Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20323132333335.roa
File: 33312e362e34332e302f32342d3234203d3e20323132333335.roa (raw, json)
Hash identifier: daZHTOYiziTXHar706gjHDLsO6u21t9T6KhPHwNKN9Y=
Subject key identifier: 3B:1D:F8:EA:80:1A:34:07:DA:D0:1E:87:C8:C0:6A:A6:5A:0D:0A:DC
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 700516648F3BA204C28D76813CA7A29C871FA6B8
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20323132333335.roa
Signing time: Wed 22 Mar 2023 15:29:45 +0000
ROA not before: Wed 22 Mar 2023 15:24:45 +0000
ROA not after: Wed 20 Mar 2024 15:29:45 +0000
asID: 212335
IP address blocks: 31.6.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:05:16:64:8f:3b:a2:04:c2:8d:76:81:3c:a7:a2:9c:87:1f:a6:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Mar 22 15:24:45 2023 GMT
Not After : Mar 20 15:29:45 2024 GMT
Subject: CN=3B1DF8EA801A3407DAD01E87C8C06AA65A0D0ADC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7e:40:c4:bc:48:d0:82:44:3c:77:f5:c9:7d:
9b:55:0a:a2:46:0f:39:e6:b4:4b:b2:22:3e:54:a8:
e4:62:2c:1c:bf:8f:72:43:60:95:52:09:6c:16:7d:
c0:53:28:47:94:9c:8c:33:b6:7b:df:d4:00:fd:81:
4d:64:9f:e2:33:13:ff:31:d2:cf:8b:51:bf:bc:88:
73:32:2c:51:45:71:c4:21:d4:43:5a:96:8f:36:d6:
8b:dd:20:5e:5d:e3:46:e3:38:e3:0e:70:9e:bb:36:
dd:8f:b2:01:ca:b9:28:62:5d:0d:5e:a6:6e:3c:6e:
9b:33:fc:bb:5b:76:5d:dd:fb:6a:f9:3b:70:40:bf:
c2:85:d8:20:97:88:d2:d4:2a:1a:a6:44:70:0b:2c:
8f:ce:67:87:5e:c1:3d:50:10:bb:5b:13:ee:73:72:
ef:63:6d:31:33:c6:77:37:c2:57:81:21:ec:80:c5:
64:02:2a:38:d1:42:e4:1c:a8:68:57:f5:1d:0f:30:
09:30:dc:c5:3e:32:b6:48:db:3f:85:99:0e:d7:bb:
82:58:d1:5b:e2:f4:fe:68:a1:5f:b4:79:3a:be:b9:
c9:fd:e8:2f:f3:ed:7d:ea:39:ad:9c:94:02:b4:47:
4f:41:83:25:2e:6c:93:75:7a:cf:a1:c7:2a:9e:f1:
d0:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1D:F8:EA:80:1A:34:07:DA:D0:1E:87:C8:C0:6A:A6:5A:0D:0A:DC
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e34332e302f32342d3234203d3e20323132333335.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.43.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9d:5b:b0:5c:8d:23:45:10:b2:68:cf:2d:e6:8a:fb:47:40:
91:2d:0f:32:5a:8d:85:6a:80:28:bf:0c:25:b4:70:28:9e:46:
5c:85:13:70:a2:02:7a:8b:f2:0f:8d:4d:cd:21:2c:42:71:96:
af:f7:a9:fe:87:e1:38:3e:36:ae:65:c7:fe:cb:ef:46:29:44:
4d:5c:26:66:80:6f:77:de:60:8e:f8:3b:dd:4d:d9:f6:63:70:
32:75:00:f5:4b:44:b1:24:18:3f:2b:ff:d2:85:8a:08:bb:b9:
d9:d1:6e:da:04:19:9e:46:3e:70:a8:c2:09:6b:22:e2:af:b1:
b4:59:a6:bc:81:0e:a7:e1:78:2f:9b:2e:41:c8:61:03:20:0a:
e0:d4:c4:50:8c:8a:58:b7:c4:7a:d1:6d:62:72:09:f5:be:e7:
b6:81:5d:43:9d:92:27:f5:dc:87:3d:11:28:eb:8d:44:39:e1:
03:b8:d6:41:8f:de:1e:40:2b:5e:74:60:d2:1b:55:78:01:1a:
74:04:c0:24:59:16:9a:43:38:83:3b:cf:a4:92:1b:e5:ca:02:
e4:74:f1:a6:95:9d:26:bc:d7:36:10:7f:29:e2:23:d4:48:44:
12:a1:4c:01:d5:1e:9d:9c:77:10:8a:df:88:8b:a7:1f:5c:d5:
a1:10:f1:15
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUcAUWZI87ogTCjXaBPKeinIcfprgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzAzMjIxNTI0NDVaFw0yNDAzMjAxNTI5NDVaMDMxMTAvBgNV
BAMTKDNCMURGOEVBODAxQTM0MDdEQUQwMUU4N0M4QzA2QUE2NUEwRDBBREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCofkDEvEjQgkQ8d/XJfZtVCqJG
DznmtEuyIj5UqORiLBy/j3JDYJVSCWwWfcBTKEeUnIwztnvf1AD9gU1kn+IzE/8x
0s+LUb+8iHMyLFFFccQh1ENalo821ovdIF5d40bjOOMOcJ67Nt2PsgHKuShiXQ1e
pm48bpsz/Ltbdl3d+2r5O3BAv8KF2CCXiNLUKhqmRHALLI/OZ4dewT1QELtbE+5z
cu9jbTEzxnc3wleBIeyAxWQCKjjRQuQcqGhX9R0PMAkw3MU+MrZI2z+FmQ7Xu4JY
0Vvi9P5ooV+0eTq+ucn96C/z7X3qOa2clAK0R09BgyUubJN1es+hxyqe8dCXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUOx346oAaNAfa0B6HyMBqploNCtwwHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTM0MzMyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzMzMzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAfBisw
DQYJKoZIhvcNAQELBQADggEBAF+dW7BcjSNFELJozy3mivtHQJEtDzJajYVqgCi/
DCW0cCieRlyFE3CiAnqL8g+NTc0hLEJxlq/3qf6H4Tg+Nq5lx/7L70YpRE1cJmaA
b3feYI74O91N2fZjcDJ1APVLRLEkGD8r/9KFigi7udnRbtoEGZ5GPnCowglrIuKv
sbRZpryBDqfheC+bLkHIYQMgCuDUxFCMili3xHrRbWJyCfW+57aBXUOdkif13Ic9
ESjrjUQ54QO41kGP3h5AK150YNIbVXgBGnQEwCRZFppDOIM7z6SSG+XKAuR08aaV
nSa81zYQfyniI9RIRBKhTAHVHp2cdxCK34iLpx9c1aEQ8RU=
-----END CERTIFICATE-----
Generated at Tue Feb 18 06:59:45 2025 by rpki-client