Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3231372e3136392e3230382e302f32302d3230203d3e2039313235.roa
File: 3231372e3136392e3230382e302f32302d3230203d3e2039313235.roa (raw, json)
Hash identifier: I1ArgUDB/AHExS6vw4LmFG8Q5/J0DB4RY2hFyGAb/d0=
Subject key identifier: 9A:AD:15:23:75:70:0D:66:0F:26:05:C8:06:B3:5B:5D:6F:FB:F1:90
Certificate issuer: /CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Certificate serial: 241CE986827682D41B469BD3FD1190C2F14BE8C9
Authority key identifier: 4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3231372e3136392e3230382e302f32302d3230203d3e2039313235.roa
Signing time: Tue 06 Jun 2023 09:20:43 +0000
ROA not before: Tue 06 Jun 2023 09:15:43 +0000
ROA not after: Tue 04 Jun 2024 09:20:43 +0000
asID: 9125
IP address blocks: 217.169.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:1c:e9:86:82:76:82:d4:1b:46:9b:d3:fd:11:90:c2:f1:4b:e8:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9948d82c74f5b80667b4a37394c8a56b7fe484
Validity
Not Before: Jun 6 09:15:43 2023 GMT
Not After : Jun 4 09:20:43 2024 GMT
Subject: CN=9AAD152375700D660F2605C806B35B5D6FFBF190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:83:96:9a:3b:41:6a:4a:ba:03:00:c5:1e:f5:
a6:1d:fa:5b:09:e4:d0:85:ae:85:45:64:56:ea:e0:
1d:45:3d:28:3b:d9:82:26:9c:c0:a2:c4:d5:5f:6e:
b9:ae:40:6c:e5:61:66:e7:f7:87:2a:4a:02:e9:9f:
c8:3c:b4:0b:4c:87:0e:8f:3b:fc:4d:89:14:ca:df:
af:e7:d7:0d:8b:5e:aa:70:73:43:ae:80:92:68:70:
6c:48:a2:60:3e:6b:89:b5:15:fa:a5:11:fd:a1:8f:
e0:82:b5:07:02:b1:1c:6a:39:4a:a8:30:1e:99:88:
19:6b:f6:ca:7a:0b:60:49:6c:8b:b8:7b:24:6c:8f:
e1:3b:67:8c:a8:73:11:08:24:4b:c7:17:ba:82:0e:
d9:11:e1:2b:3a:eb:a9:84:3f:08:30:c6:06:6c:0f:
cf:6c:f3:fd:07:85:af:c5:f0:b7:65:62:ba:0a:69:
91:a9:4f:91:3e:c3:46:20:a2:d2:14:62:96:33:79:
73:ee:ea:73:17:ce:dd:5d:fa:2a:a0:79:cd:27:da:
ad:ea:e2:7d:b6:bc:98:3b:69:92:e1:c4:2f:cd:c8:
d7:c5:bb:34:88:55:37:ab:57:2d:11:99:3a:49:45:
e7:a1:8b:83:18:bf:d1:cb:5e:82:a7:86:67:11:67:
80:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AD:15:23:75:70:0D:66:0F:26:05:C8:06:B3:5B:5D:6F:FB:F1:90
X509v3 Authority Key Identifier:
keyid:4F:99:48:D8:2C:74:F5:B8:06:67:B4:A3:73:94:C8:A5:6B:7F:E4:84
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/4F9948D82C74F5B80667B4A37394C8A56B7FE484.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5lI2Cx09bgGZ7Sjc5TIpWt_5IQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/4556f416-aad6-41bf-aebf-80a2cc67a466/0/3231372e3136392e3230382e302f32302d3230203d3e2039313235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.169.208.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:61:46:51:71:1d:41:87:86:d2:27:df:e8:50:1f:2c:6b:f3:
d3:96:f0:44:1c:4e:ef:57:39:aa:64:e6:79:ba:c3:36:85:c0:
57:ad:17:c0:22:cb:d0:d7:95:5c:71:b1:50:6b:01:b8:14:83:
11:2b:dc:05:1a:24:d0:91:16:45:96:c7:bb:0f:a5:67:1f:98:
f8:6e:4a:e1:60:b6:7d:e8:04:a5:d3:f0:02:d7:51:5c:15:0f:
c1:a0:f9:db:8f:38:0b:c8:a8:37:19:06:ae:31:ca:0e:2a:6b:
1b:38:08:3c:af:84:bc:e0:89:0f:80:5a:b5:8b:b6:e4:e9:6c:
61:7f:44:a7:a0:b0:a3:8b:f8:cd:4a:92:a7:4d:3b:c2:c6:c0:
ab:7b:65:dd:5f:1e:78:10:ed:3d:6c:c9:68:97:71:1a:d4:a0:
dd:73:e2:b9:02:92:b6:eb:3e:b9:e7:76:8a:e5:d3:15:d4:a0:
5e:79:db:e7:6e:34:b4:e1:4f:fd:b7:2d:8a:47:32:4c:5c:f9:
b6:ea:1d:0e:c9:c1:5a:93:86:db:bb:24:5c:bf:a7:8d:b4:4d:
f9:65:90:f2:54:ea:56:69:56:49:82:bb:0b:fa:ca:d7:42:fb:
10:17:ae:27:06:94:d2:ee:dd:16:fd:32:14:51:14:29:e2:98:
e6:63:a8:91
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJBzphoJ2gtQbRpvT/RGQwvFL6MkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGY5OTQ4ZDgyYzc0ZjViODA2NjdiNGEzNzM5NGM4YTU2
YjdmZTQ4NDAeFw0yMzA2MDYwOTE1NDNaFw0yNDA2MDQwOTIwNDNaMDMxMTAvBgNV
BAMTKDlBQUQxNTIzNzU3MDBENjYwRjI2MDVDODA2QjM1QjVENkZGQkYxOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKg5aaO0FqSroDAMUe9aYd+lsJ
5NCFroVFZFbq4B1FPSg72YImnMCixNVfbrmuQGzlYWbn94cqSgLpn8g8tAtMhw6P
O/xNiRTK36/n1w2LXqpwc0OugJJocGxIomA+a4m1FfqlEf2hj+CCtQcCsRxqOUqo
MB6ZiBlr9sp6C2BJbIu4eyRsj+E7Z4yocxEIJEvHF7qCDtkR4Ss666mEPwgwxgZs
D89s8/0Hha/F8LdlYroKaZGpT5E+w0YgotIUYpYzeXPu6nMXzt1d+iqgec0n2q3q
4n22vJg7aZLhxC/NyNfFuzSIVTerVy0RmTpJReehi4MYv9HLXoKnhmcRZ4DbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUmq0VI3VwDWYPJgXIBrNbXW/78ZAwHwYDVR0j
BBgwFoAUT5lI2Cx09bgGZ7Sjc5TIpWt/5IQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYtYWFkNi00MWJmLWFlYmYtODBhMmNjNjdh
NDY2LzAvNEY5OTQ4RDgyQzc0RjVCODA2NjdCNEEzNzM5NEM4QTU2QjdGRTQ4NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q1bEkyQ3gwOWJnR1o3U2pjNVRJcFd0
XzVJUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDU1NmY0MTYt
YWFkNi00MWJmLWFlYmYtODBhMmNjNjdhNDY2LzAvMzIzMTM3MmUzMTM2MzkyZTMy
MzAzODJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDM5MzEzMjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
2anQMA0GCSqGSIb3DQEBCwUAA4IBAQArYUZRcR1Bh4bSJ9/oUB8sa/PTlvBEHE7v
VzmqZOZ5usM2hcBXrRfAIsvQ15VccbFQawG4FIMRK9wFGiTQkRZFlse7D6VnH5j4
bkrhYLZ96ASl0/AC11FcFQ/BoPnbjzgLyKg3GQauMcoOKmsbOAg8r4S84IkPgFq1
i7bk6Wxhf0SnoLCji/jNSpKnTTvCxsCre2XdXx54EO09bMlol3Ea1KDdc+K5ApK2
6z6553aK5dMV1KBeedvnbjS04U/9ty2KRzJMXPm26h0OycFak4bbuyRcv6eNtE35
ZZDyVOpWaVZJgrsL+srXQvsQF64nBpTS7t0W/TIUURQp4pjmY6iR
-----END CERTIFICATE-----
Generated at Thu May 8 21:24:26 2025 by rpki-client