Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232392e3131322e302f32332d3234203d3e203437353833.roa
File: 3138352e3232392e3131322e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier: Cbpyf/fwNwezowxfoVw1Ue27bxj6TJTgJgLoOibdXeU=
Subject key identifier: 1D:83:12:30:00:6F:7D:CE:0B:72:39:D2:83:0A:7B:CB:E6:EA:E4:AF
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1AEB0937E070C4996CB9BC0A15CD99B8A91F34A5
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232392e3131322e302f32332d3234203d3e203437353833.roa
Signing time: Mon 30 Dec 2024 15:41:24 +0000
ROA not before: Mon 30 Dec 2024 15:36:24 +0000
ROA not after: Mon 29 Dec 2025 15:41:24 +0000
asID: 47583
IP address blocks: 185.229.112.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:eb:09:37:e0:70:c4:99:6c:b9:bc:0a:15:cd:99:b8:a9:1f:34:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Dec 30 15:36:24 2024 GMT
Not After : Dec 29 15:41:24 2025 GMT
Subject: CN=1D831230006F7DCE0B7239D2830A7BCBE6EAE4AF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:70:91:90:23:21:0a:e3:b7:c2:ed:d2:17:de:
7e:1e:a4:3d:a2:a1:c7:fb:c2:73:62:35:d4:8a:fd:
f3:1e:30:f2:40:0c:8b:a9:03:3a:92:64:06:e1:c7:
aa:1e:e2:dc:bf:01:74:ed:1b:05:5d:58:9e:f7:29:
a3:32:a4:df:20:1b:7c:8e:d9:d1:99:1c:ce:5b:ce:
67:4b:aa:f1:a5:56:e6:47:1c:2e:b9:52:96:7e:1c:
08:ec:b3:26:1c:84:47:fa:5a:d3:15:67:5b:d3:e0:
d0:ab:f1:89:e4:ad:80:d0:17:34:09:e7:85:08:1c:
36:27:3a:0e:5b:7f:a6:d1:f1:e5:7d:08:73:97:78:
19:8e:77:c0:db:98:cd:86:3b:da:be:c1:e7:3d:bf:
bd:5b:45:a5:27:86:10:37:d1:c8:bc:9b:67:64:e7:
08:c2:ca:b2:0f:fd:a2:9f:46:16:5c:c4:29:31:bf:
4a:67:ad:71:33:8b:c5:ef:d7:46:9b:35:99:69:5e:
f9:9d:9b:aa:b3:24:f6:cb:5b:24:92:d0:ef:84:bf:
cc:48:64:e4:89:fa:b4:91:ea:28:1b:9a:68:0d:40:
7e:29:d0:6e:70:23:40:62:ca:02:d9:85:54:94:10:
3e:9a:10:47:a8:f5:b9:9d:a2:70:5e:5d:f2:73:ed:
ae:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:83:12:30:00:6F:7D:CE:0B:72:39:D2:83:0A:7B:CB:E6:EA:E4:AF
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232392e3131322e302f32332d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.112.0/23
Signature Algorithm: sha256WithRSAEncryption
85:ab:89:f7:e4:fa:03:20:f8:36:0b:2e:22:c6:e3:b3:d2:68:
d2:e5:90:cf:91:71:fd:ad:01:13:08:1a:e8:5f:86:b7:fe:25:
46:c1:85:f2:64:88:d2:1d:35:4f:01:b5:68:00:7f:aa:9e:ee:
08:40:a8:56:65:95:2a:7c:7a:65:5b:6d:5d:c5:11:33:c7:fb:
02:35:dc:c8:e3:78:37:f5:e3:cf:dd:05:b0:83:76:dc:cf:28:
a9:1a:a8:fb:65:eb:f1:ba:ed:6f:c3:ea:60:47:54:32:2a:5a:
3d:a2:47:e5:40:c7:55:83:0e:8e:e8:53:94:b7:a5:cc:cc:8b:
10:35:f0:53:75:5f:8c:38:df:6e:e2:a3:9f:1e:b3:12:6c:00:
60:e6:26:59:63:b2:ac:43:b6:fb:26:25:a0:b5:47:51:d8:23:
2f:9c:40:63:74:23:13:12:85:1e:f4:ea:cb:f7:9d:94:35:27:
a1:0d:4c:b8:77:07:61:08:4e:a0:43:9a:7f:5a:de:7d:6b:3f:
12:b1:ba:4b:25:15:37:88:b5:d3:9d:7f:28:a8:ea:6a:59:62:
fa:9d:98:63:82:c1:bd:63:04:4e:f0:8d:e7:73:ad:ea:04:3b:
c6:3e:c2:25:a6:23:a4:69:0c:f1:1f:8f:4d:88:8b:66:c5:a0:
e3:fb:ac:3a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGusJN+BwxJlsubwKFc2ZuKkfNKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNDEyMzAxNTM2MjRaFw0yNTEyMjkxNTQxMjRaMDMxMTAvBgNV
BAMTKDFEODMxMjMwMDA2RjdEQ0UwQjcyMzlEMjgzMEE3QkNCRTZFQUU0QUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0cJGQIyEK47fC7dIX3n4epD2i
ocf7wnNiNdSK/fMeMPJADIupAzqSZAbhx6oe4ty/AXTtGwVdWJ73KaMypN8gG3yO
2dGZHM5bzmdLqvGlVuZHHC65UpZ+HAjssyYchEf6WtMVZ1vT4NCr8YnkrYDQFzQJ
54UIHDYnOg5bf6bR8eV9CHOXeBmOd8DbmM2GO9q+wec9v71bRaUnhhA30ci8m2dk
5wjCyrIP/aKfRhZcxCkxv0pnrXEzi8Xv10abNZlpXvmdm6qzJPbLWySS0O+Ev8xI
ZOSJ+rSR6igbmmgNQH4p0G5wI0BiygLZhVSUED6aEEeo9bmdonBeXfJz7a7/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHYMSMABvfc4LcjnSgwp7y+bq5K8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMyMzkyZTMx
MzEzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG55XAwDQYJKoZIhvcNAQELBQADggEBAIWriffk+gMg+DYLLiLG47PSaNLlkM+R
cf2tARMIGuhfhrf+JUbBhfJkiNIdNU8BtWgAf6qe7ghAqFZllSp8emVbbV3FETPH
+wI13MjjeDf148/dBbCDdtzPKKkaqPtl6/G67W/D6mBHVDIqWj2iR+VAx1WDDo7o
U5S3pczMixA18FN1X4w4327io58esxJsAGDmJlljsqxDtvsmJaC1R1HYIy+cQGN0
IxMShR706sv3nZQ1J6ENTLh3B2EITqBDmn9a3n1rPxKxukslFTeItdOdfyio6mpZ
YvqdmGOCwb1jBE7wjedzreoEO8Y+wiWmI6RpDPEfj02Ii2bFoOP7rDo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:46:55 2025 by rpki-client