Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/32332e3137342e3230302e302f32342d3234203d3e203135333533.roa
File: 32332e3137342e3230302e302f32342d3234203d3e203135333533.roa (raw, json)
Hash identifier: FFpmdrmFTQ1EwGGJtpsh2GlWAknLs7PduieofwpgPt8=
Subject key identifier: 2E:A9:B0:B9:15:8B:EE:B5:5D:52:39:C2:4F:C1:55:B1:BF:E0:4E:B6
Certificate issuer: /CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
Certificate serial: 29C44AC16E978116FB6AA4CA1B15ED44F2B7D591
Authority key identifier: 6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/32332e3137342e3230302e302f32342d3234203d3e203135333533.roa
Signing time: Wed 05 Mar 2025 19:56:38 +0000
ROA not before: Wed 05 Mar 2025 19:51:38 +0000
ROA not after: Wed 04 Mar 2026 19:56:38 +0000
asID: 15353
IP address blocks: 23.174.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:c4:4a:c1:6e:97:81:16:fb:6a:a4:ca:1b:15:ed:44:f2:b7:d5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43729997152fd84fcda6d190c3b3195b02679660112be9a2d7
Validity
Not Before: Mar 5 19:51:38 2025 GMT
Not After : Mar 4 19:56:38 2026 GMT
Subject: CN=2EA9B0B9158BEEB55D5239C24FC155B1BFE04EB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:8b:44:24:70:ad:4c:af:39:84:69:28:06:
13:f5:ee:a0:25:40:61:89:c7:3a:fd:4a:1c:b1:6a:
e3:cb:c6:70:ab:e1:6d:0b:91:af:3e:c1:1f:6f:62:
8d:be:00:c7:aa:3a:87:49:e0:1b:1c:df:8f:41:80:
73:80:9c:da:23:1b:06:fc:65:ef:9b:06:ee:0e:77:
c3:37:ec:cd:1c:68:e6:79:13:c8:05:0b:3c:e6:2c:
28:8c:17:1c:70:24:37:df:cc:03:c9:82:28:07:2d:
48:26:2a:40:19:ab:9a:a3:38:eb:3e:f7:e1:53:29:
a9:35:54:23:df:49:dd:30:ea:0d:80:c2:45:dd:50:
a6:39:7a:a3:86:89:65:19:90:d7:79:98:3c:03:5b:
27:fa:0e:ed:5b:bf:a9:52:40:df:16:ab:3e:3f:97:
69:3e:9b:d1:0a:92:6b:66:30:87:7b:7f:6a:3f:b8:
53:f0:3a:f2:17:8a:99:54:57:9e:33:26:55:82:d2:
9c:e2:80:69:0a:ae:2e:df:da:b1:37:bb:1f:d9:c0:
6d:0b:b1:eb:ef:3e:ae:cf:21:52:0e:3f:29:d4:c9:
35:04:0f:92:7b:38:dd:a6:a4:c4:54:21:b1:38:bd:
16:e6:b2:e5:15:4c:69:3d:7e:05:32:7c:31:a8:d9:
71:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A9:B0:B9:15:8B:EE:B5:5D:52:39:C2:4F:C1:55:B1:BF:E0:4E:B6
X509v3 Authority Key Identifier:
keyid:6A:6F:6E:C2:72:A5:EB:DC:18:24:1C:2C:84:D1:D9:FE:94:C1:25:AA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/6A6F6EC272A5EBDC18241C2C84D1D9FE94C125AA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/829fb872-15bb-4a4e-9ed9-259960b049bd/43729997152fd84fcda6d190c3b3195b02679660112be9a2d7.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/66bd92f1-415b-4765-8a16-dbfc4593c1a8/7/32332e3137342e3230302e302f32342d3234203d3e203135333533.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.174.200.0/24
Signature Algorithm: sha256WithRSAEncryption
