Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132322e302f32342d3234203d3e203632323430.roa
File: 3139342e33352e3132322e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: qqAV7+NbwHSZ7z/3JrgEsblwVyrZzn7Rh+99NNI6xTM=
Subject key identifier: F4:7C:2A:F3:C8:1E:1E:FB:D6:72:51:5D:DC:17:42:1E:36:9F:EA:7E
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3511D71F7FF1A9C4178B858B4B7DC82E4ABE26D7
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132322e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:25 +0000
ROA not before: Mon 01 Apr 2024 13:58:24 +0000
ROA not after: Mon 31 Mar 2025 14:03:24 +0000
asID: 62240
IP address blocks: 194.35.122.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:11:d7:1f:7f:f1:a9:c4:17:8b:85:8b:4b:7d:c8:2e:4a:be:26:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:24 2024 GMT
Not After : Mar 31 14:03:24 2025 GMT
Subject: CN=F47C2AF3C81E1EFBD672515DDC17421E369FEA7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ce:e8:87:1d:13:03:2f:09:78:aa:da:55:ee:
d8:ff:4a:0f:26:88:dd:80:1e:19:e6:ec:b7:46:59:
9f:7f:76:54:dd:51:05:eb:94:cf:da:9e:52:08:c5:
60:00:03:4b:cf:12:b3:b3:3e:81:1c:65:4c:78:33:
c5:33:7b:e6:da:69:5c:50:91:fe:b3:f6:ca:5c:c2:
0f:53:28:e8:ec:c5:f8:81:a6:bd:b8:6a:36:2e:c7:
cb:80:a2:c2:ef:77:92:8c:50:1e:52:84:ea:dd:17:
9e:98:e2:19:62:7b:59:4b:72:16:d5:ba:95:ce:11:
05:69:46:df:ef:22:2e:22:be:12:11:6b:64:c1:38:
3b:d7:fd:ff:cd:f3:16:96:d9:d5:82:7b:4a:0b:92:
5c:17:2e:67:1b:d8:0d:03:d7:4b:28:2e:47:8e:27:
27:e3:31:a6:73:c8:85:47:9b:e8:71:86:b5:af:18:
46:58:32:b7:ee:0d:5f:29:9c:53:52:b5:3c:82:da:
60:5f:90:1b:bb:d6:f5:ea:94:cb:75:58:1d:f7:59:
ff:ca:89:bd:e5:2a:7c:e1:4a:e4:3b:ba:82:88:34:
41:9c:dd:ab:83:03:10:aa:3b:1c:f9:86:7a:83:15:
54:56:33:66:f0:3f:06:75:3c:a5:10:87:96:c3:87:
20:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7C:2A:F3:C8:1E:1E:FB:D6:72:51:5D:DC:17:42:1E:36:9F:EA:7E
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132322e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.122.0/24
Signature Algorithm: sha256WithRSAEncryption
49:42:49:37:32:ec:83:c5:27:24:1e:17:18:5d:ee:d9:c8:c4:
4a:45:0a:3b:33:dd:e6:ed:fd:a7:6b:79:fb:78:f5:e9:2e:72:
a5:24:0c:ab:61:2b:41:ef:3b:88:39:99:9f:16:9f:75:e2:da:
bc:24:ab:a2:7b:df:13:f7:d5:c1:dc:42:7d:16:2c:8b:52:4c:
81:56:61:33:20:86:e1:fc:75:77:07:e2:cc:f2:fd:b8:fc:bf:
d1:6a:ad:5d:75:db:84:6c:f8:2f:30:10:24:dd:18:4a:9e:3d:
6a:d9:72:28:ea:69:9c:f0:69:3e:83:37:0b:81:1d:31:71:a0:
cb:30:8d:00:ef:0c:34:29:10:d2:67:7d:fb:05:32:26:6d:a1:
1d:d2:ac:c0:ae:96:e1:fb:34:42:c4:f0:41:6f:fe:f6:99:69:
39:30:18:24:60:59:ec:7d:54:23:ef:92:4b:af:7e:94:4a:86:
36:eb:eb:29:e0:9b:a7:72:82:4a:40:64:c1:29:db:58:9d:00:
43:9e:be:10:f5:df:2c:e1:4a:cd:7b:3f:f2:2d:6c:67:84:d4:
b2:c5:0c:26:f6:3d:13:fc:51:cf:39:25:a4:19:34:67:80:01:
90:5c:af:51:08:d8:c1:9b:ed:c8:03:91:ea:10:8f:ee:9f:98:
95:98:e9:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNRHXH3/xqcQXi4WLS33ILkq+JtcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjRaFw0yNTAzMzExNDAzMjRaMDMxMTAvBgNV
BAMTKEY0N0MyQUYzQzgxRTFFRkJENjcyNTE1RERDMTc0MjFFMzY5RkVBN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRzuiHHRMDLwl4qtpV7tj/Sg8m
iN2AHhnm7LdGWZ9/dlTdUQXrlM/anlIIxWAAA0vPErOzPoEcZUx4M8Uze+baaVxQ
kf6z9spcwg9TKOjsxfiBpr24ajYux8uAosLvd5KMUB5ShOrdF56Y4hlie1lLchbV
upXOEQVpRt/vIi4ivhIRa2TBODvX/f/N8xaW2dWCe0oLklwXLmcb2A0D10soLkeO
JyfjMaZzyIVHm+hxhrWvGEZYMrfuDV8pnFNStTyC2mBfkBu71vXqlMt1WB33Wf/K
ib3lKnzhSuQ7uoKINEGc3auDAxCqOxz5hnqDFVRWM2bwPwZ1PKUQh5bDhyA7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU9Hwq88geHvvWclFd3BdCHjaf6n4wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMzM1MmUzMTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiN6MA0GCSqGSIb3DQEBCwUAA4IBAQBJQkk3MuyDxSckHhcYXe7ZyMRKRQo7M93m
7f2na3n7ePXpLnKlJAyrYStB7zuIOZmfFp914tq8JKuie98T99XB3EJ9FiyLUkyB
VmEzIIbh/HV3B+LM8v24/L/Raq1ddduEbPgvMBAk3RhKnj1q2XIo6mmc8Gk+gzcL
gR0xcaDLMI0A7ww0KRDSZ337BTImbaEd0qzArpbh+zRCxPBBb/72mWk5MBgkYFns
fVQj75JLr36USoY26+sp4JuncoJKQGTBKdtYnQBDnr4Q9d8s4UrNez/yLWxnhNSy
xQwm9j0T/FHPOSWkGTRngAGQXK9RCNjBm+3IA5HqEI/un5iVmOnT
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:16 2025 by rpki-client