Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20313336373837.roa
File: 38352e3139302e3233382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gHBHPYfEBhNyzzIwtv/qAFcoUaExrK0aL/KTA0MrMTM=
Subject key identifier: D1:50:79:36:B5:7F:CF:70:B1:F8:F7:A2:D5:A6:F8:CE:C0:26:5C:EB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 02A6B95F50190CE9B7EE3FAAD0737585934252C2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:04 +0000
ROA not before: Mon 27 Jan 2025 09:40:04 +0000
ROA not after: Mon 26 Jan 2026 09:45:04 +0000
asID: 136787
IP address blocks: 85.190.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:a6:b9:5f:50:19:0c:e9:b7:ee:3f:aa:d0:73:75:85:93:42:52:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:04 2025 GMT
Not After : Jan 26 09:45:04 2026 GMT
Subject: CN=D1507936B57FCF70B1F8F7A2D5A6F8CEC0265CEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f5:b8:4f:f6:cc:a8:bb:a8:95:d0:3e:17:f4:
a9:93:ef:39:f3:c9:bb:5d:36:7c:0a:f3:89:c9:ad:
35:da:f3:5b:99:e0:67:fc:29:c8:8e:e6:25:56:4c:
d7:ef:69:a6:bc:37:38:b7:8f:b7:4b:d1:cf:2f:03:
b3:5e:a9:ce:11:fd:5a:48:08:98:fb:2c:00:b8:70:
db:49:fe:52:07:f7:81:73:69:ba:6b:8f:dc:66:cd:
ce:9c:61:b7:0e:63:24:54:6c:2d:7d:7c:0f:02:67:
af:a4:92:21:91:ac:8f:e1:88:5c:94:e3:d7:67:6a:
aa:f3:ab:39:37:fa:f0:6f:16:f7:29:02:af:29:ab:
35:8a:fb:98:15:6b:09:d7:86:c8:c6:87:40:38:c4:
5d:72:e7:b1:90:9f:75:a8:b1:06:45:29:64:dc:fb:
06:69:f1:3f:8d:84:c4:c4:4c:24:36:78:14:e7:5f:
7d:39:61:45:ee:b3:33:81:5c:3c:56:15:dc:fc:2a:
35:db:db:24:71:29:a0:35:84:18:c1:7c:9e:fa:9b:
9c:e2:f1:ae:8e:80:98:45:3f:90:a0:98:0f:be:ee:
74:be:f5:af:bb:7f:17:59:de:be:46:d5:94:3c:f1:
6d:f2:78:ac:60:75:38:9b:1d:da:8e:df:99:e2:06:
87:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:50:79:36:B5:7F:CF:70:B1:F8:F7:A2:D5:A6:F8:CE:C0:26:5C:EB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3233382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.238.0/24
Signature Algorithm: sha256WithRSAEncryption
93:06:8c:bf:53:cd:5e:4f:01:b1:fd:0b:aa:7c:1a:e4:7c:a9:
28:af:0c:7d:91:f2:55:07:a8:79:91:d0:82:71:c7:fe:42:fd:
25:c2:63:5a:7e:28:3f:a6:ce:50:9d:7b:5c:b7:af:b6:d5:2f:
44:f1:69:e3:9f:56:cd:b3:68:fd:80:eb:33:c1:55:d3:00:5c:
21:ae:3d:f5:a6:b1:02:2e:f5:7e:7b:36:aa:9f:1c:9f:f0:1e:
3e:f5:12:f5:ff:c9:dd:d1:f4:e7:ba:86:5b:4c:2c:3f:d4:ea:
ac:ce:03:76:25:3a:16:3e:2d:1e:f0:4e:50:4c:be:e6:60:ea:
f8:8e:f8:18:84:fe:0f:59:19:2e:3c:d1:cb:03:ff:a5:d9:66:
09:5b:ea:07:32:79:ee:ad:af:95:b9:35:60:42:c0:3c:a4:f8:
9d:45:3a:a6:72:46:f7:e5:99:91:db:ee:da:2e:25:ce:17:58:
a3:83:d7:8b:43:f6:16:18:a6:82:80:0e:94:7c:29:53:5d:10:
fd:b6:90:d2:b3:48:b5:ae:89:8e:3b:ad:f1:75:7b:57:2d:72:
3e:c1:ba:4f:29:70:d4:1a:da:57:1f:31:a6:8c:91:7a:df:1e:
51:0a:c2:18:54:94:86:17:e3:49:e7:3f:64:98:e6:ed:9e:5a:
32:e0:3e:eb
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAqa5X1AZDOm37j+q0HN1hZNCUsIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDRaFw0yNjAxMjYwOTQ1MDRaMDMxMTAvBgNV
BAMTKEQxNTA3OTM2QjU3RkNGNzBCMUY4RjdBMkQ1QTZGOENFQzAyNjVDRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz9bhP9syou6iV0D4X9KmT7znz
ybtdNnwK84nJrTXa81uZ4Gf8KciO5iVWTNfvaaa8Nzi3j7dL0c8vA7Neqc4R/VpI
CJj7LAC4cNtJ/lIH94Fzabprj9xmzc6cYbcOYyRUbC19fA8CZ6+kkiGRrI/hiFyU
49dnaqrzqzk3+vBvFvcpAq8pqzWK+5gVawnXhsjGh0A4xF1y57GQn3WosQZFKWTc
+wZp8T+NhMTETCQ2eBTnX305YUXuszOBXDxWFdz8KjXb2yRxKaA1hBjBfJ76m5zi
8a6OgJhFP5CgmA++7nS+9a+7fxdZ3r5G1ZQ88W3yeKxgdTibHdqO35niBochAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0VB5NrV/z3Cx+Pei1ab4zsAmXOswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjMz
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvu4wDQYJKoZIhvcNAQELBQADggEBAJMGjL9TzV5PAbH9C6p8GuR8qSivDH2R
8lUHqHmR0IJxx/5C/SXCY1p+KD+mzlCde1y3r7bVL0TxaeOfVs2zaP2A6zPBVdMA
XCGuPfWmsQIu9X57NqqfHJ/wHj71EvX/yd3R9Oe6hltMLD/U6qzOA3YlOhY+LR7w
TlBMvuZg6viO+BiE/g9ZGS480csD/6XZZglb6gcyee6tr5W5NWBCwDyk+J1FOqZy
RvflmZHb7touJc4XWKOD14tD9hYYpoKADpR8KVNdEP22kNKzSLWuiY47rfF1e1ct
cj7Buk8pcNQa2lcfMaaMkXrfHlEKwhhUlIYX40nnP2SY5u2eWjLgPus=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:02:08 2025 by rpki-client