Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
File: 38352e3139302e3235342e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: s2+O+ckWdYAIH3CPWUhBkX4FcibOOSdCgCG0TSZUgmc=
Subject key identifier: 6C:91:62:47:69:63:BB:69:57:D7:6D:98:2D:67:CD:30:46:EE:2B:68
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 10D55630341DAA7F4A91E51A55A7D46CEF41F742
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:56 +0000
ROA not before: Mon 27 Jan 2025 09:39:56 +0000
ROA not after: Mon 26 Jan 2026 09:44:56 +0000
asID: 51167
IP address blocks: 85.190.254.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d5:56:30:34:1d:aa:7f:4a:91:e5:1a:55:a7:d4:6c:ef:41:f7:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:56 2025 GMT
Not After : Jan 26 09:44:56 2026 GMT
Subject: CN=6C9162476963BB6957D76D982D67CD3046EE2B68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:72:05:7f:bf:7e:a5:0c:94:4b:eb:66:d1:48:
b7:e4:e5:11:69:56:eb:2d:12:30:ec:32:85:e4:5f:
67:6d:74:cb:36:74:b1:ab:e0:f4:0a:df:61:2f:b9:
2d:1c:15:a6:25:8a:8f:43:cf:44:6d:d4:20:10:0e:
d1:05:dc:95:f9:77:50:9d:96:5a:a2:90:3c:10:16:
fe:05:3a:a9:96:68:7f:4b:90:1a:98:5e:92:5e:85:
fb:4f:55:4b:ae:51:22:b7:bd:bb:1c:74:53:92:df:
52:a4:d7:88:ca:81:f7:a3:2f:59:61:76:00:69:ac:
2f:e3:01:5c:36:52:e6:52:1b:0c:3c:53:8d:4f:a4:
7b:b4:92:7b:da:ac:49:0d:ca:58:40:2e:cf:f8:c5:
f5:5d:c9:1b:4c:14:08:f1:63:b3:e7:7e:52:65:27:
64:0b:19:1e:18:f0:84:38:57:1a:3c:db:28:51:db:
71:f2:92:b0:b1:c1:a8:4b:40:a0:79:6c:5c:ef:a6:
f2:db:0e:c2:4e:c6:c5:c9:3e:61:ca:d0:d2:dc:92:
a4:e0:a1:a4:3b:5b:ba:7d:85:0f:98:8b:e7:48:9f:
64:36:63:e5:2a:e5:cf:bf:fe:7d:bc:4e:79:cf:d8:
6d:92:af:2c:83:09:eb:f3:16:7e:35:86:d8:1d:cc:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:91:62:47:69:63:BB:69:57:D7:6D:98:2D:67:CD:30:46:EE:2B:68
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.254.0/24
Signature Algorithm: sha256WithRSAEncryption
97:1b:84:3b:5a:91:c4:71:9b:52:15:1e:97:38:61:fd:a8:0c:
60:02:d7:9c:0b:10:9f:73:c7:c8:07:dc:80:01:db:0d:4b:cd:
51:9a:d5:b3:72:77:4a:8b:52:fc:6d:ce:e0:9c:31:08:28:95:
0a:f6:08:eb:c8:ac:3f:98:bd:d1:22:b6:60:5a:8d:c4:82:24:
34:1a:34:37:3f:38:80:ff:51:50:77:12:e1:6b:07:80:c0:e0:
9a:43:32:f0:4c:11:45:b1:45:82:5f:4f:ff:5c:ab:93:a5:9e:
07:f7:f0:67:e2:cb:ca:f6:b1:7b:1a:e2:c3:19:a9:f7:a2:24:
cf:94:a4:d8:7e:8a:f0:cb:13:22:60:ce:ed:05:ca:6e:b4:9c:
45:44:db:6b:d0:37:f0:70:39:15:a9:96:cf:a1:1b:bf:54:70:
b6:27:b8:d1:89:74:03:35:7a:8e:79:4c:4d:a9:4f:6d:8a:bc:
ac:b1:af:95:0d:2c:dc:a7:29:31:bc:fd:b3:4e:fe:2c:33:58:
d0:1c:14:de:c2:d5:a7:19:ca:c9:de:a4:a3:af:92:b2:a3:7f:
8d:e6:31:88:1b:cc:ff:5c:2b:ae:2c:99:99:e1:e6:a3:e0:75:
42:89:36:09:a2:6d:f3:28:e9:2c:f8:94:23:06:a4:6b:97:d0:
c6:9d:7f:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUENVWMDQdqn9KkeUaVafUbO9B90IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTZaFw0yNjAxMjYwOTQ0NTZaMDMxMTAvBgNV
BAMTKDZDOTE2MjQ3Njk2M0JCNjk1N0Q3NkQ5ODJENjdDRDMwNDZFRTJCNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqcgV/v36lDJRL62bRSLfk5RFp
VustEjDsMoXkX2dtdMs2dLGr4PQK32EvuS0cFaYlio9Dz0Rt1CAQDtEF3JX5d1Cd
llqikDwQFv4FOqmWaH9LkBqYXpJehftPVUuuUSK3vbscdFOS31Kk14jKgfejL1lh
dgBprC/jAVw2UuZSGww8U41PpHu0knvarEkNylhALs/4xfVdyRtMFAjxY7PnflJl
J2QLGR4Y8IQ4Vxo82yhR23HykrCxwahLQKB5bFzvpvLbDsJOxsXJPmHK0NLckqTg
oaQ7W7p9hQ+Yi+dIn2Q2Y+Uq5c+//n28TnnP2G2SryyDCevzFn41htgdzKUnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbJFiR2lju2lX122YLWfNMEbuK2gwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1
MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Vb7+MA0GCSqGSIb3DQEBCwUAA4IBAQCXG4Q7WpHEcZtSFR6XOGH9qAxgAtecCxCf
c8fIB9yAAdsNS81RmtWzcndKi1L8bc7gnDEIKJUK9gjryKw/mL3RIrZgWo3EgiQ0
GjQ3PziA/1FQdxLhaweAwOCaQzLwTBFFsUWCX0//XKuTpZ4H9/Bn4svK9rF7GuLD
Gan3oiTPlKTYforwyxMiYM7tBcputJxFRNtr0DfwcDkVqZbPoRu/VHC2J7jRiXQD
NXqOeUxNqU9tiryssa+VDSzcpykxvP2zTv4sM1jQHBTewtWnGcrJ3qSjr5Kyo3+N
5jGIG8z/XCuuLJmZ4eaj4HVCiTYJom3zKOks+JQjBqRrl9DGnX9T
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:15:41 2025 by rpki-client