Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/32332e3137322e3132302e302f32342d3332203d3e203437323732.roa
File: 32332e3137322e3132302e302f32342d3332203d3e203437323732.roa (raw, json)
Hash identifier: IwVe1aP9F++3yptOtYvTYTVHK5oG5UZqMj2hhb0sRQ4=
Subject key identifier: 3B:C9:79:0C:F6:09:EA:A0:81:6F:8C:5F:41:03:DD:EF:28:20:BF:24
Certificate issuer: /CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
Certificate serial: 51BA9C93071EC4DC1D277182CF7C373994F2D44A
Authority key identifier: 6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/32332e3137322e3132302e302f32342d3332203d3e203437323732.roa
Signing time: Tue 28 Jan 2025 10:20:00 +0000
ROA not before: Tue 28 Jan 2025 10:15:00 +0000
ROA not after: Tue 27 Jan 2026 10:20:00 +0000
asID: 47272
IP address blocks: 23.172.120.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:ba:9c:93:07:1e:c4:dc:1d:27:71:82:cf:7c:37:39:94:f2:d4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa
Validity
Not Before: Jan 28 10:15:00 2025 GMT
Not After : Jan 27 10:20:00 2026 GMT
Subject: CN=3BC9790CF609EAA0816F8C5F4103DDEF2820BF24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2c:cf:96:1b:26:9a:cc:d1:3d:01:aa:1e:f3:
a4:05:0a:64:95:33:32:1a:2b:7d:a3:c7:8b:8e:27:
49:7b:2c:40:36:02:c9:e2:bc:a9:92:e9:11:8b:30:
ad:f8:e6:cd:b3:b3:0d:90:4d:0a:0d:8a:78:4d:c5:
a0:e2:98:bf:2b:b9:16:95:21:3e:d0:e5:f5:8d:e1:
a9:a6:05:fd:43:22:78:bb:ca:d4:e1:95:f4:6c:48:
a6:9b:35:c5:79:68:58:0e:9d:1e:aa:a7:55:9f:b1:
66:20:e2:0f:8e:c3:47:1c:e9:af:2c:d4:04:78:31:
60:8e:d9:b3:2e:d6:5f:cf:7a:5f:15:11:6d:59:dd:
fe:68:81:f0:1c:bc:82:9e:7e:df:f4:69:69:a6:60:
b9:84:ea:19:43:a8:6f:cd:a7:11:a4:a8:90:78:5f:
c8:88:25:f0:2b:dc:a7:d0:fc:ed:40:09:7a:d3:b0:
66:a6:77:f4:2a:41:0e:70:70:c1:af:40:60:9a:e5:
e0:fa:d4:c3:c9:cf:e1:ea:df:72:96:38:f7:40:ba:
f9:29:6f:08:6d:10:53:4e:1b:68:6e:bb:b1:29:f5:
fc:6e:18:22:8a:ac:9d:ef:67:1f:73:a7:7b:bc:50:
05:d8:a8:87:2e:8b:90:a4:ed:85:a7:ff:d2:02:c7:
de:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C9:79:0C:F6:09:EA:A0:81:6F:8C:5F:41:03:DD:EF:28:20:BF:24
X509v3 Authority Key Identifier:
keyid:6D:7A:26:67:30:92:8D:9D:FD:FD:AC:E3:6F:73:AC:89:E4:24:E2:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/6D7A266730928D9DFDFDACE36F73AC89E424E228.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/4ab7ae4d-bd7b-4b33-9a88-5b22d2a8337d/02c7706b-3baf-42cb-bdf7-782b036252b3/f44c82daba68b40f65cfc17445f89b2192a57379d7f13be8fa.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/4/32332e3137322e3132302e302f32342d3332203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.172.120.0/24
Signature Algorithm: sha256WithRSAEncryption
