Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235332e302f32342d3234203d3e20323031333431.roa
File: 38352e3139302e3235332e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: GkRkyKYRN4n1QffPTJ5IgGZO9P2b9xfm0kNNTCIpKFc=
Subject key identifier: BD:BB:97:9A:F9:94:E4:9F:73:62:CF:1A:BB:9E:34:C5:F5:F5:EE:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12C394F6B07FB343364F708D09A4255357950744
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235332e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:21 +0000
ROA not before: Mon 27 Jan 2025 09:40:21 +0000
ROA not after: Mon 26 Jan 2026 09:45:21 +0000
asID: 201341
IP address blocks: 85.190.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c3:94:f6:b0:7f:b3:43:36:4f:70:8d:09:a4:25:53:57:95:07:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:21 2025 GMT
Not After : Jan 26 09:45:21 2026 GMT
Subject: CN=BDBB979AF994E49F7362CF1ABB9E34C5F5F5EE7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:57:59:49:b9:ab:05:ad:a8:f6:8c:19:7e:15:
97:df:57:b1:ce:ca:99:31:3a:37:12:6f:d1:fc:21:
6c:24:55:b2:97:01:dd:51:40:0a:38:9f:05:cb:76:
c2:bb:9d:08:a1:ca:fe:b4:fb:0a:cc:74:2b:ab:f4:
f6:7f:7f:dd:1c:4c:ef:64:b3:12:1a:16:cc:05:39:
0f:16:db:f4:00:4d:e9:e6:97:03:98:9f:a0:b3:b3:
4c:a0:57:ce:8b:17:b8:35:78:0b:aa:7c:35:70:6f:
25:a9:ea:d5:91:99:03:26:a6:7a:93:2f:e7:8b:03:
8a:f7:81:ff:71:00:13:d6:f0:ae:62:18:38:0c:8e:
f7:95:6d:36:75:6e:eb:db:96:fc:50:69:56:d1:85:
e6:61:8f:30:dd:ab:34:b0:2c:27:08:b1:90:a7:05:
a4:2a:57:ff:87:31:3a:e6:72:aa:d3:ce:cd:c4:7e:
9e:0f:bd:5c:ef:0b:e2:1a:56:36:a7:74:de:95:3a:
a0:29:5a:4e:59:76:6e:ac:12:45:d7:9b:f8:b4:fb:
b4:12:6a:4c:90:88:31:e7:ba:dc:e4:b4:41:54:41:
fe:92:3d:78:6f:c5:a6:29:ce:d6:02:c3:21:51:72:
03:84:ab:82:d8:c4:c1:45:29:82:0b:a0:62:70:29:
98:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BB:97:9A:F9:94:E4:9F:73:62:CF:1A:BB:9E:34:C5:F5:F5:EE:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235332e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.253.0/24
Signature Algorithm: sha256WithRSAEncryption
56:9a:96:7f:ec:64:e3:92:97:94:df:2e:05:9b:9a:d9:08:ba:
91:d5:6b:5e:08:da:e8:5f:7c:f1:9f:9d:f2:b5:10:f5:bd:a5:
b5:01:2b:f7:71:e8:71:d2:e2:ee:e1:36:78:9b:c1:06:ce:24:
23:74:7f:26:35:5d:29:96:66:cf:71:32:9e:25:4b:d3:17:88:
db:87:dd:2d:9d:da:74:f4:9b:4f:cd:ec:4a:9f:f9:c2:7b:20:
a8:b1:d3:a9:26:71:6d:d0:d3:fb:64:6f:af:26:5e:9c:58:d3:
a2:2a:56:46:2a:90:55:eb:85:1b:a0:88:ef:13:8b:e7:af:5e:
9d:77:b9:8b:d1:f1:43:9f:2f:fb:82:a4:b1:b6:a8:15:8c:e9:
ec:5f:6d:0a:8d:9d:8b:0c:1d:aa:9f:a4:ab:d7:52:ae:1f:c1:
59:e4:2f:56:1f:eb:d7:26:0c:e0:2f:79:30:66:98:98:12:63:
27:67:a0:f7:65:fa:60:ac:41:ef:6f:7f:7b:91:83:87:28:68:
74:09:63:c4:59:3c:47:d0:7d:0f:49:46:bb:93:2c:54:59:f9:
8a:6d:f1:31:52:09:19:1e:c5:f4:71:6e:ba:f4:66:bf:f1:f7:
3c:1c:8d:9c:cb:21:40:43:94:6a:35:f8:a4:5e:0b:c9:67:8b:
6b:e8:38:76
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEsOU9rB/s0M2T3CNCaQlU1eVB0QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjFaFw0yNjAxMjYwOTQ1MjFaMDMxMTAvBgNV
BAMTKEJEQkI5NzlBRjk5NEU0OUY3MzYyQ0YxQUJCOUUzNEM1RjVGNUVFN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmV1lJuasFraj2jBl+FZffV7HO
ypkxOjcSb9H8IWwkVbKXAd1RQAo4nwXLdsK7nQihyv60+wrMdCur9PZ/f90cTO9k
sxIaFswFOQ8W2/QATenmlwOYn6Czs0ygV86LF7g1eAuqfDVwbyWp6tWRmQMmpnqT
L+eLA4r3gf9xABPW8K5iGDgMjveVbTZ1buvblvxQaVbRheZhjzDdqzSwLCcIsZCn
BaQqV/+HMTrmcqrTzs3Efp4PvVzvC+IaVjandN6VOqApWk5Zdm6sEkXXm/i0+7QS
akyQiDHnutzktEFUQf6SPXhvxaYpztYCwyFRcgOEq4LYxMFFKYILoGJwKZipAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUvbuXmvmU5J9zYs8au540xfX17n4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABVvv0wDQYJKoZIhvcNAQELBQADggEBAFaaln/sZOOSl5TfLgWbmtkIupHVa14I
2uhffPGfnfK1EPW9pbUBK/dx6HHS4u7hNnibwQbOJCN0fyY1XSmWZs9xMp4lS9MX
iNuH3S2d2nT0m0/N7Eqf+cJ7IKix06kmcW3Q0/tkb68mXpxY06IqVkYqkFXrhRug
iO8Ti+evXp13uYvR8UOfL/uCpLG2qBWM6exfbQqNnYsMHaqfpKvXUq4fwVnkL1Yf
69cmDOAveTBmmJgSYydnoPdl+mCsQe9vf3uRg4coaHQJY8RZPEfQfQ9JRruTLFRZ
+Ypt8TFSCRkexfRxbrr0Zr/x9zwcjZzLIUBDlGo1+KReC8lni2voOHY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:15:32 2025 by rpki-client