Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132332e302f32342d3234203d3e203632323430.roa
File: 3139342e33352e3132332e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: i7fh65MFHjUiVPjWUB4JAj2Qb0tI3i2+uX7Ah0oiK7U=
Subject key identifier: D8:ED:B4:53:E6:64:7C:1F:AC:F3:DA:C4:9C:75:9A:49:A5:5E:4C:BD
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 6FD8D430E59AA65B539F924DF74CB9D317A5CFF4
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132332e302f32342d3234203d3e203632323430.roa
Signing time: Mon 01 Apr 2024 14:03:23 +0000
ROA not before: Mon 01 Apr 2024 13:58:23 +0000
ROA not after: Mon 31 Mar 2025 14:03:23 +0000
asID: 62240
IP address blocks: 194.35.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:d8:d4:30:e5:9a:a6:5b:53:9f:92:4d:f7:4c:b9:d3:17:a5:cf:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:23 2024 GMT
Not After : Mar 31 14:03:23 2025 GMT
Subject: CN=D8EDB453E6647C1FACF3DAC49C759A49A55E4CBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d8:d0:20:28:ef:53:fa:b8:51:ed:17:c5:9e:
86:40:be:87:57:1b:f4:cc:83:45:3d:56:24:d1:e6:
3c:8d:5f:cc:f2:50:94:51:b1:cd:9a:cc:bd:33:b9:
73:93:1d:e1:9a:73:b0:77:9e:d1:e6:e2:64:ed:67:
0d:22:81:3b:6a:3c:a9:bf:91:d2:c0:15:e1:65:7b:
eb:e6:e8:e5:58:dc:52:da:2d:13:dc:29:88:8f:03:
90:26:e8:fc:90:80:dd:cf:76:dd:45:71:5c:8c:61:
33:eb:22:92:a7:8c:f1:91:18:60:91:d3:08:e3:2b:
56:a0:00:11:4e:88:cf:64:3d:56:4b:05:34:c1:41:
de:bc:43:24:3b:98:38:b8:42:6f:ca:72:a8:36:38:
cb:b3:40:85:8d:5b:b5:dd:09:a3:9e:ab:b3:bb:93:
8a:c2:35:98:04:57:f6:c6:34:50:7e:c3:d3:12:20:
4e:6b:4f:b0:50:ac:a7:e4:f1:0a:81:f9:aa:dd:47:
0e:bf:ae:43:47:73:ae:85:4d:6c:e5:bc:fb:4a:ab:
73:be:bb:e1:14:86:dd:84:aa:ef:1e:65:b2:d3:05:
39:45:c8:00:64:5f:fa:3b:94:61:24:49:dc:a7:40:
18:95:55:a7:7a:ef:e1:2a:46:7b:38:46:49:98:f2:
d8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:ED:B4:53:E6:64:7C:1F:AC:F3:DA:C4:9C:75:9A:49:A5:5E:4C:BD
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3139342e33352e3132332e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.35.123.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ad:77:11:8d:19:55:7d:1f:53:d1:31:06:4b:d2:30:2f:8e:
d9:c3:af:4e:74:2b:e1:ea:ca:93:49:e2:f6:3b:b3:f0:99:5d:
78:3e:25:77:6c:fa:cd:66:ee:c7:3f:32:50:35:b9:d9:ae:90:
98:6b:00:3b:52:7c:ff:0d:6f:aa:ae:a5:82:aa:90:19:05:89:
aa:18:e1:3a:f5:12:b5:6c:1a:a2:00:58:21:21:fb:ad:a4:5c:
c3:eb:f2:a0:96:f2:fe:c4:2b:80:7c:f2:71:3e:65:8d:af:b6:
17:f4:c6:34:ca:eb:53:37:98:e8:3d:a9:7e:c5:29:c3:cf:80:
7c:db:b9:8e:c4:b8:6d:24:63:85:63:8b:98:85:c9:30:1d:61:
44:e4:c3:83:f4:58:7a:6e:7f:7b:1d:cf:a4:38:88:d4:87:d1:
99:1e:05:a3:e9:e2:8a:b8:60:6c:ab:5b:d6:c7:3c:de:46:a6:
a7:4e:e7:ff:82:25:cf:3f:5d:93:e4:10:13:a7:6a:ad:c5:fa:
27:4c:6c:e9:08:3e:9e:1e:b7:29:26:df:ff:5a:f2:c4:de:be:
42:a5:d8:f5:d7:de:86:9a:56:79:80:2f:bd:58:96:2d:2e:45:
6f:47:e4:06:93:b9:5b:42:b2:86:02:96:b3:c7:4d:84:a4:a2:
a2:b1:f6:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUb9jUMOWapltTn5JN90y50xelz/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjNaFw0yNTAzMzExNDAzMjNaMDMxMTAvBgNV
BAMTKEQ4RURCNDUzRTY2NDdDMUZBQ0YzREFDNDlDNzU5QTQ5QTU1RTRDQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq2NAgKO9T+rhR7RfFnoZAvodX
G/TMg0U9ViTR5jyNX8zyUJRRsc2azL0zuXOTHeGac7B3ntHm4mTtZw0igTtqPKm/
kdLAFeFle+vm6OVY3FLaLRPcKYiPA5Am6PyQgN3Pdt1FcVyMYTPrIpKnjPGRGGCR
0wjjK1agABFOiM9kPVZLBTTBQd68QyQ7mDi4Qm/Kcqg2OMuzQIWNW7XdCaOeq7O7
k4rCNZgEV/bGNFB+w9MSIE5rT7BQrKfk8QqB+ardRw6/rkNHc66FTWzlvPtKq3O+
u+EUht2Equ8eZbLTBTlFyABkX/o7lGEkSdynQBiVVad67+EqRns4RkmY8tjRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2O20U+ZkfB+s89rEnHWaSaVeTL0wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzEzOTM0MmUzMzM1MmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
wiN7MA0GCSqGSIb3DQEBCwUAA4IBAQBDrXcRjRlVfR9T0TEGS9IwL47Zw69OdCvh
6sqTSeL2O7PwmV14PiV3bPrNZu7HPzJQNbnZrpCYawA7Unz/DW+qrqWCqpAZBYmq
GOE69RK1bBqiAFghIfutpFzD6/KglvL+xCuAfPJxPmWNr7YX9MY0yutTN5joPal+
xSnDz4B827mOxLhtJGOFY4uYhckwHWFE5MOD9Fh6bn97Hc+kOIjUh9GZHgWj6eKK
uGBsq1vWxzzeRqanTuf/giXPP12T5BATp2qtxfonTGzpCD6eHrcpJt//WvLE3r5C
pdj1196GmlZ5gC+9WJYtLkVvR+QGk7lbQrKGApazx02EpKKisfbH
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:18 2025 by rpki-client