:78:06:A5:78:90:4C:58:0E:6C:23:00:2D:1E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3230382e32302e302f32322d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.208.20.0/22
Signature Algorithm: sha256WithRSAEncryption
27:60:71:04:06:aa:0e:ee:dd:9a:20:6e:ec:a7:e4:70:84:04:
aa:51:1b:98:66:a0:b4:98:9f:4e:56:cd:ba:71:d6:d0:e2:e0:
be:5c:34:7c:a0:7f:2a:fa:3f:c2:6b:4a:3c:2e:c2:7b:e3:72:
bb:cc:7d:67:a7:fe:2f:2f:67:20:3a:d3:16:85:60:7b:9f:af:
29:46:74:db:f0:1e:0d:2f:ad:46:b1:25:66:db:ed:0a:8f:74:
68:2d:ec:9b:95:e1:79:f1:3d:1d:14:eb:49:b8:80:42:2c:c4:
59:9f:f2:71:c9:40:e6:fa:35:33:c7:ae:50:f9:38:ee:95:11:
0a:1d:c3:f2:cf:45:b0:c6:e7:c2:93:c9:e5:a6:60:84:c3:80:
5c:94:e3:8e:3b:5f:79:af:0d:3b:f0:41:25:73:cb:b5:c2:17:
24:71:7d:dc:d8:59:f1:71:98:df:df:9c:a1:f6:5a:f0:97:bc:
16:e9:4d:d2:1d:3e:9a:75:5e:de:3e:7c:ee:b0:37:f8:6c:65:
2c:8b:65:b5:22:c8:74:24:aa:48:af:02:b4:bb:e2:9d:e1:c9:
da:67:a6:92:1e:76:1d:9b:4e:52:c0:d5:7b:db:ae:67:64:d3:
44:21:18:4c:39:19:9e:35:39:f4:57:c4:de:f1:b6:ad:af:5c:
18:e3:b4:80
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUC7Ppdvf/JjcWSej2vefR3TlhCM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMThaFw0yNjAxMjYwOTQ1MThaMDMxMTAvBgNV
BAMTKDMwOTIwNTk5NEQwRDI0NzgwNkE1Nzg5MDRDNTgwRTZDMjMwMDJEMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfpq0Qy4X1O1AEZH61bzLgy5gB
05VJGyeoMVbn0v1tPz0T2gIknQVsiiG/ZCu91J/A7/zSMJgYXP1zKyQkICmFMRXI
kRvcRT9HL6jlq2H2gRZ/qPLdGCEhoyD1QjUgYqy0waKo1cG8lJA7bIr1bOkzqOY+
FujScvvAWuMkN9OAfqKqMTLBfYJkqCjcyKfrkUsBx73Rmp3fFtCeDYkfMm9FRidN
61ZvL2qdjN8HRttzDVLmYTA7enx0qWguj+BmUvg2FFIAJFKSlfAWQkbbntQfTVtx
zkOIB/gYzyFIbR4TOBzo4HH+9fxl8Ygjhw6OCVfu15WxXY9tKyxekGGZ5W5BAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUMJIFmU0NJHgGpXiQTFgObCMALR4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzIzMDM4MmUzMjMw
MmUzMDJmMzIzMjJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlLQ
FDANBgkqhkiG9w0BAQsFAAOCAQEAJ2BxBAaqDu7dmiBu7KfkcIQEqlEbmGagtJif
TlbNunHW0OLgvlw0fKB/Kvo/wmtKPC7Ce+Nyu8x9Z6f+Ly9nIDrTFoVge5+vKUZ0
2/AeDS+tRrElZtvtCo90aC3sm5XhefE9HRTrSbiAQizEWZ/ycclA5vo1M8euUPk4
7pURCh3D8s9FsMbnwpPJ5aZghMOAXJTjjjtfea8NO/BBJXPLtcIXJHF93NhZ8XGY
39+cofZa8Je8FulN0h0+mnVe3j587rA3+GxlLItltSLIdCSqSK8CtLvineHJ2mem
kh52HZtOUsDVe9uuZ2TTRCEYTDkZnjU59FfE3vG2ra9cGOO0gA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:27:52 2025 by rpki-client