Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20333936303733.roa
File: 3137312e32322e37382e302f32342d3234203d3e20333936303733.roa (raw, json)
Hash identifier: smrNFMbppdTaihv5pEnMeFhuVOdlwdbGW2fhzQTrat4=
Subject key identifier: 1D:1E:31:ED:60:E8:A1:A6:46:45:4D:BE:B0:82:BA:14:39:22:3C:A9
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 293355E5974D46E197496E9B9F09BCA818391F41
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20333936303733.roa
Signing time: Wed 22 Jan 2025 19:53:52 +0000
ROA not before: Wed 22 Jan 2025 19:48:52 +0000
ROA not after: Wed 21 Jan 2026 19:53:52 +0000
asID: 396073
IP address blocks: 171.22.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:33:55:e5:97:4d:46:e1:97:49:6e:9b:9f:09:bc:a8:18:39:1f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:52 2025 GMT
Not After : Jan 21 19:53:52 2026 GMT
Subject: CN=1D1E31ED60E8A1A646454DBEB082BA1439223CA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8e:22:0c:b9:f5:bb:c1:5f:2e:9b:6e:da:42:
41:60:d1:ac:62:30:67:22:bd:38:df:00:ba:86:17:
d2:53:a3:44:0c:e8:76:c3:77:5c:5e:96:ad:66:d4:
80:ed:49:48:51:be:e2:c8:c0:54:a6:f7:6d:30:81:
83:cb:95:3d:a0:75:61:a5:86:62:31:78:58:71:5e:
c6:27:6c:e6:9f:7f:b3:1c:e5:aa:d4:fb:47:27:b0:
65:81:78:2e:95:59:e5:19:4d:91:d8:ea:b9:fa:ac:
ca:bd:ae:e9:e0:97:48:6a:31:a9:ef:01:66:3d:30:
0f:62:ae:0f:fb:d5:fe:66:57:87:5a:5d:3a:88:fa:
cd:17:34:aa:d4:32:b5:24:df:17:d9:26:27:45:78:
50:03:40:19:06:e2:da:18:d0:87:b8:79:6d:6b:bd:
b3:85:ef:ac:04:4c:ad:7c:85:7f:c9:d7:da:bd:4d:
ca:f4:cf:a5:fa:59:a6:8f:d8:29:28:6b:54:7f:6b:
79:0f:e6:80:8a:00:47:5e:b4:f6:72:50:46:55:33:
f6:ea:84:57:15:84:66:ca:e4:14:e1:30:a4:ec:fb:
31:76:69:14:f7:b1:0a:93:c1:58:8c:73:7e:da:2c:
0e:dd:62:f0:c1:32:b0:da:ca:d0:c9:dc:12:0d:66:
61:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:1E:31:ED:60:E8:A1:A6:46:45:4D:BE:B0:82:BA:14:39:22:3C:A9
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/3137312e32322e37382e302f32342d3234203d3e20333936303733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.78.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:8e:d2:26:b9:5a:0a:97:a7:4e:aa:1f:95:ce:90:38:b0:0e:
b2:1d:fc:24:c0:44:a2:2c:5f:45:58:92:b2:aa:59:3b:57:5a:
21:be:0c:41:7c:cb:3c:7e:ae:bf:38:45:c6:b4:a7:4f:98:ee:
8a:74:85:d5:21:20:7d:e4:d2:a4:1a:d6:5b:f9:f0:77:68:c3:
96:de:93:83:0b:5a:a0:84:8d:dc:fb:1c:87:4e:85:6f:3e:a7:
63:ef:84:ed:f4:be:25:2e:ac:97:f4:05:6a:0a:35:1f:89:91:
2a:b8:f4:76:60:68:60:a1:7c:c2:99:84:34:a4:7f:ac:3d:c2:
f5:46:3f:f3:8f:82:e7:ca:45:72:50:ec:21:1f:64:5f:58:9d:
b1:0c:f3:28:ee:0d:eb:1d:9d:32:bc:22:a5:eb:bf:9d:a3:13:
fc:50:61:94:dd:09:07:86:2c:b0:f7:e6:a4:68:a9:55:f1:3f:
2d:c4:06:91:90:3b:dc:6d:07:2c:cc:3c:a8:2d:68:f7:53:42:
37:4e:48:92:c8:15:75:b2:77:45:b7:62:b0:c7:68:4a:11:51:
29:82:d0:72:cc:c8:f8:15:60:98:f8:98:3d:b5:e3:38:60:53:
26:52:0d:05:4e:ec:5c:bb:00:30:16:d7:1e:08:8f:c7:6e:d0:
06:06:bd:e0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKTNV5ZdNRuGXSW6bnwm8qBg5H0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTJaFw0yNjAxMjExOTUzNTJaMDMxMTAvBgNV
BAMTKDFEMUUzMUVENjBFOEExQTY0NjQ1NERCRUIwODJCQTE0MzkyMjNDQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCjiIMufW7wV8um27aQkFg0axi
MGcivTjfALqGF9JTo0QM6HbDd1xelq1m1IDtSUhRvuLIwFSm920wgYPLlT2gdWGl
hmIxeFhxXsYnbOaff7Mc5arU+0cnsGWBeC6VWeUZTZHY6rn6rMq9rungl0hqManv
AWY9MA9irg/71f5mV4daXTqI+s0XNKrUMrUk3xfZJidFeFADQBkG4toY0Ie4eW1r
vbOF76wETK18hX/J19q9Tcr0z6X6WaaP2Ckoa1R/a3kP5oCKAEdetPZyUEZVM/bq
hFcVhGbK5BThMKTs+zF2aRT3sQqTwViMc37aLA7dYvDBMrDaytDJ3BINZmG7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHR4x7WDooaZGRU2+sIK6FDkiPKkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzEzNzMxMmUzMjMyMmUzNzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM2MzAzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
qxZOMA0GCSqGSIb3DQEBCwUAA4IBAQCijtImuVoKl6dOqh+VzpA4sA6yHfwkwESi
LF9FWJKyqlk7V1ohvgxBfMs8fq6/OEXGtKdPmO6KdIXVISB95NKkGtZb+fB3aMOW
3pODC1qghI3c+xyHToVvPqdj74Tt9L4lLqyX9AVqCjUfiZEquPR2YGhgoXzCmYQ0
pH+sPcL1Rj/zj4LnykVyUOwhH2RfWJ2xDPMo7g3rHZ0yvCKl67+doxP8UGGU3QkH
hiyw9+akaKlV8T8txAaRkDvcbQcszDyoLWj3U0I3TkiSyBV1sndFt2Kwx2hKEVEp
gtByzMj4FWCY+Jg9teM4YFMmUg0FTuxcuwAwFtceCI/HbtAGBr3g
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:38:58 2025 by rpki-client