Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/6/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa (raw, json)
Hash identifier: Mbxh2mz0NTPG3BlmVJTN2hbnmlDxNVrutIkc/JhGBOU=
Subject key identifier: 2D:E0:E5:F8:9A:0C:FB:F1:A9:46:2C:C6:16:2D:3E:DB:41:9C:E4:1B
Certificate issuer: /CN=bb8a2c88c52554d49f6b790137c3bab687b2f956
Certificate serial: 3D37E8A8F40A7764FF834083C61FD8FD7C0091C3
Authority key identifier: BB:8A:2C:88:C5:25:54:D4:9F:6B:79:01:37:C3:BA:B6:87:B2:F9:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4osiMUlVNSfa3kBN8O6toey-VY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/6/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
Signing time: Mon 27 Mar 2023 08:27:24 +0000
ROA not before: Mon 27 Mar 2023 08:22:24 +0000
ROA not after: Mon 25 Mar 2024 08:27:24 +0000
asID: 58212
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:37:e8:a8:f4:0a:77:64:ff:83:40:83:c6:1f:d8:fd:7c:00:91:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8a2c88c52554d49f6b790137c3bab687b2f956
Validity
Not Before: Mar 27 08:22:24 2023 GMT
Not After : Mar 25 08:27:24 2024 GMT
Subject: CN=2DE0E5F89A0CFBF1A9462CC6162D3EDB419CE41B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f1:39:75:ab:8e:dd:8c:60:c1:1c:2a:cf:25:
50:d1:8a:0d:54:1f:53:79:ae:2f:0e:51:82:db:f7:
2a:8f:dc:12:24:57:57:91:d0:a9:89:7e:06:24:c1:
7a:62:dd:7e:72:62:35:fd:bd:29:29:a7:e3:c5:4b:
8e:ca:03:2a:aa:34:bb:b3:77:ca:07:65:cb:78:39:
7e:29:82:19:df:81:7f:98:78:f3:a4:41:a6:3a:84:
15:f5:0a:83:b7:e6:7c:6a:07:0a:3f:cf:1e:19:17:
13:8e:eb:8e:c7:fc:dc:de:85:f8:a5:5a:e7:c6:4c:
67:5c:36:b4:d5:ba:77:d2:7b:ee:77:f1:6a:e8:71:
2f:50:a2:aa:0f:73:58:f1:a4:a9:b6:54:fa:ef:cd:
ea:a8:e4:bb:e2:13:c3:df:47:7d:2e:bc:64:31:58:
24:48:56:c7:fe:10:e1:db:be:f8:e8:d5:d6:2c:39:
9e:56:49:d8:fc:4c:b8:c2:2c:81:9f:f4:53:11:25:
83:79:a5:e8:52:9c:c0:39:7a:95:0c:e9:c6:f7:53:
7d:da:91:e7:2a:d0:f6:8a:9d:98:45:e8:4b:ab:49:
65:ba:eb:b2:0b:6d:a9:83:cf:21:1b:7a:3a:2c:ad:
50:c0:e4:f2:3f:18:a8:d9:2d:18:8c:8e:3d:10:8a:
89:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E0:E5:F8:9A:0C:FB:F1:A9:46:2C:C6:16:2D:3E:DB:41:9C:E4:1B
X509v3 Authority Key Identifier:
keyid:BB:8A:2C:88:C5:25:54:D4:9F:6B:79:01:37:C3:BA:B6:87:B2:F9:56
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/6/BB8A2C88C52554D49F6B790137C3BAB687B2F956.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4osiMUlVNSfa3kBN8O6toey-VY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/6/3138352e3230392e3232302e302f32342d3234203d3e203538323132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
