Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20383334.roa
File: 322e35382e38352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: GyiSPikbT3s9cVHdpVIEdSHRGhY5alrXgSoV+Ejj/kg=
Subject key identifier: D6:38:29:EC:D5:E3:2C:8F:87:C9:6F:80:E7:36:D3:2D:92:C6:CF:67
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 75534B199B6D3E54B4B16BC9969C8BC0A046D23C
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20383334.roa
Signing time: Sun 02 Mar 2025 11:15:31 +0000
ROA not before: Sun 02 Mar 2025 11:10:31 +0000
ROA not after: Sun 01 Mar 2026 11:15:31 +0000
asID: 834
IP address blocks: 2.58.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:53:4b:19:9b:6d:3e:54:b4:b1:6b:c9:96:9c:8b:c0:a0:46:d2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Mar 2 11:10:31 2025 GMT
Not After : Mar 1 11:15:31 2026 GMT
Subject: CN=D63829ECD5E32C8F87C96F80E736D32D92C6CF67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:42:d4:a2:1a:83:19:f2:19:2e:60:f9:01:17:
3c:bb:44:e5:b5:77:b7:ef:74:6e:32:6b:02:52:db:
86:be:aa:74:d8:0e:cd:bd:2c:42:16:a6:e9:d6:bf:
bb:d1:20:75:0f:55:d1:96:0c:5b:f2:59:7f:dd:63:
6a:ec:12:7a:7f:70:7a:ba:52:ce:c0:01:dc:4c:b2:
e9:ad:79:df:c3:60:88:49:62:56:e7:52:96:38:1f:
f4:45:f2:31:cf:2b:91:68:e5:8d:02:b5:df:b4:7f:
d1:30:0c:82:51:36:07:a9:11:12:55:f5:9f:11:74:
8e:05:5e:26:d2:40:0c:2a:0d:c4:12:e3:80:ae:74:
85:68:4e:d9:05:89:eb:a6:b5:d5:a7:31:3e:07:a0:
9b:50:ef:c3:59:2b:29:39:74:7d:84:54:71:8b:e5:
58:06:0f:53:ca:e9:ba:6e:f2:01:2f:45:72:50:7a:
87:ef:37:f7:1d:97:b8:e5:1a:17:7f:1c:ba:76:67:
a1:66:71:56:a3:f7:2a:da:8a:fb:8a:ed:cd:04:9f:
30:51:39:c0:46:7f:32:a8:3b:2d:37:47:ac:b9:c2:
a6:40:72:4f:e1:4e:1f:1d:2c:f5:0f:f2:8e:72:57:
24:e7:7a:29:cd:a8:9e:86:b3:d5:27:6a:d4:25:6c:
43:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:38:29:EC:D5:E3:2C:8F:87:C9:6F:80:E7:36:D3:2D:92:C6:CF:67
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/322e35382e38352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.85.0/24
Signature Algorithm: sha256WithRSAEncryption
10:20:3e:ae:2e:83:5c:87:00:67:77:fd:62:12:22:e5:15:11:
35:e1:32:16:b4:cf:fc:94:8c:fb:54:b9:cc:40:75:4e:74:3a:
a8:ca:4b:85:19:7e:bf:93:d4:7e:c0:6e:9b:c8:f6:4c:7e:85:
78:f8:86:79:f1:23:3c:08:71:a0:f7:80:03:7e:a5:f1:4a:eb:
c9:8e:49:84:3c:07:05:13:bf:b1:54:a5:e1:a7:fb:b3:68:4c:
c3:04:d9:db:6d:45:e0:be:56:21:59:88:1e:31:b4:1b:54:fa:
ea:d6:1a:19:92:08:81:9d:ad:25:d6:55:64:b7:fd:75:c8:4b:
84:4f:d3:7c:83:c1:db:68:14:bc:39:0b:b6:b7:d2:5e:4e:6d:
f3:68:d7:7d:eb:d1:71:fc:aa:ff:af:f6:50:91:e6:aa:49:ed:
fd:97:39:d5:cf:f0:99:96:da:c8:a6:5a:ea:55:f0:c9:d8:06:
00:0b:b3:63:79:93:44:7a:c0:a3:d9:cc:75:a8:7a:09:ca:58:
d3:5f:03:56:5d:f7:5a:1e:52:b8:f1:2e:99:2d:3e:f8:9c:8a:
a9:48:f6:e7:62:6b:78:c3:5c:18:ca:98:90:3d:96:9c:62:81:
4e:fc:f1:c8:98:82:9d:e3:aa:26:17:27:88:61:0b:35:ab:59:
dd:73:64:13
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUdVNLGZttPlS0sWvJlpyLwKBG0jwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAzMDIxMTEwMzFaFw0yNjAzMDExMTE1MzFaMDMxMTAvBgNV
BAMTKEQ2MzgyOUVDRDVFMzJDOEY4N0M5NkY4MEU3MzZEMzJEOTJDNkNGNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNQtSiGoMZ8hkuYPkBFzy7ROW1
d7fvdG4yawJS24a+qnTYDs29LEIWpunWv7vRIHUPVdGWDFvyWX/dY2rsEnp/cHq6
Us7AAdxMsumted/DYIhJYlbnUpY4H/RF8jHPK5Fo5Y0Ctd+0f9EwDIJRNgepERJV
9Z8RdI4FXibSQAwqDcQS44CudIVoTtkFieumtdWnMT4HoJtQ78NZKyk5dH2EVHGL
5VgGD1PK6bpu8gEvRXJQeofvN/cdl7jlGhd/HLp2Z6FmcVaj9yraivuK7c0EnzBR
OcBGfzKoOy03R6y5wqZAck/hTh8dLPUP8o5yVyTneinNqJ6Gs9UnatQlbENBAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU1jgp7NXjLI+HyW+A5zbTLZLGz2cwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIyZTM1MzgyZTM4MzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOlUwDQYJKoZI
hvcNAQELBQADggEBABAgPq4ug1yHAGd3/WISIuUVETXhMha0z/yUjPtUucxAdU50
OqjKS4UZfr+T1H7AbpvI9kx+hXj4hnnxIzwIcaD3gAN+pfFK68mOSYQ8BwUTv7FU
peGn+7NoTMME2dttReC+ViFZiB4xtBtU+urWGhmSCIGdrSXWVWS3/XXIS4RP03yD
wdtoFLw5C7a30l5ObfNo133r0XH8qv+v9lCR5qpJ7f2XOdXP8JmW2simWupV8MnY
BgALs2N5k0R6wKPZzHWoegnKWNNfA1Zd91oeUrjxLpktPviciqlI9udia3jDXBjK
mJA9lpxigU788ciYgp3jqiYXJ4hhCzWrWd1zZBM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:32 2025 by rpki-client