Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e20383334.roa
File: 33312e362e35322e302f32322d3234203d3e20383334.roa (raw, json)
Hash identifier: elN7sjjAw3eKGdYcbWkhlF1E7OMAiiRU8ee04Pz0/iw=
Subject key identifier: 55:04:75:1A:B5:E5:87:CA:5F:4E:73:02:1F:71:CF:BC:4F:8E:17:8A
Certificate issuer: /CN=3a96802395455ca00679c41d5c056cae95d4b57d
Certificate serial: 1AF3EF8DB72F10DA052BA57A4BF66F0A42B0B8DB
Authority key identifier: 3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e20383334.roa
Signing time: Tue 08 Aug 2023 00:00:12 +0000
ROA not before: Mon 07 Aug 2023 23:55:12 +0000
ROA not after: Tue 06 Aug 2024 00:00:12 +0000
asID: 834
IP address blocks: 31.6.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:f3:ef:8d:b7:2f:10:da:05:2b:a5:7a:4b:f6:6f:0a:42:b0:b8:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a96802395455ca00679c41d5c056cae95d4b57d
Validity
Not Before: Aug 7 23:55:12 2023 GMT
Not After : Aug 6 00:00:12 2024 GMT
Subject: CN=5504751AB5E587CA5F4E73021F71CFBC4F8E178A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:98:24:21:1c:34:9f:1f:b8:e0:87:f5:15:a6:
98:97:46:b5:16:23:a4:bc:aa:c3:44:a5:97:3e:a9:
46:50:62:3a:83:a1:21:5e:c0:45:51:06:0b:26:e2:
e0:c0:1d:89:8f:8a:cc:32:bc:15:93:8b:37:35:fa:
79:56:0b:0e:7f:42:46:e2:b0:dd:1b:d3:56:90:fe:
c1:fd:53:b0:84:44:7f:e0:b5:51:49:5a:1f:3a:a2:
98:0d:85:68:dd:58:be:a9:e2:13:5b:a3:94:30:4f:
bc:06:e8:c7:ac:ca:97:38:90:73:6c:1b:56:1b:b6:
9b:b8:2b:55:7d:74:93:e6:03:9f:6e:9d:e8:be:54:
67:b5:75:5e:28:be:27:69:be:35:17:7a:2c:de:7f:
c6:87:05:1f:b0:00:91:f3:b0:75:c8:50:16:e8:bc:
60:bc:08:d6:96:1e:71:c8:2c:23:c9:81:2b:7c:79:
65:75:9c:97:5f:e9:8c:3a:d2:f7:bb:2b:df:a3:fc:
d1:88:5f:f2:e3:9d:2e:d1:87:54:1d:a2:52:29:1a:
3e:dc:1b:e4:3d:1d:cf:68:fb:03:93:e1:88:8c:45:
3e:74:58:b1:71:07:89:70:f8:89:3f:30:a9:f4:4c:
de:20:f4:bd:15:3f:50:24:35:6b:9a:93:f8:5e:70:
29:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:04:75:1A:B5:E5:87:CA:5F:4E:73:02:1F:71:CF:BC:4F:8E:17:8A
X509v3 Authority Key Identifier:
keyid:3A:96:80:23:95:45:5C:A0:06:79:C4:1D:5C:05:6C:AE:95:D4:B5:7D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/3A96802395455CA00679C41D5C056CAE95D4B57D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpaAI5VFXKAGecQdXAVsrpXUtX0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a2ffbce7-88dd-4ca9-b245-116386cee788/0/33312e362e35322e302f32322d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.52.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:9b:96:5b:10:e5:15:c0:09:85:1f:a4:ef:ea:ef:16:09:f0:
