Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
File: 322e35362e3234382e302f32342d3234203d3e20323134343636.roa (raw, json)
Hash identifier: khtujmpmyAXboQ6OM4iatWumNpm8lTV5DnQFpAzwSdo=
Subject key identifier: 37:BF:01:C6:BF:9C:F1:FB:CB:AB:05:48:F8:D1:1C:8F:98:E1:6A:97
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 716869EEF9E8D40EF1883741FE7622585697E8C3
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
Signing time: Mon 02 Dec 2024 18:58:29 +0000
ROA not before: Mon 02 Dec 2024 18:53:29 +0000
ROA not after: Mon 01 Dec 2025 18:58:29 +0000
asID: 214466
IP address blocks: 2.56.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:68:69:ee:f9:e8:d4:0e:f1:88:37:41:fe:76:22:58:56:97:e8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Dec 2 18:53:29 2024 GMT
Not After : Dec 1 18:58:29 2025 GMT
Subject: CN=37BF01C6BF9CF1FBCBAB0548F8D11C8F98E16A97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:99:8d:b4:aa:e1:0b:cd:f3:71:8e:1a:83:
f0:cd:db:e3:f0:79:17:d0:f2:37:4b:7e:a4:9c:6d:
4f:21:a3:54:9b:3c:67:b1:c5:e3:83:98:b4:1d:88:
99:d4:3b:04:d9:8c:ae:71:5f:4c:ae:bd:dd:09:92:
f3:94:67:ce:a8:7d:2a:ee:71:15:f5:55:0a:d9:dd:
1f:32:4f:f0:d1:8a:47:96:24:df:d4:65:7c:a8:43:
db:bc:35:5b:00:b8:8e:16:c6:a9:f0:fc:c3:0b:41:
12:23:3a:c8:3a:53:50:90:81:54:b8:e8:34:de:59:
1b:4d:d4:b4:fc:fb:84:f0:c0:bb:5f:59:8f:74:18:
b6:11:c0:15:e2:74:a4:29:e7:ea:35:46:56:70:47:
b1:f9:86:99:5b:01:80:7f:e6:ef:57:18:d6:23:37:
d4:ac:29:2d:0a:13:2b:7c:42:89:b4:a8:e4:89:83:
52:6f:c6:eb:66:b1:77:55:27:2e:ba:d9:94:d1:12:
f0:88:1f:e2:c7:54:ef:8b:c0:30:7c:99:ff:d0:56:
48:47:cf:a7:95:d6:16:c1:c3:c4:5d:6c:a2:e2:f8:
56:a5:10:29:b2:78:d7:98:e1:96:9c:1e:1c:6f:24:
db:f0:54:55:3c:48:31:54:63:69:f3:eb:1d:ca:a5:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BF:01:C6:BF:9C:F1:FB:CB:AB:05:48:F8:D1:1C:8F:98:E1:6A:97
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3234382e302f32342d3234203d3e20323134343636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.248.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:de:42:e3:09:0f:68:32:8c:9c:80:e8:a2:83:eb:a0:e6:9c:
46:ca:0a:03:c3:e8:d8:b3:32:a9:f6:c0:d5:95:f9:75:e0:b1:
8e:6e:a9:93:c5:e0:43:ec:29:cd:a1:49:f4:39:70:fd:7b:45:
84:dd:8d:1b:b6:06:c5:95:c4:88:80:a9:83:d9:04:9c:c8:38:
6b:63:e3:ba:6b:b4:70:da:36:0f:d1:9f:ba:22:ab:37:11:17:
43:16:c3:9c:74:61:1c:af:6d:82:7b:6c:59:a6:20:fe:2f:cd:
b3:4c:dc:fc:b3:56:52:75:21:f3:aa:96:f3:92:6b:4e:ea:71:
8c:d8:49:db:20:3d:87:8b:17:22:4d:f6:14:1e:42:dc:4a:a6:
92:b0:2d:23:62:f9:5a:73:08:94:63:9a:49:df:f8:07:26:1d:
cf:d3:7f:37:12:db:f9:86:06:65:d6:28:fc:ef:8a:11:9e:5e:
e9:8d:9d:99:97:45:2e:fa:f8:47:f7:98:53:96:29:ce:fb:b3:
36:19:ff:1f:2f:0f:f3:bf:8b:26:4a:d1:bc:9b:12:87:7d:53:
74:72:48:78:82:d1:26:16:4f:28:23:c4:f0:62:1c:5a:66:11:
5f:28:8b:2a:0f:5f:5d:a2:5e:71:a3:55:ce:80:7a:f2:f5:24:
4b:27:f3:46
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcWhp7vno1A7xiDdB/nYiWFaX6MMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDEyMDIxODUzMjlaFw0yNTEyMDExODU4MjlaMDMxMTAvBgNV
BAMTKDM3QkYwMUM2QkY5Q0YxRkJDQkFCMDU0OEY4RDExQzhGOThFMTZBOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+QpmNtKrhC83zcY4ag/DN2+Pw
eRfQ8jdLfqScbU8ho1SbPGexxeODmLQdiJnUOwTZjK5xX0yuvd0JkvOUZ86ofSru
cRX1VQrZ3R8yT/DRikeWJN/UZXyoQ9u8NVsAuI4Wxqnw/MMLQRIjOsg6U1CQgVS4
6DTeWRtN1LT8+4TwwLtfWY90GLYRwBXidKQp5+o1RlZwR7H5hplbAYB/5u9XGNYj
N9SsKS0KEyt8Qom0qOSJg1JvxutmsXdVJy662ZTREvCIH+LHVO+LwDB8mf/QVkhH
z6eV1hbBw8RdbKLi+FalECmyeNeY4ZacHhxvJNvwVFU8SDFUY2nz6x3KpRtFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUN78Bxr+c8fvLqwVI+NEcj5jhapcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzQzODJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzYzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4
+DANBgkqhkiG9w0BAQsFAAOCAQEASt5C4wkPaDKMnIDoooProOacRsoKA8Po2LMy
qfbA1ZX5deCxjm6pk8XgQ+wpzaFJ9Dlw/XtFhN2NG7YGxZXEiICpg9kEnMg4a2Pj
umu0cNo2D9GfuiKrNxEXQxbDnHRhHK9tgntsWaYg/i/Ns0zc/LNWUnUh86qW85Jr
TupxjNhJ2yA9h4sXIk32FB5C3EqmkrAtI2L5WnMIlGOaSd/4ByYdz9N/NxLb+YYG
ZdYo/O+KEZ5e6Y2dmZdFLvr4R/eYU5YpzvuzNhn/Hy8P87+LJkrRvJsSh31TdHJI
eILRJhZPKCPE8GIcWmYRXyiLKg9fXaJecaNVzoB68vUkSyfzRg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:30:27 2025 by rpki-client