Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3235322e302f32332d3233203d3e2039313235.roa
File: 3130392e3131312e3235322e302f32332d3233203d3e2039313235.roa (raw, json)
Hash identifier: EW9e8Vl8omCHAXHzWYMd6vVNvRq5msm0DBTDsQu/iZY=
Subject key identifier: 55:67:18:AD:1C:01:D3:85:FE:69:D5:0A:41:7F:6A:C5:DA:F9:BF:29
Certificate issuer: /CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Certificate serial: 1189DB698D7FDC7456E09A154736866D48DF566C
Authority key identifier: 4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3235322e302f32332d3233203d3e2039313235.roa
Signing time: Tue 06 Jun 2023 09:13:16 +0000
ROA not before: Tue 06 Jun 2023 09:08:16 +0000
ROA not after: Tue 04 Jun 2024 09:13:16 +0000
asID: 9125
IP address blocks: 109.111.252.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:89:db:69:8d:7f:dc:74:56:e0:9a:15:47:36:86:6d:48:df:56:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Validity
Not Before: Jun 6 09:08:16 2023 GMT
Not After : Jun 4 09:13:16 2024 GMT
Subject: CN=556718AD1C01D385FE69D50A417F6AC5DAF9BF29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:70:97:53:c2:83:d5:de:64:c2:ac:5a:a7:4d:
04:a8:7b:32:05:14:ed:69:20:78:e0:f7:8c:b5:53:
ce:cd:b0:71:09:bd:9d:65:14:e5:24:77:fd:13:04:
59:6e:2c:6f:b8:b8:54:0c:94:e7:fa:c5:45:1b:87:
67:c2:80:9f:14:88:c6:c0:f7:69:db:67:01:4f:39:
6c:15:ce:2d:24:1a:51:b6:08:96:51:c8:0d:8b:bc:
39:a9:20:4a:b3:79:03:c5:db:05:0d:82:5f:a6:eb:
8a:43:b9:4c:cd:55:59:3c:1c:cd:8f:4a:8e:5a:fc:
55:6d:8a:8b:5a:81:de:99:ec:8a:ca:6c:5d:c9:45:
5f:cb:b3:9c:77:e1:27:c1:98:3b:0b:0c:40:6c:72:
99:73:72:48:a5:18:9d:d6:83:33:bf:ef:73:f3:1b:
d4:f8:9b:59:6a:88:58:8d:32:55:0e:09:47:c6:18:
a8:d8:b2:54:00:8c:53:a1:08:96:95:82:c5:46:93:
d4:dd:3e:9d:b9:60:ce:2e:df:1c:f1:ce:05:e0:a0:
2b:ed:43:db:96:93:41:2a:71:3a:91:3a:35:11:bd:
39:d9:c4:21:7e:1d:ce:c1:b4:10:c0:d7:50:9b:ef:
8b:41:eb:c1:a3:54:2b:22:52:a9:de:60:bf:1b:ee:
a7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:67:18:AD:1C:01:D3:85:FE:69:D5:0A:41:7F:6A:C5:DA:F9:BF:29
X509v3 Authority Key Identifier:
keyid:4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/4F9948D82C74F5B80667B4A37394C8A56B7FE484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3130392e3131312e3235322e302f32332d3233203d3e2039313235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.252.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:a9:1e:5d:a7:60:ea:5a:6c:16:f4:48:1a:2b:36:49:2e:18:
75:b8:42:e0:63:bb:fa:93:4f:bc:29:e3:80:8e:af:66:8e:dd:
4c:ad:76:2a:8f:be:b8:ff:cd:7d:46:15:b2:65:6b:f9:3b:76:
3b:0d:f4:fc:88:27:22:82:59:9b:54:d9:3a:fb:db:89:59:f5:
22:7c:2f:1d:6f:c2:a9:8b:d1:2e:79:ba:8a:18:21:b6:93:dd:
4f:ce:a8:e0:8c:c1:ab:e9:a4:1f:dd:72:c0:a8:6f:71:73:36:
f1:6f:69:56:e1:d0:4f:71:6a:c1:36:36:09:7d:6b:5a:bb:aa:
c5:80:e8:71:05:b6:44:b2:a7:3b:af:7c:c9:cb:c9:c6:92:3f:
b0:f1:52:07:0b:11:9b:8d:29:9a:8f:f7:4b:70:6d:54:91:40:
39:d1:54:d3:24:d0:8f:a4:d4:aa:d3:34:28:50:74:82:3d:d1:
11:8d:cc:bd:14:78:12:1a:bf:27:06:76:37:97:98:b2:01:47:
53:5e:40:93:20:00:67:43:db:d4:83:54:45:20:ce:de:c4:0a:
43:10:87:15:fe:8d:5a:57:ed:42:79:42:a0:20:b4:7e:0e:9f:
39:66:9e:a7:80:2d:b8:49:93:7b:5b:7b:fc:b1:62:85:f8:59:
0f:37:3f:c0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUEYnbaY1/3HRW4JoVRzaGbUjfVmwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGY5OTQ4ZDgyYzc0ZjViODA2NjdiNGEzNzM5NGM4YTU2
YjdmZTQ4NDAeFw0yMzA2MDYwOTA4MTZaFw0yNDA2MDQwOTEzMTZaMDMxMTAvBgNV
BAMTKDU1NjcxOEFEMUMwMUQzODVGRTY5RDUwQTQxN0Y2QUM1REFGOUJGMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4cJdTwoPV3mTCrFqnTQSoezIF
FO1pIHjg94y1U87NsHEJvZ1lFOUkd/0TBFluLG+4uFQMlOf6xUUbh2fCgJ8UiMbA
92nbZwFPOWwVzi0kGlG2CJZRyA2LvDmpIEqzeQPF2wUNgl+m64pDuUzNVVk8HM2P
So5a/FVtiotagd6Z7IrKbF3JRV/Ls5x34SfBmDsLDEBscplzckilGJ3WgzO/73Pz
G9T4m1lqiFiNMlUOCUfGGKjYslQAjFOhCJaVgsVGk9TdPp25YM4u3xzxzgXgoCvt
Q9uWk0EqcTqROjURvTnZxCF+Hc7BtBDA11Cb74tB68GjVCsiUqneYL8b7qfRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUVWcYrRwB04X+adUKQX9qxdr5vykwHwYDVR0j
BBgwFoAUT5lI2Cx09bgGZ7Sjc5TIpWt/5IQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYtYWFkNi00MWJmLWFlYmYtODBhMmNjNjdh
NDY2LzAvNEY5OTQ4RDgyQzc0RjVCODA2NjdCNEEzNzM5NEM4QTU2QjdGRTQ4NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q1bEkyQ3gwOWJnR1o3U2pjNVRJcFd0
XzVJUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYt
YWFkNi00MWJmLWFlYmYtODBhMmNjNjdhNDY2LzAvMzEzMDM5MmUzMTMxMzEyZTMy
MzUzMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM5MzEzMjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
bW/8MA0GCSqGSIb3DQEBCwUAA4IBAQAvqR5dp2DqWmwW9EgaKzZJLhh1uELgY7v6
k0+8KeOAjq9mjt1MrXYqj764/819RhWyZWv5O3Y7DfT8iCciglmbVNk6+9uJWfUi
fC8db8Kpi9EuebqKGCG2k91PzqjgjMGr6aQf3XLAqG9xczbxb2lW4dBPcWrBNjYJ
fWtau6rFgOhxBbZEsqc7r3zJy8nGkj+w8VIHCxGbjSmaj/dLcG1UkUA50VTTJNCP
pNSq0zQoUHSCPdERjcy9FHgSGr8nBnY3l5iyAUdTXkCTIABnQ9vUg1RFIM7exApD
EIcV/o1aV+1CeUKgILR+Dp85Zp6ngC24SZN7W3v8sWKF+FkPNz/A
-----END CERTIFICATE-----
Generated at Thu May 8 06:32:46 2025 by rpki-client