Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e392e302f32342d3332203d3e20313336373837.roa
File: 39342e3134302e392e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: NAWFCAYPKm0Ci0feY2UFlUKx2KV0LYoNQ37LA70n/Gk=
Subject key identifier: A2:F2:7B:A0:0C:E9:55:BE:7A:95:24:4A:8F:9A:1C:D8:5B:DB:57:D6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C12773AD1D3438683D5FBE9A1F0216BE82CE23E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e392e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:15 +0000
ROA not before: Mon 27 Jan 2025 09:40:15 +0000
ROA not after: Mon 26 Jan 2026 09:45:15 +0000
asID: 136787
IP address blocks: 94.140.9.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:12:77:3a:d1:d3:43:86:83:d5:fb:e9:a1:f0:21:6b:e8:2c:e2:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:15 2025 GMT
Not After : Jan 26 09:45:15 2026 GMT
Subject: CN=A2F27BA00CE955BE7A95244A8F9A1CD85BDB57D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f3:1f:e8:c3:d1:9a:fa:cb:40:39:32:14:a2:
d5:13:1e:28:90:21:11:bc:a2:a8:cd:99:c5:7c:29:
ac:7d:9a:f9:16:48:85:71:4b:be:99:62:2b:0f:a5:
fc:09:b4:09:62:e2:a4:17:39:f7:15:19:84:54:99:
3b:b6:7c:24:1f:86:40:c2:8a:68:bf:41:c5:63:8f:
d7:17:69:52:c7:98:a4:c4:89:26:a0:f8:0d:b9:57:
e4:54:b4:03:23:8f:31:fe:db:90:f5:f4:e6:b4:40:
24:cd:39:8f:47:7a:2e:48:02:2e:ec:b1:ac:43:4e:
f1:2a:ac:79:3d:a6:6e:f9:0c:79:3d:88:e8:55:fb:
2b:de:08:30:12:a5:29:d0:91:63:4f:0f:6d:90:20:
85:f7:64:7f:0a:6f:61:05:ac:2e:45:49:6c:8e:04:
72:7a:93:43:88:97:3b:3b:69:76:08:2b:1e:70:68:
da:50:d9:c1:81:0a:46:6d:64:0b:15:02:a0:39:97:
5b:8b:1b:dd:92:58:ae:36:ce:66:01:1b:4d:32:72:
a3:9e:5e:1f:f3:80:13:3d:3a:f1:d7:2d:3d:fd:56:
d1:d4:07:9b:30:f2:e1:22:1e:9a:b7:57:07:4b:4b:
e2:25:8f:8e:ff:3b:fe:b2:dd:f6:06:e0:60:04:4a:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F2:7B:A0:0C:E9:55:BE:7A:95:24:4A:8F:9A:1C:D8:5B:DB:57:D6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/39342e3134302e392e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.140.9.0/24
Signature Algorithm: sha256WithRSAEncryption
42:10:9d:2e:a7:2a:14:99:46:18:f6:89:c5:df:a7:e7:8a:e9:
4c:b2:0d:22:f6:01:4e:5c:bc:a7:93:d9:63:37:f4:3d:5d:e8:
c7:f6:e8:64:bc:fb:fc:b6:32:43:76:33:85:60:68:a4:e7:89:
72:5b:ca:2c:7b:c8:f2:10:7c:7f:b3:be:0f:f8:a6:b5:63:b3:
d4:ba:aa:43:22:b8:a5:10:48:fd:98:ac:e3:b3:56:d9:46:e5:
c9:f0:b9:a4:5f:1e:29:bc:f8:2c:6f:07:de:58:70:cd:6f:d9:
f0:97:cf:e8:b4:a8:2a:f1:83:ce:e5:b4:97:2d:d3:2f:38:0f:
c4:b8:ca:5e:99:c4:7b:1c:44:d1:ca:ac:98:fe:a1:27:f4:6d:
c2:9c:b9:5a:1f:6f:2d:ec:b0:1b:5e:90:ce:7c:44:63:93:eb:
ab:6d:e9:73:60:55:b9:03:e1:58:dc:3e:db:d8:17:eb:92:a8:
13:5b:ae:ac:df:59:2e:05:4c:01:60:ef:9f:2c:63:81:9e:ea:
27:6f:4e:b4:85:28:2d:ba:c5:2a:0d:bb:b3:8a:c9:5c:38:01:
d6:3f:0b:2e:39:0e:99:cf:88:c0:74:93:84:a8:07:ee:cf:1f:
36:3b:22:74:d5:6c:48:42:9d:66:f7:2d:ef:87:fe:cc:10:90:
8a:63:21:83
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPBJ3OtHTQ4aD1fvpofAha+gs4j4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTVaFw0yNjAxMjYwOTQ1MTVaMDMxMTAvBgNV
BAMTKEEyRjI3QkEwMENFOTU1QkU3QTk1MjQ0QThGOUExQ0Q4NUJEQjU3RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ8x/ow9Ga+stAOTIUotUTHiiQ
IRG8oqjNmcV8Kax9mvkWSIVxS76ZYisPpfwJtAli4qQXOfcVGYRUmTu2fCQfhkDC
imi/QcVjj9cXaVLHmKTEiSag+A25V+RUtAMjjzH+25D19Oa0QCTNOY9Hei5IAi7s
saxDTvEqrHk9pm75DHk9iOhV+yveCDASpSnQkWNPD22QIIX3ZH8Kb2EFrC5FSWyO
BHJ6k0OIlzs7aXYIKx5waNpQ2cGBCkZtZAsVAqA5l1uLG92SWK42zmYBG00ycqOe
Xh/zgBM9OvHXLT39VtHUB5sw8uEiHpq3VwdLS+Ilj47/O/6y3fYG4GAESop5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUovJ7oAzpVb56lSRKj5oc2FvbV9YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzkzNDJlMzEzNDMwMmUzOTJl
MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF6M
CTANBgkqhkiG9w0BAQsFAAOCAQEAQhCdLqcqFJlGGPaJxd+n54rpTLINIvYBTly8
p5PZYzf0PV3ox/boZLz7/LYyQ3YzhWBopOeJclvKLHvI8hB8f7O+D/imtWOz1Lqq
QyK4pRBI/Zis47NW2UblyfC5pF8eKbz4LG8H3lhwzW/Z8JfP6LSoKvGDzuW0ly3T
LzgPxLjKXpnEexxE0cqsmP6hJ/Rtwpy5Wh9vLeywG16QznxEY5Prq23pc2BVuQPh
WNw+29gX65KoE1uurN9ZLgVMAWDvnyxjgZ7qJ29OtIUoLbrFKg27s4rJXDgB1j8L
LjkOmc+IwHSThKgH7s8fNjsidNVsSEKdZvct74f+zBCQimMhgw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:08:16 2025 by rpki-client