Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3235302e36342e302f32312d3332203d3e203531313637.roa
File: 38392e3235302e36342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: SHmagBJbiXgiT/BCwVJ6t0sxvhc20h5RQfrXLlrDf3U=
Subject key identifier: AB:66:03:1A:33:45:B5:0E:06:CB:87:7F:34:B1:D5:E4:72:DA:91:9F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 671533CA8A8F3CF91C96EB8BD6FF52995D486C83
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3235302e36342e302f32312d3332203d3e203531313637.roa
Signing time: Thu 12 Dec 2024 17:17:42 +0000
ROA not before: Thu 12 Dec 2024 17:12:42 +0000
ROA not after: Thu 11 Dec 2025 17:17:42 +0000
asID: 51167
IP address blocks: 89.250.64.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:15:33:ca:8a:8f:3c:f9:1c:96:eb:8b:d6:ff:52:99:5d:48:6c:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 12 17:12:42 2024 GMT
Not After : Dec 11 17:17:42 2025 GMT
Subject: CN=AB66031A3345B50E06CB877F34B1D5E472DA919F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:6a:fe:36:49:a8:dc:f9:21:19:83:41:ca:13:
6b:4f:82:22:94:21:cc:95:c9:a7:06:1f:38:12:6f:
90:60:66:4f:52:fe:c4:52:38:43:80:1f:85:f6:d3:
b2:0c:57:e8:5d:cb:ce:93:ae:8b:ce:10:e3:63:a6:
12:5b:fb:ff:12:41:d4:37:f5:19:d3:4f:2b:8b:86:
d1:fa:c2:4e:32:e9:6b:db:c4:c7:23:0f:de:3f:50:
73:eb:5a:d4:d3:5d:d9:3a:7b:d4:64:ff:b9:51:92:
4e:5a:d8:2a:dc:60:f7:d6:64:e0:d3:eb:78:ff:69:
69:5a:1f:ea:d7:05:08:af:31:62:20:c2:d1:e6:0d:
39:b1:e5:f9:e2:d9:0b:b5:2d:cb:8d:a8:4c:14:ee:
3a:ee:05:a3:b0:43:e9:b9:4f:ea:84:b5:eb:8f:27:
c6:43:36:a7:f6:74:37:75:ef:51:fd:74:de:54:28:
f6:b1:87:30:4a:2f:5d:8c:20:b8:5f:2a:7e:32:6a:
8e:10:41:ae:f1:d7:bf:de:97:82:71:49:92:49:80:
89:fb:f7:fa:c6:da:58:23:90:ac:f2:00:1a:68:02:
cf:d6:05:7a:94:58:60:33:40:ad:77:1f:65:c7:ca:
b1:04:ed:64:65:e6:fc:3f:cb:2d:1c:13:d7:8c:3a:
88:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:66:03:1A:33:45:B5:0E:06:CB:87:7F:34:B1:D5:E4:72:DA:91:9F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38392e3235302e36342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.250.64.0/21
Signature Algorithm: sha256WithRSAEncryption
34:17:ce:bb:94:f9:e8:61:c8:b3:f8:3a:b3:29:3d:e4:76:83:
96:b9:6c:94:14:8a:02:08:7d:07:96:87:7d:32:99:3f:12:01:
54:2e:a2:1b:a0:4a:41:e9:24:7d:f4:22:a8:d4:1e:2a:e8:95:
7f:fe:65:a0:6e:85:af:d1:5f:88:6a:80:16:2c:fb:99:f2:0f:
1b:1a:6f:02:90:1c:77:46:2d:f7:21:3a:8f:59:76:cd:a3:2c:
aa:ae:5b:1c:c6:49:e0:89:69:c3:d0:87:0a:8e:95:97:2f:3d:
f1:6c:de:ea:ec:09:15:72:e5:c1:ed:cf:2a:87:45:b4:c2:c6:
ac:c4:70:30:20:c0:aa:2a:10:15:59:8b:a8:28:7d:01:24:2c:
10:5d:59:16:9e:f1:33:54:bc:97:f0:ea:a2:8f:68:86:a1:dc:
63:9d:b1:ea:7a:4c:68:90:ba:4f:4c:16:e0:0b:e5:cb:77:7a:
c2:2a:3c:e7:84:1a:84:95:4d:cb:61:7e:22:ad:1d:51:a7:78:
7f:0c:e6:f3:5c:14:98:fa:89:b8:b7:71:19:1a:93:30:8e:0d:
50:b2:b5:50:29:c0:eb:f3:21:a4:1c:74:fb:fb:6f:2d:8a:fd:
b7:9a:6e:52:78:6a:18:31:6a:1e:02:5c:1b:2c:29:15:62:29:
30:61:3c:82
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZxUzyoqPPPkcluuL1v9SmV1IbIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMTIxNzEyNDJaFw0yNTEyMTExNzE3NDJaMDMxMTAvBgNV
BAMTKEFCNjYwMzFBMzM0NUI1MEUwNkNCODc3RjM0QjFENUU0NzJEQTkxOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVav42Sajc+SEZg0HKE2tPgiKU
IcyVyacGHzgSb5BgZk9S/sRSOEOAH4X207IMV+hdy86TrovOEONjphJb+/8SQdQ3
9RnTTyuLhtH6wk4y6WvbxMcjD94/UHPrWtTTXdk6e9Rk/7lRkk5a2CrcYPfWZODT
63j/aWlaH+rXBQivMWIgwtHmDTmx5fni2Qu1LcuNqEwU7jruBaOwQ+m5T+qEteuP
J8ZDNqf2dDd171H9dN5UKPaxhzBKL12MILhfKn4yao4QQa7x17/el4JxSZJJgIn7
9/rG2lgjkKzyABpoAs/WBXqUWGAzQK13H2XHyrEE7WRl5vw/yy0cE9eMOoj3AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUq2YDGjNFtQ4Gy4d/NLHV5HLakZ8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzOTJlMzIzNTMwMmUzNjM0
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1n6
QDANBgkqhkiG9w0BAQsFAAOCAQEANBfOu5T56GHIs/g6syk95HaDlrlslBSKAgh9
B5aHfTKZPxIBVC6iG6BKQekkffQiqNQeKuiVf/5loG6Fr9FfiGqAFiz7mfIPGxpv
ApAcd0Yt9yE6j1l2zaMsqq5bHMZJ4Ilpw9CHCo6Vly898Wze6uwJFXLlwe3PKodF
tMLGrMRwMCDAqioQFVmLqCh9ASQsEF1ZFp7xM1S8l/Dqoo9ohqHcY52x6npMaJC6
T0wW4Avly3d6wio854QahJVNy2F+Iq0dUad4fwzm81wUmPqJuLdxGRqTMI4NULK1
UCnA6/MhpBx0+/tvLYr9t5puUnhqGDFqHgJcGywpFWIpMGE8gg==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:04:12 2025 by rpki-client