a1:2c:1a:6d:70:7c:aa:b1:8e:2c:95:40:4f:b1:8a:9e:63:63:
df:a3:72:bd:0d:41:92:a2:bc:c3:f5:58:1b:83:d6:84:63:63:
dc:ee:d5:9d:f4:96:77:b2:7c:76:e0:c5:a4:1f:3c:23:dd:d8:
10:a0:ac:5b:f1:d7:48:69:72:68:d1:70:ef:34:92:06:96:4b:
50:15:9d:e1:45:a4:c0:43:3e:9c:9d:85:8b:3e:8b:1c:2a:3e:
65:a8:f9:f8:da:46:35:78:b6:54:ec:82:a7:67:81:e1:8a:37:
d9:f1:04:f1:b4:be:7c:57:52:bf:71:15:d6:53:71:e4:9e:54:
2e:32:bc:a8:29:6f:dd:b5:d0:3b:8f:37:3f:06:e5:81:82:c5:
dd:e5:4e:ed:61:2a:92:9d:ce:0d:64:aa:16:35:d3:75:dc:04:
be:cc:2d:e6:c6:e3:06:86:bc:06:47:23:9f:7b:fa:76:04:83:
45:2a:3f:d4:77:d2:08:aa:28:d3:4c:a1:39:cc:91:5d:e3:bc:
5f:ab:c2:57:00:aa:f5:e7:5f:a0:99:c6:0b:8d:25:62:7c:ab:
5d:d6:7a:b1:f5:0a:d3:a8:8b:ea:dd:db:e0:14:f3:23:ee:eb:
53:73:96:5b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUGvPvjbcvENoFK6V6S/ZvCkKwuNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2E5NjgwMjM5NTQ1NWNhMDA2NzljNDFkNWMwNTZjYWU5
NWQ0YjU3ZDAeFw0yMzA4MDcyMzU1MTJaFw0yNDA4MDYwMDAwMTJaMDMxMTAvBgNV
BAMTKDU1MDQ3NTFBQjVFNTg3Q0E1RjRFNzMwMjFGNzFDRkJDNEY4RTE3OEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCumCQhHDSfH7jgh/UVppiXRrUW
I6S8qsNEpZc+qUZQYjqDoSFewEVRBgsm4uDAHYmPiswyvBWTizc1+nlWCw5/Qkbi
sN0b01aQ/sH9U7CERH/gtVFJWh86opgNhWjdWL6p4hNbo5QwT7wG6Mesypc4kHNs
G1Ybtpu4K1V9dJPmA59unei+VGe1dV4ovidpvjUXeizef8aHBR+wAJHzsHXIUBbo
vGC8CNaWHnHILCPJgSt8eWV1nJdf6Yw60ve7K9+j/NGIX/LjnS7Rh1QdolIpGj7c
G+Q9Hc9o+wOT4YiMRT50WLFxB4lw+Ik/MKn0TN4g9L0VP1AkNWuak/hecCkNAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUVQR1GrXlh8pfTnMCH3HPvE+OF4owHwYDVR0j
BBgwFoAUOpaAI5VFXKAGecQdXAVsrpXUtX0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTJmZmJjZTctODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2Vl
Nzg4LzAvM0E5NjgwMjM5NTQ1NUNBMDA2NzlDNDFENUMwNTZDQUU5NUQ0QjU3RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09wYUFJNVZGWEtBR2VjUWRYQVZzcnBY
VXRYMC5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTJmZmJjZTct
ODhkZC00Y2E5LWIyNDUtMTE2Mzg2Y2VlNzg4LzAvMzMzMTJlMzYyZTM1MzIyZTMw
MmYzMjMyMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIfBjQwDQYJKoZI
hvcNAQELBQADggEBAD6bllsQ5RXACYUfpO/q7xYJ8KEsGm1wfKqxjiyVQE+xip5j
Y9+jcr0NQZKivMP1WBuD1oRjY9zu1Z30lneyfHbgxaQfPCPd2BCgrFvx10hpcmjR
cO80kgaWS1AVneFFpMBDPpydhYs+ixwqPmWo+fjaRjV4tlTsgqdngeGKN9nxBPG0
vnxXUr9xFdZTceSeVC4yvKgpb9210DuPNz8G5YGCxd3lTu1hKpKdzg1kqhY103Xc
BL7MLebG4waGvAZHI597+nYEg0UqP9R30giqKNNMoTnMkV3jvF+rwlcAqvXnX6CZ
xguNJWJ8q13WerH1CtOoi+rd2+AU8yPu61Nzlls=
-----END CERTIFICATE-----
Generated at Wed Sep 13 09:29:50 2023 by rpki-client on console-fra.rpki-client.org