Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20323135323438.roa
File: 32332e3133362e32302e302f32342d3234203d3e20323135323438.roa (raw, json)
Hash identifier: qWICRkjmLt8+dNxxWBazesXDN3X2Ej4jtCp5CweB95Y=
Subject key identifier: 97:B5:FF:62:36:A9:0D:A4:35:6B:06:CB:92:0D:98:66:4D:5D:9C:38
Certificate issuer: /CN=23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd
Certificate serial: 3D4BB2078CA213311E97665350B3800991FDB68D
Authority key identifier: 1F:7F:72:49:A6:81:F8:CD:41:27:0B:50:D8:D7:E7:81:58:81:DA:36
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/383bd50b-b192-44bd-9349-351225a13a33/23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20323135323438.roa
Signing time: Sat 22 Mar 2025 15:57:04 +0000
ROA not before: Sat 22 Mar 2025 15:52:04 +0000
ROA not after: Sat 21 Mar 2026 15:57:04 +0000
asID: 215248
IP address blocks: 23.136.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:4b:b2:07:8c:a2:13:31:1e:97:66:53:50:b3:80:09:91:fd:b6:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd
Validity
Not Before: Mar 22 15:52:04 2025 GMT
Not After : Mar 21 15:57:04 2026 GMT
Subject: CN=97B5FF6236A90DA4356B06CB920D98664D5D9C38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:53:68:7b:2a:dc:7b:7e:53:f5:83:27:b8:68:
d5:a2:20:8b:2e:91:5c:3a:67:5e:d6:ae:8c:4f:80:
79:37:59:e5:8a:f3:13:ee:5b:3d:68:53:c6:7c:ad:
0a:1b:84:57:2e:c1:f7:ff:19:fd:8d:b2:54:0b:56:
8d:05:19:d8:1e:66:9f:bb:d4:da:dd:72:2e:b0:f4:
0a:52:cd:db:ff:03:63:c4:b1:f1:28:d5:9c:32:d6:
d3:2a:4b:e4:2c:f3:fc:1a:66:04:81:da:b0:8a:2d:
8b:a1:f8:68:3e:dd:fa:cf:85:a2:6d:f1:44:9a:ee:
c4:4a:8a:d7:3c:3b:51:75:a8:9e:ab:c4:d5:fe:31:
5e:47:2f:bc:ef:fa:f8:20:2b:eb:d4:54:ac:98:22:
d0:26:d9:6a:5a:6c:51:8e:a9:9b:8f:4f:6b:30:e8:
7a:84:88:41:aa:52:a1:83:0a:7f:24:fc:26:e5:c7:
7d:37:3b:ab:19:e7:8b:32:35:43:46:1f:42:81:03:
65:7d:01:c8:d4:9e:11:3a:8a:b1:79:d0:e7:54:b7:
62:54:fa:f5:de:5b:55:12:ae:ba:9c:43:04:99:76:
a9:c9:aa:81:61:5c:7f:17:89:66:43:92:62:47:ac:
7f:fc:3c:3b:7c:12:de:c1:3d:bb:8c:c0:5b:e9:93:
0b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:B5:FF:62:36:A9:0D:A4:35:6B:06:CB:92:0D:98:66:4D:5D:9C:38
X509v3 Authority Key Identifier:
keyid:1F:7F:72:49:A6:81:F8:CD:41:27:0B:50:D8:D7:E7:81:58:81:DA:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/1F7F7249A681F8CD41270B50D8D7E7815881DA36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/383bd50b-b192-44bd-9349-351225a13a33/23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.136.20.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:50:5d:ff:a0:bb:67:3a:b5:22:24:5f:6c:2f:89:d7:ab:6f:
03:19:98:c5:23:66:b0:09:10:29:3a:53:97:60:a4:b0:64:5d:
