Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203230343733.roa
File: 38352e3230392e3232382e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: LvALS0QzJUIn2y2aM1WJBNeefzd38B8yBzedKpN4nB8=
Subject key identifier: 7E:FC:F3:22:3C:C0:9C:18:2C:21:FE:51:41:C4:9A:FF:A6:E6:5F:6F
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 0D37D11A0621D8DEF1542B64629EACD494C2EA9A
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203230343733.roa
Signing time: Mon 07 Apr 2025 13:13:04 +0000
ROA not before: Mon 07 Apr 2025 13:08:04 +0000
ROA not after: Mon 06 Apr 2026 13:13:04 +0000
asID: 20473
IP address blocks: 85.209.228.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:37:d1:1a:06:21:d8:de:f1:54:2b:64:62:9e:ac:d4:94:c2:ea:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 7 13:08:04 2025 GMT
Not After : Apr 6 13:13:04 2026 GMT
Subject: CN=7EFCF3223CC09C182C21FE5141C49AFFA6E65F6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:1d:33:68:ce:dd:a0:0a:6b:42:55:04:43:
4e:f6:a9:05:a4:36:17:b2:43:19:ec:ff:10:bb:55:
41:ee:f0:4a:4c:d5:04:ce:9c:db:54:a8:be:54:70:
dc:59:ec:ce:a8:35:4a:e5:68:bf:fb:f4:5f:f6:bd:
7f:1c:4d:54:bf:11:43:bf:45:f4:e6:73:5d:a3:36:
a5:7f:a6:a1:28:ca:86:8c:60:34:c8:b5:29:9d:65:
3e:ba:48:de:ea:03:2a:ef:e0:ab:0d:1a:08:06:a4:
56:17:8e:6f:f5:66:3b:fd:86:39:a2:9e:29:5b:35:
40:06:a0:a9:e0:8e:b7:22:b4:91:bd:de:d4:31:f3:
0f:0c:fa:d0:e5:8a:e7:e9:3a:11:8e:62:44:b7:ad:
b2:af:03:80:e1:c1:ac:7d:c2:c5:07:22:23:f3:a0:
18:71:32:6e:d2:c2:63:84:3c:cd:f1:84:4d:c3:c1:
1f:06:c1:88:06:90:8f:fe:83:fa:4f:11:48:ac:6f:
dc:a2:e9:ec:42:ad:da:4f:74:d4:73:73:63:bd:76:
4f:85:5c:80:a5:98:9c:94:33:df:e6:cd:f1:99:30:
e7:50:02:09:c1:cd:50:59:dc:5c:f3:69:ec:27:fc:
c9:f1:78:68:78:1a:9f:d0:ca:5c:92:f3:7b:6c:7f:
f0:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:FC:F3:22:3C:C0:9C:18:2C:21:FE:51:41:C4:9A:FF:A6:E6:5F:6F
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232382e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.228.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ca:96:89:4b:82:71:cb:7d:20:3c:0a:9d:6a:eb:b8:2a:92:
ce:f0:f1:f3:1f:8b:b6:83:30:8e:7c:36:c5:38:5e:a4:f7:e6:
70:ba:36:c9:14:df:1e:0c:40:cc:51:ab:fe:23:b5:06:d8:91:
5e:a4:bf:74:3b:5a:be:3c:3b:78:71:86:22:e8:38:a7:ef:bb:
94:24:5f:86:b0:27:18:2a:ef:62:4a:84:a4:bf:68:3c:66:8c:
b7:e3:0c:26:73:d3:3a:3a:53:83:ab:46:67:7f:51:cf:a3:b9:
e8:58:97:b9:fb:bc:13:e9:04:a6:2a:a5:2a:ac:44:f5:59:0d:
d6:77:08:09:90:f6:c7:eb:98:86:2f:76:9e:53:85:ed:1f:0c:
5d:f3:c0:c6:c9:b1:12:14:78:24:7c:61:b8:0b:4a:52:e9:0a:
56:36:9f:59:76:7d:9d:18:6d:b4:94:73:ef:0e:f2:fc:5f:2c:
74:49:77:7f:66:62:82:91:94:a3:76:e7:1f:2f:e8:55:8e:a2:
37:37:3c:63:43:ec:3d:b5:6e:f9:03:5e:45:2b:65:4c:be:35:
5c:0a:f2:84:2d:bc:fa:4f:63:1f:a3:ed:68:01:fb:2e:26:2d:
12:a1:4a:d3:31:5d:32:fb:00:ea:7e:71:a1:8b:b7:a2:4e:a1:
00:56:f3:45
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDTfRGgYh2N7xVCtkYp6s1JTC6powDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MDcxMzA4MDRaFw0yNjA0MDYxMzEzMDRaMDMxMTAvBgNV
BAMTKDdFRkNGMzIyM0NDMDlDMTgyQzIxRkU1MTQxQzQ5QUZGQTZFNjVGNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm2x0zaM7doAprQlUEQ072qQWk
NheyQxns/xC7VUHu8EpM1QTOnNtUqL5UcNxZ7M6oNUrlaL/79F/2vX8cTVS/EUO/
RfTmc12jNqV/pqEoyoaMYDTItSmdZT66SN7qAyrv4KsNGggGpFYXjm/1Zjv9hjmi
nilbNUAGoKngjrcitJG93tQx8w8M+tDliufpOhGOYkS3rbKvA4Dhwax9wsUHIiPz
oBhxMm7SwmOEPM3xhE3DwR8GwYgGkI/+g/pPEUisb9yi6exCrdpPdNRzc2O9dk+F
XIClmJyUM9/mzfGZMOdQAgnBzVBZ3Fzzaewn/MnxeGh4Gp/QylyS83tsf/B5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfvzzIjzAnBgsIf5RQcSa/6bmX28wHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
VdHkMA0GCSqGSIb3DQEBCwUAA4IBAQAkypaJS4Jxy30gPAqdauu4KpLO8PHzH4u2
gzCOfDbFOF6k9+ZwujbJFN8eDEDMUav+I7UG2JFepL90O1q+PDt4cYYi6Din77uU
JF+GsCcYKu9iSoSkv2g8Zoy34wwmc9M6OlODq0Znf1HPo7noWJe5+7wT6QSmKqUq
rET1WQ3WdwgJkPbH65iGL3aeU4XtHwxd88DGybESFHgkfGG4C0pS6QpWNp9Zdn2d
GG20lHPvDvL8Xyx0SXd/ZmKCkZSjducfL+hVjqI3NzxjQ+w9tW75A15FK2VMvjVc
CvKELbz6T2Mfo+1oAfsuJi0SoUrTMV0y+wDqfnGhi7eiTqEAVvNF
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:23 2025 by rpki-client on console.sobornost.net