Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3234322e302f32342d3234203d3e203238393634.roa
File: 3130392e3131312e3234322e302f32342d3234203d3e203238393634.roa (raw, json)
Hash identifier: dH0OjiXKLd3IpNcsn3blY/b5qlUskr023RjJStmM7ek=
Subject key identifier: 58:A0:77:AC:A8:9A:90:28:6B:83:89:EA:AE:2F:B6:8C:8D:3C:5B:CB
Certificate issuer: /CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Certificate serial: 7F25084F2A4A11DD5A9BE0B972ED254EF56055CD
Authority key identifier: 4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3234322e302f32342d3234203d3e203238393634.roa
Signing time: Tue 06 Jun 2023 09:11:27 +0000
ROA not before: Tue 06 Jun 2023 09:06:27 +0000
ROA not after: Tue 04 Jun 2024 09:11:27 +0000
asID: 28964
IP address blocks: 109.111.242.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:25:08:4f:2a:4a:11:dd:5a:9b:e0:b9:72:ed:25:4e:f5:60:55:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Validity
Not Before: Jun 6 09:06:27 2023 GMT
Not After : Jun 4 09:11:27 2024 GMT
Subject: CN=58A077ACA89A90286B8389EAAE2FB68C8D3C5BCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fe:d7:68:fc:5b:4e:83:5a:ba:e6:84:3f:26:
3f:64:1d:df:6e:14:80:09:07:47:01:d7:eb:1f:a5:
a0:a8:6c:b4:99:61:32:66:0d:41:e3:bd:c8:24:06:
8f:29:f5:ff:44:7d:f0:48:e8:a3:b4:91:4e:ce:d2:
48:f7:2a:bf:be:2e:9f:9a:83:0c:a1:c2:20:d4:ee:
de:2c:7f:61:8e:51:1d:d0:9c:f9:77:d7:c4:48:10:
74:b9:f6:fb:60:75:f4:fc:a6:b3:47:14:b7:05:c2:
e3:ae:31:4c:9f:cb:87:c3:34:9c:60:8f:75:e1:7e:
f0:26:04:34:90:b0:78:0d:07:f3:4e:3f:68:34:42:
f1:eb:8b:68:4a:f4:f7:65:ab:22:ee:71:6d:b0:7b:
89:73:6e:38:f1:39:c9:4b:c2:0f:18:09:e2:31:b5:
65:2d:0f:d6:26:f3:f1:04:94:20:12:45:85:2e:b1:
e7:77:c0:22:7e:35:ee:ee:85:e8:c1:88:0c:d4:0c:
e6:c5:a5:9b:c4:ac:7c:ad:95:76:a3:77:b8:cf:3b:
f3:66:61:79:6f:a1:92:1b:c8:18:65:0f:91:fd:96:
e6:98:dd:b2:17:9b:d5:17:47:d8:3e:ee:59:3d:f8:
28:2d:8d:6a:ff:1a:2d:dc:9e:45:af:88:46:f6:4f:
06:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:A0:77:AC:A8:9A:90:28:6B:83:89:EA:AE:2F:B6:8C:8D:3C:5B:CB
X509v3 Authority Key Identifier:
keyid:4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/4F9948D82C74F5B80667B4A37394C8A56B7FE484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3234322e302f32342d3234203d3e203238393634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ab:83:c2:44:50:97:cc:fa:bc:b0:1c:ba:4e:bd:d9:d4:00:
b1:3e:90:eb:f7:38:ae:a1:d9:17:8e:27:37:83:fc:cd:61:dc:
