Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa
File: 322e35392e35362e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: PTE43PzzQ6NtWfj9BHWOlkSMPRqRYKgZ3cL/QmSeAiE=
Subject key identifier: DA:99:3F:D4:49:F2:E7:1F:19:CE:24:DC:A7:F4:C6:1C:8A:75:B1:93
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 0DBDEAA9DFE46A098E28DECE3AC258D41B3E52F3
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 400039
IP address blocks: 2.59.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:bd:ea:a9:df:e4:6a:09:8e:28:de:ce:3a:c2:58:d4:1b:3e:52:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=DA993FD449F2E71F19CE24DCA7F4C61C8A75B193
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:eb:98:d8:61:cc:0e:71:75:00:1d:91:83:f3:
d8:8f:32:fd:eb:56:7f:f7:80:d3:4a:18:83:55:3a:
3e:fe:3b:b6:96:8e:5f:30:bd:76:00:b6:ff:d3:48:
dc:20:ce:22:3b:ee:d1:e5:6e:fd:bb:2e:02:23:95:
be:05:e6:cf:9b:b6:2b:21:e8:57:e6:37:1e:9c:2a:
ce:9a:77:4b:a5:16:df:38:60:bd:17:14:53:61:17:
24:c9:b2:9b:47:5c:9c:1f:00:2e:28:28:de:82:4c:
88:67:b8:b8:5e:4a:87:25:1d:d2:85:9d:27:76:16:
de:92:1e:6e:58:13:ee:4f:96:81:7e:e4:bc:f7:8c:
d0:80:15:bc:72:ff:2a:92:56:c1:64:9e:46:5f:78:
2f:31:8e:06:85:fe:eb:08:a9:20:d4:7f:a1:19:0b:
01:be:55:5a:e7:95:ae:d0:98:96:c6:61:7b:c2:b1:
ac:56:fa:44:f5:00:7b:a1:f6:1e:11:5d:49:18:f6:
4b:8f:ba:a8:37:2f:c8:9b:b7:0f:bc:93:bc:3f:af:
74:72:29:4b:7a:52:a6:8d:74:b0:95:30:77:f4:c2:
50:c9:23:48:f2:9d:21:c9:f3:bb:82:c5:6f:7a:62:
76:3a:d3:af:ae:10:a0:3a:11:65:c1:0a:91:f0:d5:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:99:3F:D4:49:F2:E7:1F:19:CE:24:DC:A7:F4:C6:1C:8A:75:B1:93
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.56.0/24
Signature Algorithm: sha256WithRSAEncryption
23:27:b1:b8:4e:57:1b:08:3a:fd:f0:97:11:23:39:cd:9d:ff:
4a:dc:a6:fa:28:64:37:a5:59:24:ed:71:0f:b9:81:63:6e:c9:
15:58:0f:bf:97:37:6a:64:d0:b9:b0:9d:3e:c1:f8:34:02:5c:
c0:ac:a1:59:57:6f:e9:75:a2:de:59:7a:c9:b7:6f:8b:73:1e:
91:59:c1:7d:f7:8e:26:ac:63:fa:2f:4e:7c:c4:e6:97:04:39:
75:8e:63:59:72:ee:e5:f4:45:cc:b8:3a:a3:e6:55:09:c3:30:
a8:cb:0a:06:a5:07:fd:a7:85:93:31:b6:13:ab:26:98:22:a6:
bd:68:f3:e4:25:80:0a:33:89:fe:a3:48:1c:4b:2a:47:ec:05:
58:19:a5:98:1b:cb:72:0d:f1:11:82:4d:f6:83:6e:e9:6f:4c:
69:b7:00:23:5e:ef:5e:a0:67:6d:45:8f:1f:1f:5f:ca:d2:4e:
7f:12:f9:37:f4:fb:18:00:a7:e6:de:f6:ff:ad:1f:65:e8:3a:
7d:1f:1e:1d:97:6e:5e:27:b8:91:af:83:a3:51:9f:3e:ce:cf:
8f:db:57:3b:b9:aa:79:0a:75:4f:92:8f:84:61:6f:13:da:14:
96:4c:3d:4c:af:73:87:9e:bf:66:1e:36:83:ff:ff:6e:1b:59:
62:f3:c2:5e
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUDb3qqd/kagmOKN7OOsJY1Bs+UvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKERBOTkzRkQ0NDlGMkU3MUYxOUNFMjREQ0E3RjRDNjFDOEE3NUIxOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ65jYYcwOcXUAHZGD89iPMv3r
Vn/3gNNKGINVOj7+O7aWjl8wvXYAtv/TSNwgziI77tHlbv27LgIjlb4F5s+btish
6FfmNx6cKs6ad0ulFt84YL0XFFNhFyTJsptHXJwfAC4oKN6CTIhnuLheSoclHdKF
nSd2Ft6SHm5YE+5PloF+5Lz3jNCAFbxy/yqSVsFknkZfeC8xjgaF/usIqSDUf6EZ
CwG+VVrnla7QmJbGYXvCsaxW+kT1AHuh9h4RXUkY9kuPuqg3L8ibtw+8k7w/r3Ry
KUt6UqaNdLCVMHf0wlDJI0jynSHJ87uCxW96YnY606+uEKA6EWXBCpHw1QZdAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU2pk/1Eny5x8ZziTcp/TGHIp1sZMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzYyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzgw
DQYJKoZIhvcNAQELBQADggEBACMnsbhOVxsIOv3wlxEjOc2d/0rcpvooZDelWSTt
cQ+5gWNuyRVYD7+XN2pk0LmwnT7B+DQCXMCsoVlXb+l1ot5Zesm3b4tzHpFZwX33
jiasY/ovTnzE5pcEOXWOY1ly7uX0Rcy4OqPmVQnDMKjLCgalB/2nhZMxthOrJpgi
pr1o8+QlgAozif6jSBxLKkfsBVgZpZgby3IN8RGCTfaDbulvTGm3ACNe716gZ21F
jx8fX8rSTn8S+Tf0+xgAp+be9v+tH2XoOn0fHh2Xbl4nuJGvg6NRnz7Oz4/bVzu5
qnkKdU+Sj4RhbxPaFJZMPUyvc4eev2YeNoP//24bWWLzwl4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:39:53 2025 by rpki-client