Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20333936303634.roa
File: 32332e3133362e32302e302f32342d3234203d3e20333936303634.roa (raw, json)
Hash identifier: l3PqR+UTXc6mZ6DH8HSVMsKTEDZ5iX5wYCsyCFY80r0=
Subject key identifier: 47:5E:47:A9:09:D0:83:86:73:24:3C:00:84:90:EA:8C:64:E3:6D:E5
Certificate issuer: /CN=23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd
Certificate serial: 02FD1794789F643391E3B102D7832EACAF7D2297
Authority key identifier: 1F:7F:72:49:A6:81:F8:CD:41:27:0B:50:D8:D7:E7:81:58:81:DA:36
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/383bd50b-b192-44bd-9349-351225a13a33/23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20333936303634.roa
Signing time: Sat 22 Mar 2025 15:55:16 +0000
ROA not before: Sat 22 Mar 2025 15:50:16 +0000
ROA not after: Sat 21 Mar 2026 15:55:16 +0000
asID: 396064
IP address blocks: 23.136.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:fd:17:94:78:9f:64:33:91:e3:b1:02:d7:83:2e:ac:af:7d:22:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd
Validity
Not Before: Mar 22 15:50:16 2025 GMT
Not After : Mar 21 15:55:16 2026 GMT
Subject: CN=475E47A909D0838673243C008490EA8C64E36DE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:05:97:42:50:be:25:7d:d1:8a:81:91:a7:16:
07:9b:af:ef:8e:47:a3:ac:80:0f:0b:36:0c:e5:6d:
05:35:5b:0b:c4:6b:fb:19:17:0c:ea:0c:05:a7:5f:
6b:33:3b:4a:d5:f7:a8:8e:67:bf:f1:f2:d9:94:e2:
f1:f9:a5:6a:ab:8e:ae:b3:a1:8c:de:fe:54:f3:e9:
93:41:a5:d9:50:1c:8a:6c:1b:17:94:12:70:24:7c:
ca:95:66:1e:0a:6e:44:d3:7c:2c:0f:84:e9:95:69:
3e:af:2c:2e:59:66:c3:68:26:fa:e9:05:0c:29:3e:
a7:f1:e7:d7:a6:30:78:da:09:4b:af:d6:73:4f:75:
65:48:d7:c3:14:5a:75:b3:60:c6:91:0e:b2:3c:7c:
63:2e:3d:5e:1a:7a:10:45:fe:5c:40:8b:db:9f:f2:
72:f2:2c:01:75:a4:45:c7:be:77:6d:71:e7:dd:47:
c3:25:ec:74:43:52:10:34:cc:c5:7d:5b:e1:ec:9b:
88:13:4f:21:af:af:ab:f9:04:03:43:be:3b:d9:ef:
26:da:35:db:49:79:02:8b:84:80:e1:ac:eb:19:ff:
1f:cf:27:4e:32:3b:39:07:d4:26:87:7b:ef:e9:99:
62:3b:85:e1:27:9b:26:82:61:c7:ae:56:f7:dd:6d:
37:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5E:47:A9:09:D0:83:86:73:24:3C:00:84:90:EA:8C:64:E3:6D:E5
X509v3 Authority Key Identifier:
keyid:1F:7F:72:49:A6:81:F8:CD:41:27:0B:50:D8:D7:E7:81:58:81:DA:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/1F7F7249A681F8CD41270B50D8D7E7815881DA36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/d6b5ad28-1cbc-47ab-904e-45361a5487c3/383bd50b-b192-44bd-9349-351225a13a33/23fb3d29e7f67c634df3b7f4a960082e4429f166b65301a9dd.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/1/32332e3133362e32302e302f32342d3234203d3e20333936303634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.136.20.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:dc:99:15:5e:95:f3:e9:73:fb:ff:77:4c:d1:81:67:25:66:
67:90:02:fa:58:30:b7:52:19:1a:75:47:1a:03:05:da:6d:b2:
c1:d9:53:fc:e9:95:e9:4f:04:df:69:31:33:92:ef:5a:bb:60:
fd:c4:36:bf:31:73:75:f6:53:da:50:a8:1b:91:39:4e:47:10:
86:63:0d:cd:cd:5d:14:70:a1:cc:0c:4c:c9:09:4a:34:72:ef:
3b:56:34:aa:06:91:cd:33:b2:8e:31:f0:7e:04:9f:0d:e8:06:
6d:eb:17:d5:dc:e7:ef:f7:a2:f5:3c:4c:fb:6b:1f:ed:97:6e:
62:d7:ce:24:a6:34:58:88:c0:d1:be:fb:88:3d:a4:1a:e0:ff:
49:52:a3:41:81:4b:44:4d:82:2b:99:79:f5:cb:3a:1f:ac:c5:
aa:0e:63:8f:0c:6f:01:4e:3d:e5:79:c2:a8:a7:52:94:c1:1f:
6a:a6:f3:b3:74:ed:2b:36:94:87:de:a0:96:b7:65:84:44:9b:
d3:39:27:1d:42:35:e5:9d:4e:64:2f:96:99:e1:47:80:11:3e:
b0:c2:e1:da:82:7e:36:0a:7f:3a:b3:92:9f:03:00:48:13:76:
e3:91:38:91:94:f6:27:f8:44:b2:08:c1:d5:d8:c5:96:31:9b:
cf:97:2f:82
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUAv0XlHifZDOR47EC14MurK99IpcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjNmYjNkMjllN2Y2N2M2MzRkZjNiN2Y0YTk2MDA4MmU0
NDI5ZjE2NmI2NTMwMWE5ZGQwHhcNMjUwMzIyMTU1MDE2WhcNMjYwMzIxMTU1NTE2
WjAzMTEwLwYDVQQDEyg0NzVFNDdBOTA5RDA4Mzg2NzMyNDNDMDA4NDkwRUE4QzY0
RTM2REU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQWXQlC+JX3R
ioGRpxYHm6/vjkejrIAPCzYM5W0FNVsLxGv7GRcM6gwFp19rMztK1feojme/8fLZ
lOLx+aVqq46us6GM3v5U8+mTQaXZUByKbBsXlBJwJHzKlWYeCm5E03wsD4TplWk+
rywuWWbDaCb66QUMKT6n8efXpjB42glLr9ZzT3VlSNfDFFp1s2DGkQ6yPHxjLj1e
GnoQRf5cQIvbn/Jy8iwBdaRFx753bXHn3UfDJex0Q1IQNMzFfVvh7JuIE08hr6+r
+QQDQ7472e8m2jXbSXkCi4SA4azrGf8fzydOMjs5B9Qmh3vv6ZliO4XhJ5smgmHH
rlb33W03AQIDAQABo4ICzTCCAskwHQYDVR0OBBYEFEdeR6kJ0IOGcyQ8AISQ6oxk
423lMB8GA1UdIwQYMBaAFB9/ckmmgfjNQScLUNjX54FYgdo2MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NkMTlkYjIwLTQ2NTMtNDhkNC04ZmM0
LTU4MGQxMzY5YjdjNC8xLzFGN0Y3MjQ5QTY4MUY4Q0Q0MTI3MEI1MEQ4RDdFNzgx
NTg4MURBMzYuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Q2YjVhZDI4LTFjYmMt
NDdhYi05MDRlLTQ1MzYxYTU0ODdjMy8zODNiZDUwYi1iMTkyLTQ0YmQtOTM0OS0z
NTEyMjVhMTNhMzMvMjNmYjNkMjllN2Y2N2M2MzRkZjNiN2Y0YTk2MDA4MmU0NDI5
ZjE2NmI2NTMwMWE5ZGQuY2VyMIGtBggrBgEFBQcBCwSBoDCBnTCBmgYIKwYBBQUH
MAuGgY1yc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L2NkMTlkYjIwLTQ2NTMtNDhkNC04ZmM0LTU4MGQxMzY5YjdjNC8xLzMyMzMyZTMx
MzMzNjJlMzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNjMwMzYzNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEABeIFDANBgkqhkiG9w0BAQsFAAOCAQEAp9yZFV6V8+lz+/93TNGB
ZyVmZ5AC+lgwt1IZGnVHGgMF2m2ywdlT/OmV6U8E32kxM5LvWrtg/cQ2vzFzdfZT
2lCoG5E5TkcQhmMNzc1dFHChzAxMyQlKNHLvO1Y0qgaRzTOyjjHwfgSfDegGbesX
1dzn7/ei9TxM+2sf7ZduYtfOJKY0WIjA0b77iD2kGuD/SVKjQYFLRE2CK5l59cs6
H6zFqg5jjwxvAU495XnCqKdSlMEfaqbzs3TtKzaUh96glrdlhESb0zknHUI15Z1O
ZC+WmeFHgBE+sMLh2oJ+Ngp/OrOSnwMASBN245E4kZT2J/hEsgjB1djFljGbz5cv
gg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:45:23 2025 by rpki-client