25:6e:03:a9:fd:e6:a0:4c:51:f3:3e:86:0d:80:36:27:12:d8:
5a:81:61:f9:e5:9e:d2:17:28:0b:35:74:82:7c:d7:5a:b4:99:
2d:17:0c:1b:18:ce:34:dd:0e:7e:8c:ba:12:e6:a8:de:db:92:
cb:bd:1a:12:1b:f3:e4:78:62:1f:7d:52:11:94:5a:17:37:63:
96:c8:ce:41:6b:1b:05:6f:7e:6b:2b:39:3b:86:67:de:68:28:
05:22:0f:c8:15:9b:de:0c:71:7d:58:ad:96:a0:b5:1c:2b:47:
a6:54:98:ac:ed:f4:1b:51:ae:20:50:55:b1:d4:85:03:09:39:
72:8c:96:46:04:37:62:8e:35:14:09:f6:1e:35:60:1a:c1:56:
3c:9d:7b:4e:30:5e:7f:ac:e0:3e:c5:a1:c8:18:39:8e:7a:dd:
44:da:0f:da:93:ff:8b:f7:42:64:3a:58:bb:e0:fc:15:da:15:
0b:fe:ff:cf:d0:86:3e:b1:7b:bd:46:84:0f:f5:e5:cf:03:cc:
0e:21:66:b6:28:d0:39:15:15:da:39:92:c4:9b:28:53:c4:cd:
da:e8:bd:73:05:d1:d9:09:79:79:15:37:1a:7d:0a:33:5f:a6:
5e:5f:ea:5b:f0:87:67:ea:94:ad:22:94:c2:38:dd:83:1d:bd:
f4:bb:b5:b7
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUKcRKwW6XgRb7aqTKGxXtRPK31ZEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIw
MjY3OTY2MDExMmJlOWEyZDcwHhcNMjUwMzA1MTk1MTM4WhcNMjYwMzA0MTk1NjM4
WjAzMTEwLwYDVQQDEygyRUE5QjBCOTE1OEJFRUI1NUQ1MjM5QzI0RkMxNTVCMUJG
RTA0RUI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/SLRCRwrUyv
OYRpKAYT9e6gJUBhicc6/UocsWrjy8Zwq+FtC5GvPsEfb2KNvgDHqjqHSeAbHN+P
QYBzgJzaIxsG/GXvmwbuDnfDN+zNHGjmeRPIBQs85iwojBcccCQ338wDyYIoBy1I
JipAGauaozjrPvfhUympNVQj30ndMOoNgMJF3VCmOXqjhollGZDXeZg8A1sn+g7t
W7+pUkDfFqs+P5dpPpvRCpJrZjCHe39qP7hT8DryF4qZVFeeMyZVgtKc4oBpCq4u
39qxN7sf2cBtC7Hr7z6uzyFSDj8p1Mk1BA+SezjdpqTEVCGxOL0W5rLlFUxpPX4F
MnwxqNlxzwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFC6psLkVi+61XVI5wk/BVbG/
4E62MB8GA1UdIwQYMBaAFGpvbsJypevcGCQcLITR2f6UwSWqMA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2
LWRiZmM0NTkzYzFhOC83LzZBNkY2RUMyNzJBNUVCREMxODI0MUMyQzg0RDFEOUZF
OTRDMTI1QUEuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTIt
NDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84MjlmYjg3Mi0xNWJiLTRhNGUtOWVkOS0y
NTk5NjBiMDQ5YmQvNDM3Mjk5OTcxNTJmZDg0ZmNkYTZkMTkwYzNiMzE5NWIwMjY3
OTY2MDExMmJlOWEyZDcuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzY2YmQ5MmYxLTQxNWItNDc2NS04YTE2LWRiZmM0NTkzYzFhOC83LzMyMzMyZTMx
MzczNDJlMzIzMDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNTMzMzUzMy5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeuyDANBgkqhkiG9w0BAQsFAAOCAQEAJW4Dqf3moExR8z6GDYA2
JxLYWoFh+eWe0hcoCzV0gnzXWrSZLRcMGxjONN0Ofoy6Euao3tuSy70aEhvz5Hhi
H31SEZRaFzdjlsjOQWsbBW9+ays5O4Zn3mgoBSIPyBWb3gxxfVitlqC1HCtHplSY
rO30G1GuIFBVsdSFAwk5coyWRgQ3Yo41FAn2HjVgGsFWPJ17TjBef6zgPsWhyBg5
jnrdRNoP2pP/i/dCZDpYu+D8FdoVC/7/z9CGPrF7vUaED/XlzwPMDiFmtijQORUV
2jmSxJsoU8TN2ui9cwXR2Ql5eRU3Gn0KM1+mXl/qW/CHZ+qUrSKUwjjdgx299Lu1
tw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:34:19 2025 by rpki-client