Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132312e302f32342d3234203d3e20383334.roa
File: 3231332e3135372e3132312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: KzRDONoUEdWtAmYoE3nM54cz2mZ3OTHGtsETHEM2i5I=
Subject key identifier: BC:7C:D6:51:05:F3:97:D2:98:75:5E:65:FA:3E:AC:F4:0D:53:06:CD
Certificate issuer: /CN=8184669b0189b7fabe05e700325a0d74957beb27
Certificate serial: 3838CC37D235A5B492CC2793666B463B814F4174
Authority key identifier: 81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132312e302f32342d3234203d3e20383334.roa
Signing time: Sun 06 Apr 2025 10:07:45 +0000
ROA not before: Sun 06 Apr 2025 10:02:45 +0000
ROA not after: Sun 05 Apr 2026 10:07:45 +0000
asID: 834
IP address blocks: 213.157.121.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:38:cc:37:d2:35:a5:b4:92:cc:27:93:66:6b:46:3b:81:4f:41:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8184669b0189b7fabe05e700325a0d74957beb27
Validity
Not Before: Apr 6 10:02:45 2025 GMT
Not After : Apr 5 10:07:45 2026 GMT
Subject: CN=BC7CD65105F397D298755E65FA3EACF40D5306CD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:d4:7e:bc:69:cc:17:19:18:5e:f3:8c:20:
1a:9d:b8:6a:2d:67:78:b8:fb:3f:9b:ad:c4:68:9b:
2e:db:86:9f:57:ff:ac:95:e0:e6:e3:d4:c8:ad:08:
25:52:79:24:36:60:ec:fe:57:b8:dc:82:5f:ce:84:
9c:f0:89:16:fd:d7:fc:ca:43:dc:5b:53:43:ac:ca:
b8:94:38:7c:d6:de:f5:e9:ad:99:eb:b0:4c:13:51:
4b:9f:80:22:f5:d2:b3:2b:ed:ba:e5:6b:67:42:99:
dc:3c:70:f7:69:8e:ba:6a:dc:c4:2b:f7:3c:cf:4c:
92:0d:b8:f3:fa:fe:51:6e:ef:05:7a:38:cf:7e:b8:
9e:d5:48:96:01:de:ad:72:e9:0f:9c:19:7b:35:14:
63:9a:0c:c3:cd:dc:7a:72:ce:52:1f:c6:1a:ad:70:
70:4a:91:1b:6b:cf:23:26:33:46:57:f4:06:4f:9c:
89:9c:c3:b5:81:ad:42:6e:a8:3a:dd:ce:6e:0b:ec:
b9:ce:25:e0:d2:67:f7:0b:2a:5e:06:c6:94:a6:2d:
9c:57:80:5a:8d:a9:68:19:80:c9:30:ca:e1:65:10:
4c:b4:33:90:3b:2a:59:ed:6d:08:93:bb:00:66:5e:
dc:65:5a:4e:e5:47:e5:ff:65:a2:74:dd:59:47:93:
2a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:7C:D6:51:05:F3:97:D2:98:75:5E:65:FA:3E:AC:F4:0D:53:06:CD
X509v3 Authority Key Identifier:
keyid:81:84:66:9B:01:89:B7:FA:BE:05:E7:00:32:5A:0D:74:95:7B:EB:27
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/8184669B0189B7FABE05E700325A0D74957BEB27.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYRmmwGJt_q-BecAMloNdJV76yc.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a431e42e-0d7f-44d0-813f-b5e3a2abbe25/0/3231332e3135372e3132312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.157.121.0/24
Signature Algorithm: sha256WithRSAEncryption
