Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
File: 322e35382e38352e302f32342d3234203d3e203437343336.roa (raw, json)
Hash identifier: hAZ5kWpNRMunR/vi9XFn9LjO1XL5Oe8W5ce8D+wt5fM=
Subject key identifier: DD:D8:08:59:F4:6D:87:6E:6A:56:22:B4:5D:B2:42:B7:76:FC:7D:C4
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2B90F9D65A62E13AE7C5FD1926BEFE236D95DAEC
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
Signing time: Mon 03 Mar 2025 17:14:56 +0000
ROA not before: Mon 03 Mar 2025 17:09:56 +0000
ROA not after: Mon 02 Mar 2026 17:14:56 +0000
asID: 47436
IP address blocks: 2.58.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:90:f9:d6:5a:62:e1:3a:e7:c5:fd:19:26:be:fe:23:6d:95:da:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Mar 3 17:09:56 2025 GMT
Not After : Mar 2 17:14:56 2026 GMT
Subject: CN=DDD80859F46D876E6A5622B45DB242B776FC7DC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:38:41:58:66:d5:43:02:cb:c9:68:b6:80:6e:
38:e3:0e:46:34:de:8d:89:00:b1:37:fe:c4:20:5a:
ee:6f:ff:2c:18:70:d1:45:f4:64:52:da:7c:55:f5:
00:ac:38:9d:23:a0:00:24:31:4f:56:67:87:46:74:
15:29:a3:43:05:e0:27:59:5e:56:ec:d6:43:79:cd:
a0:1d:bc:ab:28:c6:7e:4b:92:3c:0e:86:65:2e:49:
35:d5:f6:fb:00:c6:08:74:4a:e2:19:9f:6a:6e:01:
c7:47:79:fc:22:1d:f6:04:e0:c9:6a:d5:ce:b7:c5:
5d:51:42:12:d4:4d:84:85:67:78:e6:42:ea:3b:0a:
62:29:0a:76:95:d4:c0:1a:37:00:4e:82:ec:bc:65:
88:00:86:5e:42:03:a8:4b:0c:d6:d6:ed:93:f3:22:
e9:2a:b8:6f:1b:45:02:64:64:53:e9:38:95:1f:a6:
37:8f:a4:4c:ae:ef:8f:47:2c:cf:56:5f:4a:1a:ec:
cc:ba:35:1e:1e:c4:8a:bc:7e:9f:e4:9d:22:cd:d3:
3c:f7:55:3b:c6:c0:b0:73:5a:87:82:dc:8d:3a:ca:
76:cd:40:d3:a9:f6:27:5c:63:98:81:e8:f1:2d:ca:
64:0e:38:8f:7a:98:aa:b8:2f:6e:11:ae:ec:9b:6c:
3c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D8:08:59:F4:6D:87:6E:6A:56:22:B4:5D:B2:42:B7:76:FC:7D:C4
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e203437343336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:f4:34:24:d3:d5:e4:49:f9:37:27:6d:e2:56:79:e0:5a:62:
27:e1:4e:3f:2b:4d:a8:31:77:c5:41:d6:da:e1:57:f0:ed:b7:
d7:32:a4:d1:96:13:28:87:ac:c7:55:b5:f0:7f:73:f5:fe:42:
75:8f:22:82:6a:da:2b:55:82:9e:b5:9a:dc:49:c1:37:e3:50:
7c:be:76:2d:82:af:3a:dd:69:aa:4c:40:ff:10:99:13:1b:c1:
81:75:98:1e:f2:61:2a:aa:00:af:ab:d2:e2:50:8a:b0:3e:cf:
98:68:0c:e2:80:51:1a:4d:fa:c4:bd:7e:03:27:27:a6:18:66:
21:28:bb:24:2f:21:98:40:9e:1f:d3:3b:48:49:b8:aa:65:2f:
fb:27:d4:ad:b9:76:79:eb:63:b0:ed:20:b8:55:0e:fc:25:73:
b8:28:ba:4b:3d:bc:ed:47:66:d5:78:3f:9d:17:2c:dc:f4:39:
75:a0:94:92:3c:2d:97:fc:2b:c3:10:f6:c0:05:e6:ba:c7:53:
59:bd:58:32:f5:75:a5:2a:9a:54:dd:66:97:15:51:05:ef:8f:
c5:0e:2f:2b:b9:8c:62:b1:cb:00:ca:f0:e1:d6:71:89:27:98:
82:68:e1:bc:bd:bd:40:b9:fc:9c:ec:b1:92:18:c2:8a:47:ed:
96:b0:93:97
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUK5D51lpi4Trnxf0ZJr7+I22V2uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAzMDMxNzA5NTZaFw0yNjAzMDIxNzE0NTZaMDMxMTAvBgNV
BAMTKERERDgwODU5RjQ2RDg3NkU2QTU2MjJCNDVEQjI0MkI3NzZGQzdEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsOEFYZtVDAsvJaLaAbjjjDkY0
3o2JALE3/sQgWu5v/ywYcNFF9GRS2nxV9QCsOJ0joAAkMU9WZ4dGdBUpo0MF4CdZ
Xlbs1kN5zaAdvKsoxn5LkjwOhmUuSTXV9vsAxgh0SuIZn2puAcdHefwiHfYE4Mlq
1c63xV1RQhLUTYSFZ3jmQuo7CmIpCnaV1MAaNwBOguy8ZYgAhl5CA6hLDNbW7ZPz
IukquG8bRQJkZFPpOJUfpjePpEyu749HLM9WX0oa7My6NR4exIq8fp/knSLN0zz3
VTvGwLBzWoeC3I06ynbNQNOp9idcY5iB6PEtymQOOI96mKq4L24RruybbDwbAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU3dgIWfRth25qViK0XbJCt3b8fcQwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzQzMzM2LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjpVMA0G
CSqGSIb3DQEBCwUAA4IBAQC49DQk09XkSfk3J23iVnngWmIn4U4/K02oMXfFQdba
4Vfw7bfXMqTRlhMoh6zHVbXwf3P1/kJ1jyKCatorVYKetZrcScE341B8vnYtgq86
3WmqTED/EJkTG8GBdZge8mEqqgCvq9LiUIqwPs+YaAzigFEaTfrEvX4DJyemGGYh
KLskLyGYQJ4f0ztISbiqZS/7J9StuXZ562Ow7SC4VQ78JXO4KLpLPbztR2bVeD+d
Fyzc9Dl1oJSSPC2X/CvDEPbABea6x1NZvVgy9XWlKppU3WaXFVEF74/FDi8ruYxi
scsAyvDh1nGJJ5iCaOG8vb1Aufyc7LGSGMKKR+2WsJOX
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:50 2025 by rpki-client