be:f1:b9:ec:e1:0a:7b:bf:c9:43:d4:b6:24:a2:41:77:98:47:
33:af:00:5f:2e:ab:57:1e:92:3c:17:7d:47:e0:1e:80:9b:c8:
1a:20:c2:91:0f:31:7c:53:98:d1:51:5e:c3:74:6a:db:b8:75:
75:1b:24:07:88:7b:c7:54:68:9a:aa:14:69:03:ef:ea:0f:cc:
43:82:e9:d2:c5:2c:7d:4b:80:8a:df:a6:64:ab:84:f6:79:cb:
a4:ac:f5:4e:6d:cf:0d:ec:41:f2:21:d3:f1:38:db:f8:8e:cc:
4f:be:c4:aa:dd:10:a4:35:24:c8:d3:90:57:b2:23:4e:e9:7e:
01:94:67:be:98:58:0c:9c:73:aa:96:15:60:b0:94:4c:76:be:
0e:9c:fb:b0:3c:c5:47:41:ff:3b:e0:45:f2:90:57:e7:71:e8:
0b:c7:f1:bf:9e:6c:c3:7b:ca:40:e4:e1:d8:98:64:39:80:34:
0d:c1:4a:45:60:e5:fc:55:f0:19:27:52:0f:bd:fa:d7:a7:f0:
72:69:c3:77:f7:2b:24:21:25:c4:0e:75:fb:48:b8:d1:2f:13:
8c:8f:d2:bd
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUPUuyB4yiEzEel2ZTULOACZH9to0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjNmYjNkMjllN2Y2N2M2MzRkZjNiN2Y0YTk2MDA4MmU0
NDI5ZjE2NmI2NTMwMWE5ZGQwHhcNMjUwMzIyMTU1MjA0WhcNMjYwMzIxMTU1NzA0
WjAzMTEwLwYDVQQDEyg5N0I1RkY2MjM2QTkwREE0MzU2QjA2Q0I5MjBEOTg2NjRE
NUQ5QzM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVNoeyrce35T
9YMnuGjVoiCLLpFcOmde1q6MT4B5N1nlivMT7ls9aFPGfK0KG4RXLsH3/xn9jbJU
C1aNBRnYHmafu9Ta3XIusPQKUs3b/wNjxLHxKNWcMtbTKkvkLPP8GmYEgdqwii2L
ofhoPt36z4WibfFEmu7ESorXPDtRdaieq8TV/jFeRy+87/r4ICvr1FSsmCLQJtlq
WmxRjqmbj09rMOh6hIhBqlKhgwp/JPwm5cd9NzurGeeLMjVDRh9CgQNlfQHI1J4R
OoqxedDnVLdiVPr13ltVEq66nEMEmXapyaqBYVx/F4lmQ5JiR6x//Dw7fBLewT27
jMBb6ZMLkQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFJe1/2I2qQ2kNWsGy5INmGZN
XZw4MB8GA1UdIwQYMBaAFB9/ckmmgfjNQScLUNjX54FYgdo2MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NkMTlkYjIwLTQ2NTMtNDhkNC04ZmM0
LTU4MGQxMzY5YjdjNC8xLzFGN0Y3MjQ5QTY4MUY4Q0Q0MTI3MEI1MEQ4RDdFNzgx
NTg4MURBMzYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q2YjVhZDI4LTFjYmMt
NDdhYi05MDRlLTQ1MzYxYTU0ODdjMy8zODNiZDUwYi1iMTkyLTQ0YmQtOTM0OS0z
NTEyMjVhMTNhMzMvMjNmYjNkMjllN2Y2N2M2MzRkZjNiN2Y0YTk2MDA4MmU0NDI5
ZjE2NmI2NTMwMWE5ZGQuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L2NkMTlkYjIwLTQ2NTMtNDhkNC04ZmM0LTU4MGQxMzY5YjdjNC8xLzMyMzMyZTMx
MzMzNjJlMzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMyMzQzOC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeIFDANBgkqhkiG9w0BAQsFAAOCAQEAulBd/6C7Zzq1IiRfbC+J
16tvAxmYxSNmsAkQKTpTl2CksGRdvvG57OEKe7/JQ9S2JKJBd5hHM68AXy6rVx6S
PBd9R+AegJvIGiDCkQ8xfFOY0VFew3Rq27h1dRskB4h7x1RomqoUaQPv6g/MQ4Lp
0sUsfUuAit+mZKuE9nnLpKz1Tm3PDexB8iHT8Tjb+I7MT77Eqt0QpDUkyNOQV7Ij
Tul+AZRnvphYDJxzqpYVYLCUTHa+Dpz7sDzFR0H/O+BF8pBX53HoC8fxv55sw3vK
QOTh2JhkOYA0DcFKRWDl/FXwGSdSD73616fwcmnDd/crJCElxA51+0i40S8TjI/S
vQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 02:59:34 2025 by rpki-client