Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa
File: 38362e34382e31342e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: EfmENHONb1LNY7dr9cDltdQPBfTNfWcJxOSChnzASWs=
Subject key identifier: FA:3E:B0:F1:88:BA:47:85:2D:77:66:F8:41:E8:8C:9C:A4:45:AC:42
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1CE38EEF954D74C2A35538611A7D1DE921170378
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:11 +0000
ROA not before: Mon 27 Jan 2025 09:40:11 +0000
ROA not after: Mon 26 Jan 2026 09:45:11 +0000
asID: 136787
IP address blocks: 86.48.14.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:e3:8e:ef:95:4d:74:c2:a3:55:38:61:1a:7d:1d:e9:21:17:03:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:11 2025 GMT
Not After : Jan 26 09:45:11 2026 GMT
Subject: CN=FA3EB0F188BA47852D7766F841E88C9CA445AC42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9f:f3:40:1c:9a:5f:b7:4d:af:a1:0b:c5:a7:
78:b2:a3:6b:b3:9e:b4:d9:86:23:6c:0f:95:1b:4d:
28:85:4f:0f:b8:c7:0e:47:b7:06:89:fd:be:ef:18:
f6:43:a5:cf:97:02:58:fc:a2:c0:86:7c:cc:e8:fe:
72:84:66:e5:dd:46:1c:22:16:2d:3b:40:49:38:28:
30:31:d9:f4:b8:ee:00:c6:7b:2e:93:47:4f:b4:35:
10:82:bc:b3:a2:c1:91:76:97:e2:a1:98:09:cc:b6:
13:70:a3:1d:d9:1d:c4:8e:b7:87:f2:79:cd:d1:9c:
1d:81:e8:9e:3f:d9:ff:19:f0:dd:33:4e:bf:79:7a:
a5:37:46:0e:bf:f6:d1:19:74:e5:6a:d1:00:b6:94:
ce:d2:0e:a5:02:6d:53:cf:d5:d3:69:e0:f1:7d:e4:
87:76:ad:25:f8:f2:65:ab:40:cd:8d:da:b7:68:4e:
28:00:74:56:fa:b8:be:03:f6:c8:32:e9:58:a4:f2:
ab:f5:9b:c7:fc:48:de:7c:10:13:b2:b8:e3:b0:5a:
67:c1:2d:36:f5:51:30:bd:36:04:2a:39:14:ba:75:
09:8c:1c:97:88:7f:02:5d:11:37:f1:58:9b:eb:96:
82:e8:88:dd:33:30:f6:41:65:f7:5d:8f:dd:f3:d3:
ae:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:3E:B0:F1:88:BA:47:85:2D:77:66:F8:41:E8:8C:9C:A4:45:AC:42
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.14.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:49:9d:5b:9b:c7:e3:c5:b2:09:01:a5:c7:ba:4f:5c:ba:8f:
4f:fe:d4:c2:00:21:e6:df:6b:06:ef:a9:0a:4a:e5:9f:6e:18:
34:4d:94:9a:a5:19:4f:5b:39:91:11:99:b7:f5:b4:a1:13:dc:
ac:0a:39:e1:11:ed:89:5d:35:49:cb:94:7a:24:ec:89:c2:1c:
f9:11:64:3d:96:26:9c:4c:bb:3a:1a:6a:c7:aa:fa:a0:d2:f7:
f3:22:4c:ce:d0:31:96:30:72:0e:ce:af:b3:58:92:7e:81:a6:
8b:75:bd:37:d5:e6:19:44:27:62:e5:de:39:d5:eb:49:b7:75:
da:8c:1f:6e:4f:d2:6f:67:f4:1e:08:72:25:c7:44:83:60:95:
57:ba:3e:74:29:66:31:6e:78:05:a5:03:92:c3:57:e9:72:77:
21:dc:b4:89:ea:3d:94:15:3a:16:31:eb:79:ff:c4:24:05:7b:
7f:9c:e6:15:10:86:e7:62:1f:74:98:fe:ff:be:28:7d:77:b0:
8b:fa:fb:4c:b5:7a:6a:6f:56:8f:d0:60:57:d0:7e:da:40:5d:
8f:dc:ca:45:f8:49:ea:6b:c0:e7:1e:53:61:b2:6a:ed:74:ab:
34:ab:c6:5d:35:c2:d8:57:38:c0:a6:71:10:4c:21:8d:4c:9b:
39:4e:c1:4e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHOOO75VNdMKjVThhGn0d6SEXA3gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTFaFw0yNjAxMjYwOTQ1MTFaMDMxMTAvBgNV
BAMTKEZBM0VCMEYxODhCQTQ3ODUyRDc3NjZGODQxRTg4QzlDQTQ0NUFDNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdn/NAHJpft02voQvFp3iyo2uz
nrTZhiNsD5UbTSiFTw+4xw5HtwaJ/b7vGPZDpc+XAlj8osCGfMzo/nKEZuXdRhwi
Fi07QEk4KDAx2fS47gDGey6TR0+0NRCCvLOiwZF2l+KhmAnMthNwox3ZHcSOt4fy
ec3RnB2B6J4/2f8Z8N0zTr95eqU3Rg6/9tEZdOVq0QC2lM7SDqUCbVPP1dNp4PF9
5Id2rSX48mWrQM2N2rdoTigAdFb6uL4D9sgy6Vik8qv1m8f8SN58EBOyuOOwWmfB
LTb1UTC9NgQqORS6dQmMHJeIfwJdETfxWJvrloLoiN0zMPZBZfddj93z065PAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+j6w8Yi6R4Utd2b4QeiMnKRFrEIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzNDJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFYw
DjANBgkqhkiG9w0BAQsFAAOCAQEATEmdW5vH48WyCQGlx7pPXLqPT/7UwgAh5t9r
Bu+pCkrln24YNE2UmqUZT1s5kRGZt/W0oRPcrAo54RHtiV01ScuUeiTsicIc+RFk
PZYmnEy7Ohpqx6r6oNL38yJMztAxljByDs6vs1iSfoGmi3W9N9XmGUQnYuXeOdXr
Sbd12owfbk/Sb2f0HghyJcdEg2CVV7o+dClmMW54BaUDksNX6XJ3Idy0ieo9lBU6
FjHref/EJAV7f5zmFRCG52IfdJj+/74ofXewi/r7TLV6am9Wj9BgV9B+2kBdj9zK
RfhJ6mvA5x5TYbJq7XSrNKvGXTXC2Fc4wKZxEEwhjUybOU7BTg==
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:22:24 2025 by rpki-client