Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e203136353039.roa
File: 322e35392e35372e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: kdHSjhSX3YOtF/v+vlNRlhH/POngpOGcFF9yCUfTgRQ=
Subject key identifier: D1:09:7C:D2:ED:B4:E0:8A:BC:2B:8E:01:E7:6D:E4:D1:D3:FD:65:77
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 4813D5B0B784997B6FF6C588D3FFE0607FA7235C
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e203136353039.roa
Signing time: Thu 06 Feb 2025 10:53:53 +0000
ROA not before: Thu 06 Feb 2025 10:48:53 +0000
ROA not after: Thu 05 Feb 2026 10:53:53 +0000
asID: 16509
IP address blocks: 2.59.57.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:13:d5:b0:b7:84:99:7b:6f:f6:c5:88:d3:ff:e0:60:7f:a7:23:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 6 10:48:53 2025 GMT
Not After : Feb 5 10:53:53 2026 GMT
Subject: CN=D1097CD2EDB4E08ABC2B8E01E76DE4D1D3FD6577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4f:28:31:35:3a:52:62:b3:23:e5:e6:6f:08:
b6:49:35:5b:29:7b:ec:49:14:60:75:25:54:ef:24:
c9:fb:8e:cc:60:29:6d:19:ce:5a:f6:4a:06:9d:ef:
da:41:9d:1e:e8:2e:ce:bd:4b:4f:e2:36:8d:4d:b6:
88:f8:68:8f:6f:0c:68:38:50:00:63:23:16:c1:97:
a0:02:96:42:c6:33:4d:6a:22:26:73:97:d6:d9:da:
ec:58:8d:33:72:3e:7b:be:06:6b:05:20:4e:7a:cb:
a0:8c:c6:99:25:60:cb:4a:9f:c8:ed:e7:57:cb:cc:
17:ab:4c:70:4e:61:42:14:cd:b5:16:ba:57:37:6e:
64:94:a1:aa:46:4c:94:08:88:ae:48:ad:7a:ee:32:
f9:a7:5c:5a:bb:10:11:74:c7:37:bf:73:31:79:0b:
da:f4:b2:c8:9f:b2:7e:d4:3c:4e:34:b1:5d:7c:7b:
78:6a:ee:b8:8a:d1:59:f3:a4:5b:1f:78:bc:e2:b6:
2c:3f:4a:89:56:35:6f:05:28:f0:97:00:99:65:85:
c3:80:8b:fa:b9:d4:4b:fb:1e:0d:ab:08:90:4f:21:
fa:b7:02:fb:e0:45:03:bd:b4:9e:ac:58:63:1e:e1:
66:38:dc:fe:93:76:c3:a2:65:85:73:60:a1:d7:a5:
c9:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:09:7C:D2:ED:B4:E0:8A:BC:2B:8E:01:E7:6D:E4:D1:D3:FD:65:77
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35372e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.57.0/24
Signature Algorithm: sha256WithRSAEncryption
92:86:70:0a:81:9e:66:62:23:06:95:40:cd:7d:64:cd:66:07:
07:15:c9:bf:aa:3d:1b:62:8b:80:9f:ef:d2:d5:d3:b7:ef:77:
86:57:32:f1:10:74:71:66:a8:4a:d0:2b:05:30:06:45:e4:92:
e4:72:16:af:14:25:c4:6d:ff:3a:a8:17:0c:75:79:42:f4:ef:
dc:b8:0d:66:09:0c:dd:d8:70:16:4e:2e:82:51:54:66:fc:38:
cf:61:39:97:d7:cf:13:44:da:be:cf:eb:07:48:b0:bc:55:56:
65:b8:f6:1c:e1:b7:bd:d8:32:41:84:73:d4:41:7f:c4:26:d4:
75:7b:11:f5:86:4e:52:44:c3:8c:8c:04:22:5f:9e:75:b9:a8:
ee:89:67:98:73:80:d3:39:67:11:ab:34:ff:b2:a7:e8:d6:44:
e4:f3:3c:a1:cc:f2:75:09:f9:18:f7:e5:3f:e5:60:d4:48:84:
26:02:e2:56:7c:ce:92:cb:78:dd:8f:49:3b:5b:c0:24:c1:79:
91:0a:9e:02:c5:fe:b8:10:9e:7f:7a:80:74:86:d7:c5:2e:6c:
54:92:8b:a7:2f:4b:d9:f7:f1:7a:cb:18:a3:d3:8d:ee:e8:3b:
ba:5d:60:e6:7a:7c:a8:6a:2c:7e:89:cb:72:29:63:32:cb:c4:
b9:76:32:9d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSBPVsLeEmXtv9sWI0//gYH+nI1wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAyMDYxMDQ4NTNaFw0yNjAyMDUxMDUzNTNaMDMxMTAvBgNV
BAMTKEQxMDk3Q0QyRURCNEUwOEFCQzJCOEUwMUU3NkRFNEQxRDNGRDY1NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4TygxNTpSYrMj5eZvCLZJNVsp
e+xJFGB1JVTvJMn7jsxgKW0Zzlr2Sgad79pBnR7oLs69S0/iNo1Ntoj4aI9vDGg4
UABjIxbBl6AClkLGM01qIiZzl9bZ2uxYjTNyPnu+BmsFIE56y6CMxpklYMtKn8jt
51fLzBerTHBOYUIUzbUWulc3bmSUoapGTJQIiK5IrXruMvmnXFq7EBF0xze/czF5
C9r0ssifsn7UPE40sV18e3hq7riK0VnzpFsfeLzitiw/SolWNW8FKPCXAJllhcOA
i/q51Ev7Hg2rCJBPIfq3AvvgRQO9tJ6sWGMe4WY43P6TdsOiZYVzYKHXpckDAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU0Ql80u204Iq8K44B523k0dP9ZXcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjs5MA0G
CSqGSIb3DQEBCwUAA4IBAQCShnAKgZ5mYiMGlUDNfWTNZgcHFcm/qj0bYouAn+/S
1dO373eGVzLxEHRxZqhK0CsFMAZF5JLkchavFCXEbf86qBcMdXlC9O/cuA1mCQzd
2HAWTi6CUVRm/DjPYTmX188TRNq+z+sHSLC8VVZluPYc4be92DJBhHPUQX/EJtR1
exH1hk5SRMOMjAQiX551uajuiWeYc4DTOWcRqzT/sqfo1kTk8zyhzPJ1CfkY9+U/
5WDUSIQmAuJWfM6Sy3jdj0k7W8AkwXmRCp4Cxf64EJ5/eoB0htfFLmxUkounL0vZ
9/F6yxij043u6Du6XWDmenyoaix+ictyKWMyy8S5djKd
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:27 2025 by rpki-client