Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
File: 3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: /IpaeyTauIc37gjMPGJZvsoc8IP4gnC24MFjDasD5Lo=
Subject key identifier: 28:75:ED:64:EC:0A:BB:05:DF:A2:56:86:E5:C1:4A:29:B9:A1:C2:EC
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 4493FDCA6347F0372CBD04FE7E0BE5A0AC7996CA
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
Signing time: Mon 30 Dec 2024 15:41:21 +0000
ROA not before: Mon 30 Dec 2024 15:36:21 +0000
ROA not after: Mon 29 Dec 2025 15:41:21 +0000
asID: 136787
IP address blocks: 185.220.21.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:93:fd:ca:63:47:f0:37:2c:bd:04:fe:7e:0b:e5:a0:ac:79:96:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:21 2024 GMT
Not After : Dec 29 15:41:21 2025 GMT
Subject: CN=2875ED64EC0ABB05DFA25686E5C14A29B9A1C2EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:95:f3:ab:7e:bf:8b:3f:5d:46:b2:94:52:27:
4e:10:4e:8f:c0:b0:bb:1a:b1:7d:c5:62:07:72:a0:
be:25:1e:f7:70:a0:0d:00:82:94:40:7b:16:c8:7c:
be:25:c0:9c:d7:b0:e8:04:97:43:53:2e:d1:11:6c:
6f:81:3b:d1:c7:c8:9b:70:36:7b:08:f8:7e:e8:a9:
bb:33:6e:8d:aa:be:b4:4b:15:13:d5:12:a2:29:a4:
3d:c5:1d:f5:44:ec:f3:f4:f0:36:24:85:d7:ed:23:
54:60:3e:30:20:a6:89:5e:c6:61:37:74:c6:a1:c5:
57:0e:ad:d2:85:e8:01:46:6b:ed:93:46:57:0d:9a:
7d:9c:c5:16:f8:f2:9a:38:b3:df:c0:e9:5b:6b:fc:
fb:cb:4b:98:be:c0:6a:a2:bb:02:c1:67:07:80:71:
ba:27:2e:1a:ee:d0:2f:dc:5a:f4:06:67:ed:b4:69:
76:41:f9:c5:75:d7:56:77:f4:6b:a2:d4:d9:dd:33:
c3:04:52:7f:33:e4:60:97:3d:b3:54:df:c1:52:0c:
79:b3:74:d6:6b:de:ff:72:05:1e:c0:56:84:eb:fa:
1b:bc:30:55:c9:de:e9:7f:1d:40:73:ee:9a:4c:bf:
15:ab:7a:40:8a:6e:1a:15:6f:20:63:9b:32:29:7f:
95:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:75:ED:64:EC:0A:BB:05:DF:A2:56:86:E5:C1:4A:29:B9:A1:C2:EC
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.21.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:25:6a:31:aa:aa:ce:a3:4a:6e:cf:16:f8:56:bd:b9:d0:ab:
89:51:e4:3a:29:a7:20:21:35:da:7f:3a:71:6d:fa:00:d5:5d:
65:5a:a0:b6:a0:1b:15:13:b7:1a:87:a5:6b:91:90:0c:53:82:
03:26:0f:1b:87:20:8f:2d:f2:5b:8a:76:d7:08:dd:90:a7:98:
57:89:20:29:79:1c:39:41:0d:96:ba:ad:ab:7b:de:d1:47:f3:
ea:a5:fb:71:0a:b3:51:a7:49:42:ac:65:e7:a6:0b:4b:48:06:
46:f5:9b:b9:ca:59:d1:62:ed:7e:99:d8:bb:1c:05:71:26:44:
36:94:0e:36:32:88:91:d9:7e:9c:4c:3e:2d:8f:61:05:15:5c:
0d:03:05:e1:a8:d1:33:c7:e2:bb:e3:32:db:9b:83:8a:e3:61:
eb:6d:6c:b1:18:2c:54:6c:e2:6f:7d:1a:4a:6b:c9:54:d8:c6:
78:d7:d9:2b:f5:f1:39:1a:c6:f8:b1:82:20:2c:2f:6a:39:fd:
c0:67:50:7a:13:d1:c1:8d:43:da:11:9e:ac:71:e9:a3:e0:dc:
d7:11:8f:5e:52:7b:8e:e6:da:ba:f1:37:57:12:8f:8b:60:ff:
d7:67:2f:65:9a:e1:b4:75:22:c8:c9:5f:c6:bc:77:7f:82:92:
d6:83:f3:c8
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURJP9ymNH8DcsvQT+fgvloKx5lsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjFaFw0yNTEyMjkxNTQxMjFaMDMxMTAvBgNV
BAMTKDI4NzVFRDY0RUMwQUJCMDVERkEyNTY4NkU1QzE0QTI5QjlBMUMyRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDblfOrfr+LP11GspRSJ04QTo/A
sLsasX3FYgdyoL4lHvdwoA0AgpRAexbIfL4lwJzXsOgEl0NTLtERbG+BO9HHyJtw
NnsI+H7oqbszbo2qvrRLFRPVEqIppD3FHfVE7PP08DYkhdftI1RgPjAgpolexmE3
dMahxVcOrdKF6AFGa+2TRlcNmn2cxRb48po4s9/A6Vtr/PvLS5i+wGqiuwLBZweA
cbonLhru0C/cWvQGZ+20aXZB+cV111Z39Gui1NndM8MEUn8z5GCXPbNU38FSDHmz
dNZr3v9yBR7AVoTr+hu8MFXJ3ul/HUBz7ppMvxWrekCKbhoVbyBjmzIpf5VrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKHXtZOwKuwXfolaG5cFKKbmhwuwwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMyMzAyZTMy
MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53BUwDQYJKoZIhvcNAQELBQADggEBAJ8lajGqqs6jSm7PFvhWvbnQq4lR5Dop
pyAhNdp/OnFt+gDVXWVaoLagGxUTtxqHpWuRkAxTggMmDxuHII8t8luKdtcI3ZCn
mFeJICl5HDlBDZa6rat73tFH8+ql+3EKs1GnSUKsZeemC0tIBkb1m7nKWdFi7X6Z
2LscBXEmRDaUDjYyiJHZfpxMPi2PYQUVXA0DBeGo0TPH4rvjMtubg4rjYettbLEY
LFRs4m99GkpryVTYxnjX2Sv18TkaxvixgiAsL2o5/cBnUHoT0cGNQ9oRnqxx6aPg
3NcRj15Se47m2rrxN1cSj4tg/9dnL2Wa4bR1IsjJX8a8d3+CktaD88g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:37:35 2025 by rpki-client