Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
File: 3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa (raw, json)
Hash identifier: fkThFrWbc2SNg5nWL/DjCmp7efO9LKVSLfyHO63Odeo=
Subject key identifier: 3F:12:1E:BA:A9:4C:36:43:5F:B0:20:88:EF:98:A7:17:33:2E:03:A7
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 43ACE023DF225E0C9EA20F012A66240106B094FC
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
Signing time: Sun 06 Apr 2025 10:08:00 +0000
ROA not before: Sun 06 Apr 2025 10:03:00 +0000
ROA not after: Sun 05 Apr 2026 10:08:00 +0000
asID: 50261
IP address blocks: 213.157.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:ac:e0:23:df:22:5e:0c:9e:a2:0f:01:2a:66:24:01:06:b0:94:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Apr 6 10:03:00 2025 GMT
Not After : Apr 5 10:08:00 2026 GMT
Subject: CN=3F121EBAA94C36435FB02088EF98A717332E03A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d4:b2:02:3a:25:68:98:6f:aa:71:ee:8c:7a:
fd:b5:49:50:90:25:f8:e0:be:ac:79:34:03:4e:5c:
a6:0e:f7:e3:e3:10:bc:79:81:c6:6f:5d:74:71:19:
a8:5d:36:e5:19:f4:d4:6a:bb:70:96:85:0c:a4:dd:
40:8e:e0:d4:50:de:f5:e1:a9:76:02:d5:3f:5f:fe:
ac:79:e8:58:ea:4c:08:bb:41:d4:3c:a1:c7:2f:a3:
91:f8:6a:e5:c4:84:4f:9b:54:d1:81:1c:9b:95:bf:
cc:32:26:38:69:3b:6f:16:0b:89:31:d3:ab:23:18:
3c:4f:9a:ed:f0:64:8b:84:a2:98:4c:f4:8d:ee:80:
35:02:ec:1b:67:f8:bd:23:99:bb:b2:64:78:10:d2:
5a:b6:5a:68:56:9a:ee:1e:32:f3:9a:36:f6:85:df:
3c:7b:2f:69:3b:5c:78:d1:76:18:0a:1a:70:93:18:
b6:87:af:e0:fa:a1:6c:f0:d3:12:f5:cf:86:7b:24:
c9:ca:db:e5:51:fd:72:47:ed:80:c4:39:88:2b:65:
84:be:c0:bf:70:e2:e7:e6:3c:95:58:98:14:8d:a6:
ad:44:f0:a4:86:17:ce:32:9d:79:60:19:f7:23:22:
5a:c1:5c:c5:b1:7d:17:b9:54:17:ed:7e:0c:4a:9e:
8b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:12:1E:BA:A9:4C:36:43:5F:B0:20:88:EF:98:A7:17:33:2E:03:A7
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3130372e302f32342d3234203d3e203530323631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.107.0/24
Signature Algorithm: sha256WithRSAEncryption
22:b0:9b:4f:12:d3:4e:be:ee:fd:a3:0d:83:49:c2:f0:61:d6:
23:7d:50:7e:b8:45:96:d9:df:e7:94:24:f3:10:88:89:f0:3b:
ef:e6:15:6c:a0:2e:a0:aa:fc:45:cd:6a:4d:ea:b3:cd:c2:6a:
c5:03:31:24:3b:91:6c:d0:ac:68:4a:45:92:9b:da:a5:6b:36:
39:72:ed:8c:b4:4b:fc:3d:92:8f:6b:c1:c0:63:3c:4e:f2:d8:
ff:9f:41:a3:51:d3:9b:07:8b:7f:bb:fb:03:e8:80:1b:77:78:
a6:63:7d:31:ab:97:b9:0f:8f:31:5c:cb:c5:f0:ee:85:8a:02:
f2:bf:72:1a:2f:7f:8f:9e:b1:05:55:08:de:7c:40:5e:95:06:
ba:c1:86:42:60:49:b7:c7:d8:c5:27:17:f0:0e:a8:5d:a3:f4:
90:8b:d2:b7:90:86:d5:74:8a:81:05:8d:a1:7e:f7:ae:2d:23:
d2:48:ac:00:b6:7c:13:82:c6:5e:2a:22:f6:46:eb:e5:56:f4:
26:16:4c:4f:9d:78:7c:de:a9:c1:10:b8:48:02:47:67:aa:eb:
ec:16:40:15:47:09:77:09:55:fb:ea:50:6b:10:ea:22:01:16:
e6:bf:5a:79:a2:ae:26:a8:0e:2c:ea:ed:c4:8c:2c:20:ef:f3:
89:71:fb:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQ6zgI98iXgyeog8BKmYkAQawlPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNTA0MDYxMDAzMDBaFw0yNjA0MDUxMDA4MDBaMDMxMTAvBgNV
BAMTKDNGMTIxRUJBQTk0QzM2NDM1RkIwMjA4OEVGOThBNzE3MzMyRTAzQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd1LICOiVomG+qce6Mev21SVCQ
Jfjgvqx5NANOXKYO9+PjELx5gcZvXXRxGahdNuUZ9NRqu3CWhQyk3UCO4NRQ3vXh
qXYC1T9f/qx56FjqTAi7QdQ8occvo5H4auXEhE+bVNGBHJuVv8wyJjhpO28WC4kx
06sjGDxPmu3wZIuEophM9I3ugDUC7Btn+L0jmbuyZHgQ0lq2WmhWmu4eMvOaNvaF
3zx7L2k7XHjRdhgKGnCTGLaHr+D6oWzw0xL1z4Z7JMnK2+VR/XJH7YDEOYgrZYS+
wL9w4ufmPJVYmBSNpq1E8KSGF84ynXlgGfcjIlrBXMWxfRe5VBftfgxKnosjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPxIeuqlMNkNfsCCI75inFzMuA6cwHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzMjM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVnWswDQYJKoZIhvcNAQELBQADggEBACKwm08S006+7v2jDYNJwvBh1iN9UH64
RZbZ3+eUJPMQiInwO+/mFWygLqCq/EXNak3qs83CasUDMSQ7kWzQrGhKRZKb2qVr
Njly7Yy0S/w9ko9rwcBjPE7y2P+fQaNR05sHi3+7+wPogBt3eKZjfTGrl7kPjzFc
y8Xw7oWKAvK/chovf4+esQVVCN58QF6VBrrBhkJgSbfH2MUnF/AOqF2j9JCL0reQ
htV0ioEFjaF+964tI9JIrAC2fBOCxl4qIvZG6+VW9CYWTE+deHzeqcEQuEgCR2eq
6+wWQBVHCXcJVfvqUGsQ6iIBFua/WnmiriaoDizq7cSMLCDv84lx+40=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:28 2025 by rpki-client on console.sobornost.net