Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3230392e302f32342d3234203d3e203230343733.roa
File: 3130392e3233342e3230392e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 5ltXnAI+auXP+iY1UW07nURIW4DtE7YMQmHhne0mN1w=
Subject key identifier: 02:24:36:68:68:81:53:9E:F9:35:E7:13:56:34:BD:6D:3E:75:CC:D8
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 67281ACFFC443626ACA008C1E05896F8EA187D71
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3230392e302f32342d3234203d3e203230343733.roa
Signing time: Wed 05 Feb 2025 17:26:13 +0000
ROA not before: Wed 05 Feb 2025 17:21:13 +0000
ROA not after: Wed 04 Feb 2026 17:26:13 +0000
asID: 20473
IP address blocks: 109.234.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:28:1a:cf:fc:44:36:26:ac:a0:08:c1:e0:58:96:f8:ea:18:7d:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Feb 5 17:21:13 2025 GMT
Not After : Feb 4 17:26:13 2026 GMT
Subject: CN=022436686881539EF935E7135634BD6D3E75CCD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ce:8f:11:3e:20:07:58:1a:3b:0a:ea:6d:79:
6f:5b:49:e7:27:37:f9:91:93:d2:d4:94:25:16:9b:
a5:d9:d2:8e:d2:7c:f5:28:3b:65:f8:ff:03:0b:9a:
30:f7:cb:47:c1:30:11:2e:92:ff:0c:5b:f1:59:aa:
23:cb:7e:33:e0:79:89:ee:d8:34:ed:34:a1:2a:40:
66:e3:2f:25:8d:c1:2a:5b:8c:17:20:61:a5:5f:d8:
d4:21:42:6f:d5:89:f5:68:2c:99:d8:3b:2f:f4:a8:
82:6f:af:d5:c9:16:a7:83:8b:71:04:c3:73:d8:f9:
94:ad:4b:89:b6:e1:ad:cf:e6:1e:d9:ea:3e:4e:f1:
16:3f:1c:df:7b:23:74:34:0f:e9:91:17:fe:60:6e:
37:40:fe:7d:69:f2:3f:a8:b4:c0:d3:9d:a2:ed:7f:
e5:d2:0a:4d:8e:dc:6a:df:25:b1:b1:56:f9:39:6c:
ef:cd:16:fe:2e:8f:65:da:a0:78:41:96:f4:d9:ae:
cf:82:31:1e:49:83:2a:f8:db:1c:05:a0:a3:52:72:
ef:d0:92:0e:3c:26:43:97:9e:71:bd:8b:7b:40:51:
c6:ad:de:3e:a6:e8:b2:3a:a4:68:3c:92:3e:8f:d9:
b5:02:3f:51:f2:13:9a:d3:51:e1:4b:a5:bc:ca:4a:
fa:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:24:36:68:68:81:53:9E:F9:35:E7:13:56:34:BD:6D:3E:75:CC:D8
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3230392e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.209.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:fe:3c:17:62:94:43:3a:41:df:55:c6:c9:20:55:eb:26:9d:
5e:88:52:ba:ed:18:ec:9e:c7:d2:02:68:e0:aa:fa:59:0e:a5:
fc:02:e7:88:db:6f:ab:32:e1:28:aa:4c:db:47:4f:30:c2:b4:
1a:83:6c:e2:d6:94:c6:36:8a:7b:fd:2e:da:13:b2:f2:23:38:
a6:b9:82:57:bb:76:23:25:1e:04:2c:7b:3b:fc:6b:2a:78:fb:
89:45:1a:bd:2c:83:a6:af:5e:22:ee:48:6d:ad:7c:91:fc:99:
f5:80:51:2c:87:1d:d1:02:f1:25:d5:45:21:bc:26:ea:61:99:
19:8a:82:c0:76:b3:16:f3:34:d5:d7:a5:70:b2:73:ee:86:4d:
ab:9d:65:5c:00:42:45:25:6d:53:80:8d:a6:f8:85:46:22:e6:
6f:0b:82:bb:3f:99:21:8e:fb:b6:31:35:43:73:73:38:14:20:
3d:12:ec:a2:61:c4:78:18:1b:11:fa:3a:d2:f7:22:2e:4a:0a:
0f:30:bd:84:4a:d7:19:3d:fa:a9:12:51:3c:07:c1:d8:98:fb:
ce:c0:e8:a2:95:41:11:0b:9f:8c:72:27:17:4e:62:6e:53:ed:
73:71:3c:b2:16:b2:ca:0d:f5:84:e5:7d:20:65:db:21:56:a4:
c6:3c:11:7f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZygaz/xENiasoAjB4FiW+OoYfXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAyMDUxNzIxMTNaFw0yNjAyMDQxNzI2MTNaMDMxMTAvBgNV
BAMTKDAyMjQzNjY4Njg4MTUzOUVGOTM1RTcxMzU2MzRCRDZEM0U3NUNDRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVzo8RPiAHWBo7CupteW9bSecn
N/mRk9LUlCUWm6XZ0o7SfPUoO2X4/wMLmjD3y0fBMBEukv8MW/FZqiPLfjPgeYnu
2DTtNKEqQGbjLyWNwSpbjBcgYaVf2NQhQm/VifVoLJnYOy/0qIJvr9XJFqeDi3EE
w3PY+ZStS4m24a3P5h7Z6j5O8RY/HN97I3Q0D+mRF/5gbjdA/n1p8j+otMDTnaLt
f+XSCk2O3GrfJbGxVvk5bO/NFv4uj2XaoHhBlvTZrs+CMR5Jgyr42xwFoKNScu/Q
kg48JkOXnnG9i3tAUcat3j6m6LI6pGg8kj6P2bUCP1HyE5rTUeFLpbzKSvqxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAiQ2aGiBU575NecTVjS9bT51zNgwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABt6tEwDQYJKoZIhvcNAQELBQADggEBAG7+PBdilEM6Qd9VxskgVesmnV6IUrrt
GOyex9ICaOCq+lkOpfwC54jbb6sy4SiqTNtHTzDCtBqDbOLWlMY2inv9LtoTsvIj
OKa5gle7diMlHgQsezv8ayp4+4lFGr0sg6avXiLuSG2tfJH8mfWAUSyHHdEC8SXV
RSG8JuphmRmKgsB2sxbzNNXXpXCyc+6GTaudZVwAQkUlbVOAjab4hUYi5m8Lgrs/
mSGO+7YxNUNzczgUID0S7KJhxHgYGxH6OtL3Ii5KCg8wvYRK1xk9+qkSUTwHwdiY
+87A6KKVQRELn4xyJxdOYm5T7XNxPLIWssoN9YTlfSBl2yFWpMY8EX8=
-----END CERTIFICATE-----
Generated at Wed Apr 2 00:42:35 2025 by rpki-client on console.sobornost.net