Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36382e302f32342d3234203d3e20323034313730.roa
File: 3139332e34332e36382e302f32342d3234203d3e20323034313730.roa (raw, json)
Hash identifier: Iou3ymNoioZk5KLyJRuO4RYyXAwEGtjOH7VybP64Gqs=
Subject key identifier: 8C:D2:C5:82:CD:74:82:66:1E:66:7C:CE:4F:B8:E8:07:12:FD:FB:6C
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0DDDF5E8D9D33A3547FDF7B620717CAFD8DD3ABD
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36382e302f32342d3234203d3e20323034313730.roa
Signing time: Mon 27 Jan 2025 09:44:52 +0000
ROA not before: Mon 27 Jan 2025 09:39:52 +0000
ROA not after: Mon 26 Jan 2026 09:44:52 +0000
asID: 204170
IP address blocks: 193.43.68.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:dd:f5:e8:d9:d3:3a:35:47:fd:f7:b6:20:71:7c:af:d8:dd:3a:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:52 2025 GMT
Not After : Jan 26 09:44:52 2026 GMT
Subject: CN=8CD2C582CD7482661E667CCE4FB8E80712FDFB6C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ac:a9:aa:3b:9b:2c:dd:9d:9b:5b:71:74:f0:
63:13:40:97:a0:18:49:e1:9a:3a:7d:c4:18:27:b0:
ff:9d:3f:9c:ea:ce:87:94:62:53:04:d1:e0:9d:43:
e5:a7:34:f3:01:0c:e7:26:a3:15:b1:85:6a:59:29:
0e:74:38:87:84:4a:7e:63:dc:13:a6:9f:ff:ea:5c:
e9:e4:d6:c0:2c:11:73:26:a1:f0:66:14:10:10:f6:
e0:04:83:ec:98:fc:2d:40:2e:12:c4:c5:ec:40:10:
fa:e7:fd:8b:53:5c:ef:61:59:5f:e3:f4:15:62:0c:
f2:73:6c:cc:37:9c:ba:aa:17:2a:05:af:1f:07:19:
17:56:e6:4a:ec:52:f4:8f:b3:40:cd:e7:6c:30:bb:
99:c0:3d:3e:6c:8b:a3:08:80:1c:7b:94:58:0c:ed:
e4:37:ef:65:ca:26:8d:3a:97:76:ff:e7:81:a2:2d:
fb:f3:85:64:6b:e1:51:37:36:87:af:6d:4b:a7:16:
19:c5:24:36:3c:0e:76:b3:b9:88:12:83:43:c5:52:
d9:59:fb:25:81:4f:ac:71:68:c3:61:31:e3:d3:85:
cc:0c:2b:28:f0:b6:92:e9:aa:45:4a:fb:70:b7:de:
07:05:07:ee:18:f9:30:ff:f4:a2:eb:3f:34:68:4d:
ba:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D2:C5:82:CD:74:82:66:1E:66:7C:CE:4F:B8:E8:07:12:FD:FB:6C
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139332e34332e36382e302f32342d3234203d3e20323034313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.68.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:4d:26:20:68:da:84:1b:7f:0a:37:76:3a:52:19:9f:36:45:
b3:1c:b5:57:0f:0d:5d:b6:bd:e9:0e:22:1d:c7:6b:95:2b:74:
8d:c4:0f:cc:66:46:ed:a9:57:2c:51:8f:cb:5b:8a:b8:03:4a:
4a:a6:b1:9e:03:9b:09:e7:60:e5:c9:5d:35:cd:6a:8c:5d:09:
3e:75:6b:14:8b:42:d2:42:8c:fd:4f:4c:95:e0:1f:57:1c:47:
73:a3:0a:31:b2:7d:92:c7:f1:17:ce:be:4e:be:11:13:9b:60:
1b:7c:19:83:f3:cf:a3:b8:8f:38:b3:5f:c6:5c:21:0a:ce:3e:
4e:0c:31:a3:2b:51:ea:c2:c2:6b:fa:3c:82:f4:11:d1:f3:4b:
a3:7e:0d:ed:56:e2:4a:3e:f2:7b:e3:c4:fc:e1:52:53:76:8a:
f7:f2:29:10:9a:8a:3c:08:11:93:54:f5:a0:36:e1:65:f2:b6:
49:44:73:af:93:ae:81:a4:8d:d7:e6:df:05:6b:69:31:37:3e:
f7:d6:04:bd:af:67:1d:55:95:2c:c3:1e:10:fe:b3:6d:33:bf:
e0:92:a3:57:ac:f5:24:63:c6:66:b3:84:a9:53:d9:6e:92:b8:
8a:8f:5c:55:cf:94:75:0c:19:0f:72:ea:0b:60:db:06:d4:ef:
7e:3f:9a:85
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDd316NnTOjVH/fe2IHF8r9jdOr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTJaFw0yNjAxMjYwOTQ0NTJaMDMxMTAvBgNV
BAMTKDhDRDJDNTgyQ0Q3NDgyNjYxRTY2N0NDRTRGQjhFODA3MTJGREZCNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtrKmqO5ss3Z2bW3F08GMTQJeg
GEnhmjp9xBgnsP+dP5zqzoeUYlME0eCdQ+WnNPMBDOcmoxWxhWpZKQ50OIeESn5j
3BOmn//qXOnk1sAsEXMmofBmFBAQ9uAEg+yY/C1ALhLExexAEPrn/YtTXO9hWV/j
9BViDPJzbMw3nLqqFyoFrx8HGRdW5krsUvSPs0DN52wwu5nAPT5si6MIgBx7lFgM
7eQ372XKJo06l3b/54GiLfvzhWRr4VE3NoevbUunFhnFJDY8DnazuYgSg0PFUtlZ
+yWBT6xxaMNhMePThcwMKyjwtpLpqkVK+3C33gcFB+4Y+TD/9KLrPzRoTbrzAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUjNLFgs10gmYeZnzOT7joBxL9+2wwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTMzMmUzNDMzMmUzNjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzEzNzMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wStEMA0GCSqGSIb3DQEBCwUAA4IBAQCyTSYgaNqEG38KN3Y6UhmfNkWzHLVXDw1d
tr3pDiIdx2uVK3SNxA/MZkbtqVcsUY/LW4q4A0pKprGeA5sJ52DlyV01zWqMXQk+
dWsUi0LSQoz9T0yV4B9XHEdzowoxsn2Sx/EXzr5OvhETm2AbfBmD88+juI84s1/G
XCEKzj5ODDGjK1HqwsJr+jyC9BHR80ujfg3tVuJKPvJ748T84VJTdor38ikQmoo8
CBGTVPWgNuFl8rZJRHOvk66BpI3X5t8Fa2kxNz731gS9r2cdVZUswx4Q/rNtM7/g
kqNXrPUkY8Zms4SpU9lukriKj1xVz5R1DBkPcuoLYNsG1O9+P5qF
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:56:36 2025 by rpki-client