Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20333936393832.roa
File: 322e35362e3235302e302f32342d3234203d3e20333936393832.roa (raw, json)
Hash identifier: jQVqO5A+LbSA9ae1zYKfYbtDDV6zM7xH0nesKFZAGGU=
Subject key identifier: BA:E0:CA:07:F4:30:10:10:C0:BD:A7:43:FC:CF:36:1A:9C:16:38:89
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 14A270A7F44715CA3396E46E8A42DC16BA01F793
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20333936393832.roa
Signing time: Thu 20 Mar 2025 14:54:06 +0000
ROA not before: Thu 20 Mar 2025 14:49:06 +0000
ROA not after: Thu 19 Mar 2026 14:54:06 +0000
asID: 396982
IP address blocks: 2.56.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:a2:70:a7:f4:47:15:ca:33:96:e4:6e:8a:42:dc:16:ba:01:f7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 20 14:49:06 2025 GMT
Not After : Mar 19 14:54:06 2026 GMT
Subject: CN=BAE0CA07F4301010C0BDA743FCCF361A9C163889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:29:37:a0:50:b0:ce:ea:6e:a8:10:f9:14:
4b:9c:f9:cf:07:95:c7:c1:f9:23:9b:d2:42:44:02:
f9:1d:f1:7b:bf:d3:f3:83:58:73:45:6d:1a:f1:96:
34:15:7b:bc:40:23:34:6a:49:3b:58:fd:57:eb:ec:
dc:17:26:ab:c7:4e:61:44:5d:8d:b4:f2:3b:49:2b:
9e:03:95:f7:3c:50:6a:14:3f:a8:0d:ba:fd:10:ac:
38:ed:74:09:e8:e8:68:41:b2:1d:c4:ae:cf:b8:ea:
3f:7b:bc:74:fb:5e:bd:c8:1b:db:0b:67:b1:a1:5f:
27:6c:a4:b9:4d:31:8b:e5:c3:49:e7:66:e9:f6:3f:
93:ae:27:c4:e8:7a:ec:90:cb:3f:fb:9e:e0:13:8b:
d3:7c:be:7e:5e:70:0c:63:66:0d:29:af:9a:83:5c:
7e:fd:38:dd:e9:c4:0a:83:4f:e9:e0:c5:e2:08:f9:
ad:e0:96:6f:95:e8:fe:5c:58:e3:d8:b4:3e:6c:52:
6d:b1:3a:de:16:76:ec:ff:12:f2:de:94:8b:7e:6a:
61:9a:8b:cb:90:96:74:1e:6c:4b:80:2d:72:80:4d:
fd:86:32:b9:6e:84:37:3b:d0:a0:13:a6:59:69:6b:
73:43:30:b0:43:4f:dd:f5:36:0f:7f:c5:09:2c:89:
69:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:E0:CA:07:F4:30:10:10:C0:BD:A7:43:FC:CF:36:1A:9C:16:38:89
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35362e3235302e302f32342d3234203d3e20333936393832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.250.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:54:e0:1f:4c:99:b2:45:fc:7b:e8:54:a5:08:09:c4:18:05:
56:b2:12:ba:6f:32:18:bd:d2:e0:04:c6:d1:0d:03:a6:7b:ff:
9e:a9:ea:46:04:b4:7c:07:6a:db:ab:e9:ba:07:51:1c:cc:66:
e7:ee:47:40:04:48:d4:cf:e6:31:39:27:4b:fb:7c:ab:aa:d3:
b9:5c:ba:12:91:59:7d:40:5f:71:a7:c3:d4:09:7a:a6:4a:7e:
d2:83:77:4e:23:79:be:4a:8f:5a:c0:39:cd:3d:83:8a:c2:87:
68:10:32:c4:fd:2d:f1:af:16:1f:59:b1:68:aa:70:ce:fc:db:
9d:8c:9d:43:85:be:84:57:7f:aa:35:7a:4f:32:f5:f5:77:bc:
17:f4:81:43:fb:fb:9b:ea:76:7b:02:15:86:53:bb:b7:67:58:
50:e1:18:ba:0d:bd:aa:06:e4:aa:6f:84:59:4b:47:ea:bf:20:
40:72:32:30:a1:d0:ca:0d:53:c7:87:96:47:40:23:f8:c3:26:
93:94:e7:0a:d9:07:9c:f0:c1:be:ed:a0:eb:88:c3:78:08:c8:
24:82:5f:97:10:d6:dd:97:1b:e2:93:fa:54:d3:ef:c8:e2:13:
6c:ae:23:50:6f:f8:13:e3:ce:ac:4f:c0:cb:a0:7c:33:1e:83:
15:c5:39:02
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUFKJwp/RHFcozluRuikLcFroB95MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMjAxNDQ5MDZaFw0yNjAzMTkxNDU0MDZaMDMxMTAvBgNV
BAMTKEJBRTBDQTA3RjQzMDEwMTBDMEJEQTc0M0ZDQ0YzNjFBOUMxNjM4ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUik3oFCwzupuqBD5FEuc+c8H
lcfB+SOb0kJEAvkd8Xu/0/ODWHNFbRrxljQVe7xAIzRqSTtY/Vfr7NwXJqvHTmFE
XY208jtJK54Dlfc8UGoUP6gNuv0QrDjtdAno6GhBsh3Ers+46j97vHT7Xr3IG9sL
Z7GhXydspLlNMYvlw0nnZun2P5OuJ8ToeuyQyz/7nuATi9N8vn5ecAxjZg0pr5qD
XH79ON3pxAqDT+ngxeII+a3glm+V6P5cWOPYtD5sUm2xOt4Wduz/EvLelIt+amGa
i8uQlnQebEuALXKATf2GMrluhDc70KATpllpa3NDMLBDT931Ng9/xQksiWkXAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUuuDKB/QwEBDAvadD/M82GpwWOIkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzYyZTMyMzUzMDJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjM5MzgzMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI4
+jANBgkqhkiG9w0BAQsFAAOCAQEAX1TgH0yZskX8e+hUpQgJxBgFVrISum8yGL3S
4ATG0Q0Dpnv/nqnqRgS0fAdq26vpugdRHMxm5+5HQARI1M/mMTknS/t8q6rTuVy6
EpFZfUBfcafD1Al6pkp+0oN3TiN5vkqPWsA5zT2DisKHaBAyxP0t8a8WH1mxaKpw
zvzbnYydQ4W+hFd/qjV6TzL19Xe8F/SBQ/v7m+p2ewIVhlO7t2dYUOEYug29qgbk
qm+EWUtH6r8gQHIyMKHQyg1Tx4eWR0Aj+MMmk5TnCtkHnPDBvu2g64jDeAjIJIJf
lxDW3Zcb4pP6VNPvyOITbK4jUG/4E+POrE/Ay6B8Mx6DFcU5Ag==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:34 2025 by rpki-client