57:d9:05:cb:51:49:92:41:b7:21:de:96:8b:8b:2c:40:6a:60:
7c:90:ad:69:b8:0a:c8:42:e2:3b:6e:71:17:54:e5:54:3f:bb:
be:a9:98:b8:47:5f:69:78:d4:cd:bf:fd:df:4c:b5:72:6c:14:
49:34:61:c4:d2:6f:f7:f9:67:ff:59:02:49:aa:3b:70:cb:dd:
9f:49:9d:d0:92:f6:51:18:97:c2:ee:d5:d8:cb:5a:2a:5a:94:
f5:c9:78:3f:d8:c7:6d:77:96:65:64:ab:60:3a:3e:50:c2:24:
ad:cd:fb:8a:7b:b5:59:92:ae:21:cc:ae:e5:f3:d6:91:22:ca:
be:a7:e0:a3:35:02:a8:74:62:16:08:46:11:9b:2b:71:2d:b3:
fd:87:13:16:e3:66:f1:5a:ed:be:b9:b1:09:f1:f3:8c:a0:97:
12:31:25:eb:83:13:d1:1e:f9:f4:c1:78:85:86:19:b1:de:50:
de:e8:bb:5f:a4:cc:75:88:ca:cb:cd:a9:61:e3:87:ee:22:f5:
64:5f:5d:ab:53:3e:43:4d:3c:d2:6b:a8:6d:d6:f7:25:c1:0d:
61:d6:32:43:99:42:b5:0f:aa:23:03:54:d3:b0:37:cf:64:a2:
fc:4c:8b:0c:d5:a1:01:d4:4f:25:f6:ba:ea:c9:b3:3e:b4:99:
1e:7e:0a:cb
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUODjMN9I1pbSSzCeTZmtGO4FPQXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4NDY2OWIwMTg5YjdmYWJlMDVlNzAwMzI1YTBkNzQ5
NTdiZWIyNzAeFw0yNTA0MDYxMDAyNDVaFw0yNjA0MDUxMDA3NDVaMDMxMTAvBgNV
BAMTKEJDN0NENjUxMDVGMzk3RDI5ODc1NUU2NUZBM0VBQ0Y0MEQ1MzA2Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/kNR+vGnMFxkYXvOMIBqduGot
Z3i4+z+brcRomy7bhp9X/6yV4Obj1MitCCVSeSQ2YOz+V7jcgl/OhJzwiRb91/zK
Q9xbU0OsyriUOHzW3vXprZnrsEwTUUufgCL10rMr7brla2dCmdw8cPdpjrpq3MQr
9zzPTJINuPP6/lFu7wV6OM9+uJ7VSJYB3q1y6Q+cGXs1FGOaDMPN3HpyzlIfxhqt
cHBKkRtrzyMmM0ZX9AZPnImcw7WBrUJuqDrdzm4L7LnOJeDSZ/cLKl4GxpSmLZxX
gFqNqWgZgMkwyuFlEEy0M5A7KlntbQiTuwBmXtxlWk7lR+X/ZaJ03VlHkyrDAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUvHzWUQXzl9KYdV5l+j6s9A1TBs0wHwYDVR0j
BBgwFoAUgYRmmwGJt/q+BecAMloNdJV76ycwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUtMGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJi
ZTI1LzAvODE4NDY2OUIwMTg5QjdGQUJFMDVFNzAwMzI1QTBENzQ5NTdCRUIyNy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2dZUm1td0dKdF9xLUJlY0FNbG9OZEpW
NzZ5Yy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTQzMWU0MmUt
MGQ3Zi00NGQwLTgxM2YtYjVlM2EyYWJiZTI1LzAvMzIzMTMzMmUzMTM1MzcyZTMx
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWd
eTANBgkqhkiG9w0BAQsFAAOCAQEAV9kFy1FJkkG3Id6Wi4ssQGpgfJCtabgKyELi
O25xF1TlVD+7vqmYuEdfaXjUzb/930y1cmwUSTRhxNJv9/ln/1kCSao7cMvdn0md
0JL2URiXwu7V2MtaKlqU9cl4P9jHbXeWZWSrYDo+UMIkrc37inu1WZKuIcyu5fPW
kSLKvqfgozUCqHRiFghGEZsrcS2z/YcTFuNm8VrtvrmxCfHzjKCXEjEl64MT0R75
9MF4hYYZsd5Q3ui7X6TMdYjKy82pYeOH7iL1ZF9dq1M+Q0080muobdb3JcENYdYy
Q5lCtQ+qIwNU07A3z2Si/EyLDNWhAdRPJfa66smzPrSZHn4Kyw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:28 2025 by rpki-client on console.sobornost.net