Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32312e302f32342d3234203d3e20313336373837.roa
File: 38342e35342e32312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4tNMqSn/eyOmPGivbS1UF8fHwpfeDzd7qGN8UBFbiRc=
Subject key identifier: C4:88:2C:2B:F9:98:24:C7:D2:9C:31:8D:42:A7:87:07:A7:20:A9:EB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 254734DDEF680EB8FBFC11F71DFDE04CE770574B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 15 Dec 2024 18:44:30 +0000
ROA not before: Sun 15 Dec 2024 18:39:30 +0000
ROA not after: Sun 14 Dec 2025 18:44:30 +0000
asID: 136787
IP address blocks: 84.54.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:47:34:dd:ef:68:0e:b8:fb:fc:11:f7:1d:fd:e0:4c:e7:70:57:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 15 18:39:30 2024 GMT
Not After : Dec 14 18:44:30 2025 GMT
Subject: CN=C4882C2BF99824C7D29C318D42A78707A720A9EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2b:91:c2:cd:c1:8c:64:04:37:e0:a0:e5:36:
bf:41:18:40:53:3f:90:8e:7a:40:ee:2c:a7:a3:f4:
29:84:f1:f8:88:54:2a:af:bb:3f:91:07:2d:d4:57:
b8:3b:26:45:ef:63:20:5a:f3:05:93:f4:92:e9:b3:
f4:f5:91:c3:17:2d:cc:8f:09:3a:14:a0:a6:32:83:
53:f5:24:46:99:f2:ce:59:3b:16:99:78:ef:19:f1:
2f:ba:91:2f:57:36:1b:d5:31:12:97:9a:fd:ed:27:
33:ef:9c:91:c2:38:76:ef:a6:85:9b:9c:e8:d7:30:
1c:e2:ca:33:88:13:b6:13:b4:35:11:a2:d0:7e:eb:
10:7b:9d:58:80:0f:ed:ef:a8:69:f4:2e:38:a1:95:
46:60:17:d6:2a:d8:fe:ee:a3:9c:57:1d:45:e4:c3:
ef:85:39:db:36:7a:0a:58:0d:46:0f:f4:45:1e:8d:
ae:d0:6f:fe:9a:2f:55:a5:2f:2b:f5:89:56:1b:e8:
c2:34:9e:b2:4b:ce:79:81:9e:80:1d:f3:f9:1c:4d:
8e:9b:38:c5:2e:b7:db:96:30:bd:83:0f:d4:2f:60:
7b:ac:21:bb:8b:03:cc:c7:cc:62:7a:06:d2:40:b4:
72:f1:30:b3:ec:17:64:b7:55:f8:ab:0e:f5:29:e5:
3f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:88:2C:2B:F9:98:24:C7:D2:9C:31:8D:42:A7:87:07:A7:20:A9:EB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.21.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:72:f3:92:ea:85:be:38:da:f1:72:e8:29:6b:eb:61:99:cb:
97:fd:6e:15:47:cc:b8:51:68:80:b0:7b:83:a8:b5:25:a5:be:
56:22:cc:08:43:31:9a:42:b7:93:6a:58:ea:8a:fc:0a:de:70:
e0:c8:db:d7:f2:44:92:b1:e7:5d:69:0e:66:69:50:17:43:d8:
72:25:12:1c:74:ae:82:22:d5:60:c0:fc:13:cf:48:68:bd:47:
cb:e3:89:74:17:fa:f1:13:40:d2:fd:74:ec:23:30:01:64:39:
08:d5:1b:a0:cd:56:80:c6:7c:7d:46:48:b7:4d:4f:62:ad:5e:
6e:57:9d:1b:a2:5a:a1:81:6a:4d:72:b3:18:39:65:fd:fe:6e:
73:a4:1a:1d:53:44:74:08:d7:f2:c4:33:c9:19:7e:22:89:93:
08:c3:e8:42:52:d1:4d:7b:a7:7e:18:49:cc:d3:06:87:60:f8:
95:9d:56:95:94:b7:30:66:00:92:64:13:5e:24:f4:5d:5e:36:
10:35:32:af:72:81:23:e8:d1:5b:fd:23:93:8e:29:f8:a3:f9:
87:42:ef:43:3e:2a:c1:b3:96:19:54:02:f2:0c:11:fc:dd:30:
53:ba:9e:1c:ea:ea:db:63:75:e3:de:67:06:6b:d0:b9:7d:fa:
a7:84:e5:a7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUJUc03e9oDrj7/BH3Hf3gTOdwV0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMTUxODM5MzBaFw0yNTEyMTQxODQ0MzBaMDMxMTAvBgNV
BAMTKEM0ODgyQzJCRjk5ODI0QzdEMjlDMzE4RDQyQTc4NzA3QTcyMEE5RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCK5HCzcGMZAQ34KDlNr9BGEBT
P5COekDuLKej9CmE8fiIVCqvuz+RBy3UV7g7JkXvYyBa8wWT9JLps/T1kcMXLcyP
CToUoKYyg1P1JEaZ8s5ZOxaZeO8Z8S+6kS9XNhvVMRKXmv3tJzPvnJHCOHbvpoWb
nOjXMBziyjOIE7YTtDURotB+6xB7nViAD+3vqGn0LjihlUZgF9Yq2P7uo5xXHUXk
w++FOds2egpYDUYP9EUeja7Qb/6aL1WlLyv1iVYb6MI0nrJLznmBnoAd8/kcTY6b
OMUut9uWML2DD9QvYHusIbuLA8zHzGJ6BtJAtHLxMLPsF2S3VfirDvUp5T/zAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUxIgsK/mYJMfSnDGNQqeHB6cgqeswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzUzNDJlMzIzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQ2
FTANBgkqhkiG9w0BAQsFAAOCAQEALHLzkuqFvjja8XLoKWvrYZnLl/1uFUfMuFFo
gLB7g6i1JaW+ViLMCEMxmkK3k2pY6or8Ct5w4Mjb1/JEkrHnXWkOZmlQF0PYciUS
HHSugiLVYMD8E89IaL1Hy+OJdBf68RNA0v107CMwAWQ5CNUboM1WgMZ8fUZIt01P
Yq1ebledG6JaoYFqTXKzGDll/f5uc6QaHVNEdAjX8sQzyRl+IomTCMPoQlLRTXun
fhhJzNMGh2D4lZ1WlZS3MGYAkmQTXiT0XV42EDUyr3KBI+jRW/0jk44p+KP5h0Lv
Qz4qwbOWGVQC8gwR/N0wU7qeHOrq22N1495nBmvQuX36p4Tlpw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:08:12 2025 by rpki-client