Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa
File: 38362e34382e382e302f32342d3234203d3e20313337343039.roa (raw, json)
Hash identifier: MG1tqvl0hsMxLzq+QelgLM74I6IIEUzgxzH5coJ6yco=
Subject key identifier: A0:F3:54:BD:75:14:C4:D0:E4:FD:3F:43:29:BA:ED:D8:55:49:08:9B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6301F72FE34DF2DBBBBDA6BA8797BFAA8D645A19
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa
Signing time: Mon 27 Jan 2025 09:45:07 +0000
ROA not before: Mon 27 Jan 2025 09:40:07 +0000
ROA not after: Mon 26 Jan 2026 09:45:07 +0000
asID: 137409
IP address blocks: 86.48.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:01:f7:2f:e3:4d:f2:db:bb:bd:a6:ba:87:97:bf:aa:8d:64:5a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:07 2025 GMT
Not After : Jan 26 09:45:07 2026 GMT
Subject: CN=A0F354BD7514C4D0E4FD3F4329BAEDD85549089B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e5:60:a9:08:25:78:0e:96:6f:f6:3b:22:a7:
d1:5b:2d:f8:44:d4:b1:f3:2c:4a:b0:a0:fb:67:16:
0c:4e:84:90:9d:8f:21:d4:73:a1:0e:97:68:aa:54:
69:89:d7:da:8e:11:26:df:ca:f9:e9:c3:4d:e5:24:
54:0d:14:b2:64:f2:43:58:df:62:f7:76:e0:d1:79:
63:29:ed:67:ef:90:3e:b0:df:ba:c5:a7:ea:9e:c2:
58:22:24:5a:43:51:42:28:a1:72:7e:39:d9:19:58:
2f:f0:3e:04:1c:6d:7d:cd:0c:9c:ea:e9:78:b8:b1:
32:a4:ab:ab:4d:64:00:3c:c5:52:f8:53:ad:49:7e:
1d:c9:c9:64:ec:1f:cb:a2:78:fa:f2:3f:ca:69:70:
20:fc:5a:5d:df:b9:04:be:d0:6c:6a:c3:74:0e:d1:
43:62:92:fa:9a:fe:b4:ea:6b:83:b9:53:9e:33:d7:
62:22:10:4b:54:fc:25:19:97:95:23:67:0a:64:08:
8f:b4:4e:78:18:aa:67:b1:29:52:d1:b0:9b:b8:5d:
2c:a0:60:38:d7:90:07:10:fd:23:98:3c:94:ca:17:
bd:64:51:dc:0e:00:be:e3:35:63:8d:a7:6c:19:05:
02:cb:eb:59:25:ac:b6:87:1c:9a:d6:da:54:65:23:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:F3:54:BD:75:14:C4:D0:E4:FD:3F:43:29:BA:ED:D8:55:49:08:9B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.48.8.0/24
Signature Algorithm: sha256WithRSAEncryption
06:41:c7:3e:cc:dd:73:04:b2:58:61:8d:c8:5f:df:ca:77:56:
07:6b:0b:da:8b:98:76:89:fd:1d:5a:1e:4f:49:68:99:0d:ce:
f8:be:70:88:bf:5f:55:82:14:ac:45:f8:72:53:b7:fc:a8:82:
e5:f7:1b:94:ce:ab:b2:df:24:5a:0e:5d:0c:0c:fb:d9:a3:8f:
de:91:f5:50:b4:58:c6:29:07:85:4f:28:ff:49:71:21:03:e9:
df:05:d0:cc:7b:de:fa:ae:a3:96:e7:96:ea:56:4f:15:78:42:
61:59:63:8e:c4:14:70:47:9f:a2:00:d0:1b:df:1c:d7:7a:cf:
fe:0b:25:99:67:f1:73:d1:8f:b2:b0:bd:e3:82:14:60:7a:90:
cc:3a:48:75:70:e0:44:23:da:ff:6f:4e:1d:e4:e6:08:b3:9d:
8a:ae:30:43:05:d2:60:79:eb:6b:01:dc:e5:d7:1f:e5:60:f7:
03:f0:ee:d9:67:38:21:56:32:bf:37:e6:1b:5d:04:73:2a:f9:
98:13:fb:b7:02:68:a4:52:cd:6f:ee:24:2f:3b:8f:8b:ee:e7:
06:87:6f:f4:6f:ef:69:55:9e:32:ca:c4:2c:0f:b0:91:dd:74:
d4:dd:ae:9b:84:66:9a:cf:bc:97:36:b1:d0:46:19:0b:73:c0:
87:95:a0:1c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUYwH3L+NN8tu7vaa6h5e/qo1kWhkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDdaFw0yNjAxMjYwOTQ1MDdaMDMxMTAvBgNV
BAMTKEEwRjM1NEJENzUxNEM0RDBFNEZEM0Y0MzI5QkFFREQ4NTU0OTA4OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG5WCpCCV4DpZv9jsip9FbLfhE
1LHzLEqwoPtnFgxOhJCdjyHUc6EOl2iqVGmJ19qOESbfyvnpw03lJFQNFLJk8kNY
32L3duDReWMp7WfvkD6w37rFp+qewlgiJFpDUUIooXJ+OdkZWC/wPgQcbX3NDJzq
6Xi4sTKkq6tNZAA8xVL4U61Jfh3JyWTsH8uiePryP8ppcCD8Wl3fuQS+0Gxqw3QO
0UNikvqa/rTqa4O5U54z12IiEEtU/CUZl5UjZwpkCI+0TngYqmexKVLRsJu4XSyg
YDjXkAcQ/SOYPJTKF71kUdwOAL7jNWONp2wZBQLL61klrLaHHJrW2lRlI73ZAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUoPNUvXUUxNDk/T9DKbrt2FVJCJswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczNDMwMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWMAgw
DQYJKoZIhvcNAQELBQADggEBAAZBxz7M3XMEslhhjchf38p3VgdrC9qLmHaJ/R1a
Hk9JaJkNzvi+cIi/X1WCFKxF+HJTt/yoguX3G5TOq7LfJFoOXQwM+9mjj96R9VC0
WMYpB4VPKP9JcSED6d8F0Mx73vquo5bnlupWTxV4QmFZY47EFHBHn6IA0BvfHNd6
z/4LJZln8XPRj7KwveOCFGB6kMw6SHVw4EQj2v9vTh3k5giznYquMEMF0mB562sB
3OXXH+Vg9wPw7tlnOCFWMr835htdBHMq+ZgT+7cCaKRSzW/uJC87j4vu5waHb/Rv
72lVnjLKxCwPsJHddNTdrpuEZprPvJc2sdBGGQtzwIeVoBw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:08:14 2025 by rpki-client