14:1a:d8:0d:4a:ca:0a:df:b1:72:ea:de:50:c7:ad:4e:b6:09:
10:7f:08:37:30:32:f3:93:a5:d1:99:8b:9f:c4:85:5e:47:09:
85:33:ff:be:4c:12:64:9b:f4:55:dd:9a:66:14:67:6f:3f:bf:
2d:c1:83:6e:93:71:97:9d:9d:91:3d:cd:b9:4c:d1:d9:7c:17:
39:48:cb:a0:72:2a:d0:5f:f1:9c:73:cf:e3:34:9a:61:14:7f:
76:f3:dc:d5:f4:3b:13:fc:15:e0:83:c8:fd:2f:34:12:88:1b:
ea:40:f6:55:ff:1e:c8:3e:49:c6:23:10:f5:5b:42:60:7e:e2:
b7:f8:d7:cb:8f:d4:7d:3e:59:a2:65:49:b3:7a:0a:c2:de:46:
c0:5f:08:9a:ba:db:a0:7d:7a:f3:f7:98:ae:d6:ef:f1:df:4f:
d2:6b:55:ed:62:3b:d4:92:9c:b5:82:2b:06:b9:14:61:ff:94:
ab:2e:ae:c4:c7:32:91:10:37:1f:69:71:63:16:6d:4e:10:76:
5c:34:44:80:60:ed:d7:34:8e:48:43:79:d3:bc:d2:cd:21:32:
58:c0:80:91:aa:3a:81:78:2d:7e:9e:07:d4:ae:20:a1:a6:4e:
07:8e:08:3d:ac:80:53:57:5e:fd:63:e8:22:b8:11:38:98:a2:
3f:a6:28:af
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUUbqckwcexNwdJ3GCz3w3OZTy1EowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5
MmE1NzM3OWQ3ZjEzYmU4ZmEwHhcNMjUwMTI4MTAxNTAwWhcNMjYwMTI3MTAyMDAw
WjAzMTEwLwYDVQQDEygzQkM5NzkwQ0Y2MDlFQUEwODE2RjhDNUY0MTAzRERFRjI4
MjBCRjI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CzPlhsmmszR
PQGqHvOkBQpklTMyGit9o8eLjidJeyxANgLJ4rypkukRizCt+ObNs7MNkE0KDYp4
TcWg4pi/K7kWlSE+0OX1jeGppgX9QyJ4u8rU4ZX0bEimmzXFeWhYDp0eqqdVn7Fm
IOIPjsNHHOmvLNQEeDFgjtmzLtZfz3pfFRFtWd3+aIHwHLyCnn7f9GlppmC5hOoZ
Q6hvzacRpKiQeF/IiCXwK9yn0PztQAl607Bmpnf0KkEOcHDBr0BgmuXg+tTDyc/h
6t9yljj3QLr5KW8IbRBTThtobruxKfX8bhgiiqyd72cfc6d7vFAF2KiHLouQpO2F
p//SAsfefwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFDvJeQz2CeqggW+MX0ED3e8o
IL8kMB8GA1UdIwQYMBaAFG16Jmcwko2d/f2s429zrInkJOIoMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2Mx
LTI3NjU0M2EyNWM3ZC80LzZEN0EyNjY3MzA5MjhEOURGREZEQUNFMzZGNzNBQzg5
RTQyNEUyMjguY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzRhYjdhZTRkLWJkN2It
NGIzMy05YTg4LTViMjJkMmE4MzM3ZC8wMmM3NzA2Yi0zYmFmLTQyY2ItYmRmNy03
ODJiMDM2MjUyYjMvZjQ0YzgyZGFiYTY4YjQwZjY1Y2ZjMTc0NDVmODliMjE5MmE1
NzM3OWQ3ZjEzYmU4ZmEuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC80LzMyMzMyZTMx
MzczMjJlMzEzMjMwMmUzMDJmMzIzNDJkMzMzMjIwM2QzZTIwMzQzNzMyMzczMi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeseDANBgkqhkiG9w0BAQsFAAOCAQEAFBrYDUrKCt+xcureUMet
TrYJEH8INzAy85Ol0ZmLn8SFXkcJhTP/vkwSZJv0Vd2aZhRnbz+/LcGDbpNxl52d
kT3NuUzR2XwXOUjLoHIq0F/xnHPP4zSaYRR/dvPc1fQ7E/wV4IPI/S80Eogb6kD2
Vf8eyD5JxiMQ9VtCYH7it/jXy4/UfT5ZomVJs3oKwt5GwF8ImrrboH168/eYrtbv
8d9P0mtV7WI71JKctYIrBrkUYf+Uqy6uxMcykRA3H2lxYxZtThB2XDREgGDt1zSO
SEN507zSzSEyWMCAkao6gXgtfp4H1K4goaZOB44IPayAU1de/WPoIrgROJiiP6Yo
rw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:36:32 2025 by rpki-client