18:52:ab:3a:78:b5:45:b0:a7:ad:64:16:11:64:34:71:15:a0:
1e:f3:7e:95:2e:d2:1a:58:9c:57:c2:74:c9:06:c7:c3:e3:c4:
c0:69:3d:4c:6a:9d:b8:f6:25:9d:8e:75:f7:0f:54:06:74:bd:
30:3b:63:b9:12:6b:fb:e5:f5:22:47:61:ce:66:e1:81:13:f7:
e7:63:f8:06:10:44:fd:e7:18:5b:9b:2d:22:83:12:af:83:6b:
0a:84:24:fe:38:e0:f6:8d:94:b8:93:ad:92:20:b6:4b:6e:d4:
c7:46:77:6f:92:ff:1a:66:d5:a1:69:97:69:dc:ef:cb:37:8a:
1c:6e:f2:7a:98:80:71:0f:ca:31:57:f1:19:fd:ac:33:b1:79:
c1:36:41:e9:4c:bf:ce:03:bc:f6:14:4c:5f:d3:35:56:22:ee:
cd:73:e6:38:a6:b0:5d:57:4c:86:92:5f:71:94:3a:d4:ba:10:
b0:25:17:f4:0f:07:30:ae:17:a8:a4:a1:22:8e:5e:3c:03:d5:
12:2c:a5:ac:8f:ee:ec:2c:02:f8:aa:cd:22:a9:f2:1b:86:b9:
b3:7a:b8:9b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfyUITypKEd1am+C5cu0lTvVgVc0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGY5OTQ4ZDgyYzc0ZjViODA2NjdiNGEzNzM5NGM4YTU2
YjdmZTQ4NDAeFw0yMzA2MDYwOTA2MjdaFw0yNDA2MDQwOTExMjdaMDMxMTAvBgNV
BAMTKDU4QTA3N0FDQTg5QTkwMjg2QjgzODlFQUFFMkZCNjhDOEQzQzVCQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX/tdo/FtOg1q65oQ/Jj9kHd9u
FIAJB0cB1+sfpaCobLSZYTJmDUHjvcgkBo8p9f9EffBI6KO0kU7O0kj3Kr++Lp+a
gwyhwiDU7t4sf2GOUR3QnPl318RIEHS59vtgdfT8prNHFLcFwuOuMUyfy4fDNJxg
j3XhfvAmBDSQsHgNB/NOP2g0QvHri2hK9PdlqyLucW2we4lzbjjxOclLwg8YCeIx
tWUtD9Ym8/EElCASRYUused3wCJ+Ne7uhejBiAzUDObFpZvErHytlXajd7jPO/Nm
YXlvoZIbyBhlD5H9luaY3bIXm9UXR9g+7lk9+CgtjWr/Gi3cnkWviEb2TwarAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWKB3rKiakChrg4nqri+2jI08W8swHwYDVR0j
BBgwFoAUT5lI2Cx09bgGZ7Sjc5TIpWt/5IQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYtYWFkNi00MWJmLWFlYmYtODBhMmNjNjdh
NDY2LzAvNEY5OTQ4RDgyQzc0RjVCODA2NjdCNEEzNzM5NEM4QTU2QjdGRTQ4NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q1bEkyQ3gwOWJnR1o3U2pjNVRJcFd0
XzVJUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYt
YWFkNi00MWJmLWFlYmYtODBhMmNjNjdhNDY2LzAvMzEzMDM5MmUzMTMxMzEyZTMy
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzgzOTM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABtb/IwDQYJKoZIhvcNAQELBQADggEBACqrg8JEUJfM+rywHLpOvdnUALE+kOv3
OK6h2ReOJzeD/M1h3BhSqzp4tUWwp61kFhFkNHEVoB7zfpUu0hpYnFfCdMkGx8Pj
xMBpPUxqnbj2JZ2OdfcPVAZ0vTA7Y7kSa/vl9SJHYc5m4YET9+dj+AYQRP3nGFub
LSKDEq+DawqEJP444PaNlLiTrZIgtktu1MdGd2+S/xpm1aFpl2nc78s3ihxu8nqY
gHEPyjFX8Rn9rDOxecE2QelMv84DvPYUTF/TNVYi7s1z5jimsF1XTIaSX3GUOtS6
ELAlF/QPBzCuF6ikoSKOXjwD1RIspayP7uwsAviqzSKp8huGubN6uJs=
-----END CERTIFICATE-----
Generated at Thu May 8 18:57:55 2025 by rpki-client