Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
File: 3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: R22pfsqy+lRl5X3jYGodYHR/A49bIJ+kEyN+E4bPpro=
Subject key identifier: ED:00:F6:6C:4D:00:55:E4:CC:D9:36:79:72:AD:BE:62:F8:46:52:4F
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1C7F9D1439153CBAEF8B7C3C67625D409EFD336B
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:35 +0000
ROA not before: Sat 01 Feb 2025 22:40:35 +0000
ROA not after: Sat 31 Jan 2026 22:45:35 +0000
asID: 136787
IP address blocks: 194.156.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7f:9d:14:39:15:3c:ba:ef:8b:7c:3c:67:62:5d:40:9e:fd:33:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Feb 1 22:40:35 2025 GMT
Not After : Jan 31 22:45:35 2026 GMT
Subject: CN=ED00F66C4D0055E4CCD9367972ADBE62F846524F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:60:9a:e0:37:28:bc:aa:27:08:bc:9c:18:
ce:a1:aa:71:c8:b1:28:e5:9a:53:33:a4:e3:6a:88:
27:5b:35:2b:d8:61:20:88:29:4f:21:f9:7a:b0:2d:
ee:55:b6:e0:f3:05:fe:13:1b:1f:55:fc:b7:f2:3a:
fb:70:81:b7:f4:a3:b7:23:b8:2d:a7:2c:41:34:d3:
25:cf:82:ea:f8:cc:5d:c7:95:ba:ef:39:be:df:0c:
bc:4c:14:28:e4:33:02:34:61:cd:75:79:b4:8b:b9:
4c:ea:a4:28:e2:2e:73:8f:f0:39:9f:7b:fd:c8:4d:
f5:55:31:bf:a8:ec:6c:a7:79:f7:00:b0:e9:77:cb:
4e:a1:f8:54:77:08:68:78:b1:da:38:c2:4c:61:d9:
35:98:69:80:ef:f3:23:73:fb:92:94:e4:d0:9c:64:
26:70:5a:a2:c8:e8:57:31:d8:45:b6:74:fd:9d:1d:
e1:13:d5:bf:e4:ab:f5:b3:d9:ef:ad:22:a3:45:4f:
28:2f:ca:43:bb:48:b9:32:9c:bb:b9:51:c2:a2:f6:
f0:9b:0b:33:34:02:a8:b3:5e:20:e5:a5:95:d6:87:
b8:7f:ab:56:b0:6c:3d:7e:be:8e:d4:d8:37:6c:51:
38:28:64:b3:ce:52:a7:31:ca:52:63:c1:34:73:7e:
fd:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:00:F6:6C:4D:00:55:E4:CC:D9:36:79:72:AD:BE:62:F8:46:52:4F
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e3135362e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.137.0/24
Signature Algorithm: sha256WithRSAEncryption
49:20:56:7c:52:29:38:f1:10:c9:13:bd:e3:2d:f9:18:ec:57:
75:c8:05:09:1c:19:cd:8f:b1:b0:7b:34:d6:03:9e:de:4d:5c:
a3:41:8f:cc:cb:e4:a4:68:56:35:e0:d9:98:c4:2b:c1:38:12:
ae:d9:b6:ff:61:21:2f:e4:64:80:54:f6:7b:43:27:5d:7b:14:
96:45:ff:f3:d2:a4:14:66:e8:4b:b7:fb:32:b5:07:aa:e5:3f:
07:7f:49:e8:5e:c1:85:31:c4:8d:68:d6:26:e6:dd:1f:75:fd:
61:5a:01:be:f9:d7:1e:2a:e2:a9:02:44:cf:e0:de:12:ea:b7:
f1:53:68:04:88:9f:db:c0:4b:33:c6:3d:0a:b4:e9:55:f6:70:
66:41:92:68:50:b8:aa:9c:63:c8:98:96:69:9b:9a:c0:dc:11:
44:be:40:1e:d3:04:92:ac:60:b6:ce:57:99:06:77:19:35:3e:
81:d5:81:53:93:87:ec:fd:17:3a:b7:23:e9:a8:e6:35:1a:a8:
92:e2:73:b7:c0:d5:57:f0:41:30:c5:27:87:50:59:34:2c:35:
ac:02:56:61:a9:a0:53:ea:71:a6:54:fb:7a:dc:74:57:b7:09:
5a:5d:8a:be:0a:5a:ac:03:9a:aa:86:d9:90:39:f2:1c:d6:e8:
19:2c:b0:71
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHH+dFDkVPLrvi3w8Z2JdQJ79M2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAyMDEyMjQwMzVaFw0yNjAxMzEyMjQ1MzVaMDMxMTAvBgNV
BAMTKEVEMDBGNjZDNEQwMDU1RTRDQ0Q5MzY3OTcyQURCRTYyRjg0NjUyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QmCa4DcovKonCLycGM6hqnHI
sSjlmlMzpONqiCdbNSvYYSCIKU8h+XqwLe5VtuDzBf4TGx9V/LfyOvtwgbf0o7cj
uC2nLEE00yXPgur4zF3HlbrvOb7fDLxMFCjkMwI0Yc11ebSLuUzqpCjiLnOP8Dmf
e/3ITfVVMb+o7GynefcAsOl3y06h+FR3CGh4sdo4wkxh2TWYaYDv8yNz+5KU5NCc
ZCZwWqLI6Fcx2EW2dP2dHeET1b/kq/Wz2e+tIqNFTygvykO7SLkynLu5UcKi9vCb
CzM0AqizXiDlpZXWh7h/q1awbD1+vo7U2DdsUTgoZLPOUqcxylJjwTRzfv2vAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU7QD2bE0AVeTM2TZ5cq2+YvhGUk8wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMTM1MzYyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMKciTANBgkqhkiG9w0BAQsFAAOCAQEASSBWfFIpOPEQyRO94y35GOxXdcgF
CRwZzY+xsHs01gOe3k1co0GPzMvkpGhWNeDZmMQrwTgSrtm2/2EhL+RkgFT2e0Mn
XXsUlkX/89KkFGboS7f7MrUHquU/B39J6F7BhTHEjWjWJubdH3X9YVoBvvnXHiri
qQJEz+DeEuq38VNoBIif28BLM8Y9CrTpVfZwZkGSaFC4qpxjyJiWaZuawNwRRL5A
HtMEkqxgts5XmQZ3GTU+gdWBU5OH7P0XOrcj6ajmNRqokuJzt8DVV/BBMMUnh1BZ
NCw1rAJWYamgU+pxplT7etx0V7cJWl2KvgparAOaqobZkDnyHNboGSywcQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 22:58:20 2025 by rpki-client