Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3133322e302e302f32342d3234203d3e20313336373837.roa
File: 39312e3133322e302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Gl3casaSbpFlkX+MA+2IUkll67D0JNMcYkLrmpqgzKY=
Subject key identifier: D6:17:6E:F3:F1:84:45:C6:8D:50:10:4C:07:62:36:75:24:3F:A0:8E
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 4C581FF99C7980B47C525CCFFDD9705EAD9400E4
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3133322e302e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 13 Feb 2024 12:54:49 +0000
ROA not before: Tue 13 Feb 2024 12:49:49 +0000
ROA not after: Tue 11 Feb 2025 12:54:49 +0000
asID: 136787
IP address blocks: 91.132.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:58:1f:f9:9c:79:80:b4:7c:52:5c:cf:fd:d9:70:5e:ad:94:00:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Feb 13 12:49:49 2024 GMT
Not After : Feb 11 12:54:49 2025 GMT
Subject: CN=D6176EF3F18445C68D50104C07623675243FA08E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:3c:52:57:1b:4f:47:71:c9:3f:71:5b:bf:37:
c7:e7:96:c8:de:1f:3c:1a:ca:d1:53:6b:01:d0:ba:
49:c3:3d:2f:9b:11:4d:29:53:bc:11:0e:0d:d9:62:
96:62:9f:be:03:a9:57:c1:78:65:5c:28:84:4f:f5:
8c:b7:19:81:fc:66:6e:97:45:67:67:5a:2c:c8:c9:
33:3f:6b:90:1a:55:d9:07:87:96:76:cd:2c:f8:fa:
2c:9b:22:42:96:c6:20:3a:6b:2b:f1:d6:f1:6b:6c:
fb:3d:90:2e:cc:38:5d:18:c0:fe:2f:4d:91:e8:0e:
93:95:64:79:3f:6e:0e:f1:20:c6:e8:3c:86:59:ef:
25:2b:2e:3d:0d:d7:cc:9c:7c:34:ea:2c:7c:28:2b:
3d:3e:5f:48:f0:be:a6:39:89:28:1d:6b:5f:04:31:
b0:92:fd:16:d6:a1:5f:b5:ea:7f:da:c0:cd:55:d7:
04:be:ee:59:39:c0:78:5c:bb:65:58:3f:a1:38:07:
1a:01:52:c4:fd:7e:0a:3b:33:80:df:40:b0:db:f0:
04:66:3e:4d:a9:44:c5:30:00:e2:98:fa:65:32:13:
43:59:86:a9:2e:40:62:9c:17:c1:4d:3a:62:fa:7d:
0e:c9:84:3c:e4:26:47:14:7d:65:7d:57:d0:c5:75:
ef:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:6E:F3:F1:84:45:C6:8D:50:10:4C:07:62:36:75:24:3F:A0:8E
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/39312e3133322e302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.0.0/24
Signature Algorithm: sha256WithRSAEncryption
09:e8:36:3d:ba:c5:f9:c5:9c:eb:33:7b:9d:b3:0b:91:59:f1:
57:19:22:b6:a6:bf:5f:d5:b2:22:f9:a8:09:e9:19:a7:19:8f:
eb:b7:e4:55:42:16:4a:cd:0f:b8:ef:10:57:d1:c5:ce:7a:1f:
cf:d7:57:c6:cc:55:5b:58:e5:06:50:a8:16:0d:fa:d2:49:85:
bc:09:48:fa:96:a9:50:c6:57:71:6e:29:fe:64:c4:b8:e5:ba:
9f:89:2a:04:cb:a8:be:fa:4e:84:f8:2a:bc:4f:28:dd:5c:b5:
10:a4:5b:f3:60:63:8d:2a:a3:57:7c:cb:1c:b4:71:9c:31:25:
65:7d:1f:6c:c0:2b:42:c1:91:74:cd:eb:10:75:76:cb:3e:33:
a2:07:51:13:e1:48:02:bf:e1:e9:a3:7f:a6:21:e8:e8:dc:0d:
5e:d0:b9:1e:05:88:69:7d:42:db:2d:45:ba:d2:3b:90:63:cb:
ff:84:28:37:9b:90:d5:01:32:d7:a1:fa:9f:4c:58:a2:79:d4:
b9:08:99:40:40:77:1e:24:29:b1:ee:0c:1d:f6:9c:e9:cd:fc:
08:32:65:da:58:65:d4:cd:4c:a1:f1:6d:54:56:b9:12:ff:8c:
5a:62:17:45:e6:0f:ff:0b:a2:93:be:89:cc:6b:a2:d4:ed:f8:
4a:25:b0:50
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTFgf+Zx5gLR8UlzP/dlwXq2UAOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDAyMTMxMjQ5NDlaFw0yNTAyMTExMjU0NDlaMDMxMTAvBgNV
BAMTKEQ2MTc2RUYzRjE4NDQ1QzY4RDUwMTA0QzA3NjIzNjc1MjQzRkEwOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0PFJXG09Hcck/cVu/N8fnlsje
HzwaytFTawHQuknDPS+bEU0pU7wRDg3ZYpZin74DqVfBeGVcKIRP9Yy3GYH8Zm6X
RWdnWizIyTM/a5AaVdkHh5Z2zSz4+iybIkKWxiA6ayvx1vFrbPs9kC7MOF0YwP4v
TZHoDpOVZHk/bg7xIMboPIZZ7yUrLj0N18ycfDTqLHwoKz0+X0jwvqY5iSgda18E
MbCS/RbWoV+16n/awM1V1wS+7lk5wHhcu2VYP6E4BxoBUsT9fgo7M4DfQLDb8ARm
Pk2pRMUwAOKY+mUyE0NZhqkuQGKcF8FNOmL6fQ7JhDzkJkcUfWV9V9DFde/1AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU1hdu8/GERcaNUBBMB2I2dSQ/oI4wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzkzMTJlMzEzMzMyMmUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFuE
ADANBgkqhkiG9w0BAQsFAAOCAQEACeg2PbrF+cWc6zN7nbMLkVnxVxkitqa/X9Wy
IvmoCekZpxmP67fkVUIWSs0PuO8QV9HFznofz9dXxsxVW1jlBlCoFg360kmFvAlI
+papUMZXcW4p/mTEuOW6n4kqBMuovvpOhPgqvE8o3Vy1EKRb82BjjSqjV3zLHLRx
nDElZX0fbMArQsGRdM3rEHV2yz4zogdRE+FIAr/h6aN/piHo6NwNXtC5HgWIaX1C
2y1FutI7kGPL/4QoN5uQ1QEy16H6n0xYonnUuQiZQEB3HiQpse4MHfac6c38CDJl
2lhl1M1MofFtVFa5Ev+MWmIXReYP/wuik76JzGui1O34SiWwUA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:04:36 2025 by rpki-client