25:2f:d3:e1:7a:4e:be:ac:cf:a2:1f:5c:a9:20:f2:da:74:47:
6d:b5:14:58:e5:a9:33:b3:36:85:b1:37:ed:4b:cc:58:c0:88:
a7:37:f4:2f:e2:5f:1e:13:15:70:33:64:2e:7f:e3:cb:d2:6a:
30:a7:92:35:4f:13:64:16:9f:b9:27:f0:3a:7e:6c:a9:5c:e4:
5a:0e:ec:5e:1e:a2:d6:16:72:f6:78:e8:ce:9d:86:1b:02:35:
1a:5d:51:a9:b3:60:ca:75:e5:de:03:32:da:77:c2:35:b5:a8:
07:72:21:95:28:04:89:e8:63:72:c6:99:02:66:93:26:b6:b6:
98:4d:05:90:e1:51:15:de:4b:8f:82:c4:18:8c:87:a6:c8:8d:
5b:ec:fe:e9:e5:87:eb:42:b2:ff:1c:8f:2b:4c:76:1a:c4:52:
c7:6d:0e:56:cf:97:18:f8:f9:e9:2e:c7:31:53:6a:c6:13:0a:
9f:e8:6d:bf:f3:14:31:19:db:85:1c:ce:a4:89:a3:b0:32:74:
19:93:17:65:af:dd:2b:64:9a:ae:98:e2:5d:fa:3c:f9:86:fb:
92:12:6a:cf:b7:91:b9:1c:aa:2a:16:2b:be:6c:f2:12:97:d5:
b8:b8:b7:1a:39:e2:c8:cb:92:e8:c7:07:a8:a6:05:e7:d9:09:
5d:2e:49:2a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPTfoqPQKd2T/g0CDxh/Y/XwAkcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmI4YTJjODhjNTI1NTRkNDlmNmI3OTAxMzdjM2JhYjY4
N2IyZjk1NjAeFw0yMzAzMjcwODIyMjRaFw0yNDAzMjUwODI3MjRaMDMxMTAvBgNV
BAMTKDJERTBFNUY4OUEwQ0ZCRjFBOTQ2MkNDNjE2MkQzRURCNDE5Q0U0MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM8Tl1q47djGDBHCrPJVDRig1U
H1N5ri8OUYLb9yqP3BIkV1eR0KmJfgYkwXpi3X5yYjX9vSkpp+PFS47KAyqqNLuz
d8oHZct4OX4pghnfgX+YePOkQaY6hBX1CoO35nxqBwo/zx4ZFxOO647H/Nzehfil
WufGTGdcNrTVunfSe+538WrocS9QoqoPc1jxpKm2VPrvzeqo5LviE8PfR30uvGQx
WCRIVsf+EOHbvvjo1dYsOZ5WSdj8TLjCLIGf9FMRJYN5pehSnMA5epUM6cb3U33a
kecq0PaKnZhF6EurSWW667ILbamDzyEbejosrVDA5PI/GKjZLRiMjj0QiomXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULeDl+JoM+/GpRizGFi0+20Gc5BswHwYDVR0j
BBgwFoAUu4osiMUlVNSfa3kBN8O6toey+VYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzYvQkI4QTJDODhDNTI1NTRENDlGNkI3OTAxMzdDM0JBQjY4N0IyRjk1Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3U0b3NpTVVsVk5TZmEza0JOOE82dG9l
eS1WWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzYvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzgzMjMxMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBACUv0+F6Tr6sz6IfXKkg8tp0R221FFjl
qTOzNoWxN+1LzFjAiKc39C/iXx4TFXAzZC5/48vSajCnkjVPE2QWn7kn8Dp+bKlc
5FoO7F4eotYWcvZ46M6dhhsCNRpdUamzYMp15d4DMtp3wjW1qAdyIZUoBInoY3LG
mQJmkya2tphNBZDhURXeS4+CxBiMh6bIjVvs/unlh+tCsv8cjytMdhrEUsdtDlbP
lxj4+ekuxzFTasYTCp/obb/zFDEZ24UczqSJo7AydBmTF2Wv3Stkmq6Y4l36PPmG
+5ISas+3kbkcqioWK75s8hKX1bi4txo54sjLkujHB6imBefZCV0uSSo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:49:41 2025 by rpki-client