Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
File: 32372e302e3233342e302f32342d3234203d3e20313439303230.roa (raw, json)
Hash identifier: 1PkmHS3TykCg+MepdlpGlzLhD7/9ngUxMxklsuac/Pc=
Subject key identifier: D7:87:35:91:6F:D8:A6:59:1F:C0:18:91:73:0D:2E:78:43:6B:B4:FE
Certificate issuer: /CN=A91115900000/serialNumber=9B543395929217E3EC708AF54E58E2F938CB1CC1
Certificate serial: 7CE7EE4E8C7F2AA3C0E503288F55D2C852EDC135
Authority key identifier: 9B:54:33:95:92:92:17:E3:EC:70:8A:F5:4E:58:E2:F9:38:CB:1C:C1
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1QzlZKSF-PscIr1Tlji-TjLHME.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
Signing time: Sun 01 Jan 2023 23:59:08 +0000
ROA not before: Sun 01 Jan 2023 23:54:08 +0000
ROA not after: Sun 31 Dec 2023 23:59:08 +0000
asID: 149020
IP address blocks: 27.0.234.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:e7:ee:4e:8c:7f:2a:a3:c0:e5:03:28:8f:55:d2:c8:52:ed:c1:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=9B543395929217E3EC708AF54E58E2F938CB1CC1
Validity
Not Before: Jan 1 23:54:08 2023 GMT
Not After : Dec 31 23:59:08 2023 GMT
Subject: CN=D78735916FD8A6591FC01891730D2E78436BB4FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a0:f0:2c:ed:24:7a:b2:a3:bd:cd:19:5b:d7:
84:31:3b:07:7f:e6:99:51:92:df:4f:d4:69:9d:25:
63:00:1e:1d:56:cf:25:98:c7:75:c2:7d:08:92:ad:
21:36:08:e4:f1:bc:48:63:47:56:3e:34:9b:b8:99:
45:76:88:66:5c:91:1f:0d:ca:ff:91:16:3f:72:64:
4a:fd:d0:09:6c:42:8b:ab:35:81:d5:c6:c8:30:65:
1d:ef:1f:5b:0b:33:77:32:19:05:8d:22:66:ec:7c:
33:dd:88:da:87:08:62:82:ed:3a:03:d1:a4:5d:c2:
52:01:b7:1f:2f:57:5f:a6:e1:12:8c:09:d3:22:81:
57:15:67:1b:c0:32:53:c8:9d:72:43:52:68:fb:68:
9b:d2:73:a8:46:01:9d:e9:71:85:a5:66:be:de:20:
42:41:e5:3d:3f:5c:47:94:b4:76:1f:db:74:88:68:
bb:30:92:ac:ac:f8:b6:12:4c:b1:bf:24:f4:7f:62:
d7:12:77:b1:4e:7e:38:f4:62:39:6b:98:47:ff:39:
55:0f:37:75:39:37:6f:b3:f0:b5:c2:53:aa:9f:f3:
48:21:ac:88:3e:e8:46:c1:6f:c0:40:a1:00:47:97:
bb:4d:22:d1:88:f1:7a:b9:dc:38:a4:b4:75:0a:55:
ca:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:35:91:6F:D8:A6:59:1F:C0:18:91:73:0D:2E:78:43:6B:B4:FE
X509v3 Authority Key Identifier:
keyid:9B:54:33:95:92:92:17:E3:EC:70:8A:F5:4E:58:E2:F9:38:CB:1C:C1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/3/9B543395929217E3EC708AF54E58E2F938CB1CC1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/m1QzlZKSF-PscIr1Tlji-TjLHME.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.234.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:d0:d1:bd:15:fd:e4:25:3a:dc:e3:bd:fd:a9:13:51:56:44:
4c:28:76:09:ce:6f:0f:65:de:57:d5:a5:ce:36:0e:0f:df:65:
5f:a3:d9:3b:be:0f:d9:96:45:0b:c2:1a:4f:fc:69:04:af:9e:
ff:22:73:fb:89:20:70:3b:ff:45:c2:28:a8:41:a3:c9:5f:b6:
66:34:e3:45:78:23:d2:6a:15:a6:02:88:fe:6a:af:cf:73:c7:
31:9e:96:64:56:31:81:d2:b8:20:bc:33:a0:d5:14:ac:01:49:
95:06:61:ae:97:cf:95:13:d1:26:7f:30:f7:5f:ed:b0:65:7a:
03:b1:84:26:00:78:b2:28:2f:6c:5c:0c:f9:f7:e9:2a:c1:e6:
68:91:c1:14:e6:cb:68:a6:f3:99:d9:06:32:67:87:5c:7c:95:
cf:3e:7b:e7:09:88:5c:cb:b8:dc:a3:c0:d8:dd:d0:1e:cd:15:
ca:c7:c7:46:64:8d:14:b6:c4:78:7f:4b:5d:3e:af:cb:4d:14:
9c:b7:73:d2:95:a7:46:33:b7:2d:a9:1d:9c:26:e8:b7:49:fd:
9e:fa:bf:4a:95:75:8a:5d:17:fa:f1:90:82:bf:48:9f:b3:7c:
0b:f7:b1:89:1d:fc:56:59:07:20:ca:23:73:7d:a8:78:b1:52:
2d:b0:75:b6
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIUfOfuTox/KqPA5QMoj1XSyFLtwTUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg5QjU0MzM5NTky
OTIxN0UzRUM3MDhBRjU0RTU4RTJGOTM4Q0IxQ0MxMB4XDTIzMDEwMTIzNTQwOFoX
DTIzMTIzMTIzNTkwOFowMzExMC8GA1UEAxMoRDc4NzM1OTE2RkQ4QTY1OTFGQzAx
ODkxNzMwRDJFNzg0MzZCQjRGRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSg8CztJHqyo73NGVvXhDE7B3/mmVGS30/UaZ0lYwAeHVbPJZjHdcJ9CJKt
ITYI5PG8SGNHVj40m7iZRXaIZlyRHw3K/5EWP3JkSv3QCWxCi6s1gdXGyDBlHe8f
WwszdzIZBY0iZux8M92I2ocIYoLtOgPRpF3CUgG3Hy9XX6bhEowJ0yKBVxVnG8Ay
U8idckNSaPtom9JzqEYBnelxhaVmvt4gQkHlPT9cR5S0dh/bdIhouzCSrKz4thJM
sb8k9H9i1xJ3sU5+OPRiOWuYR/85VQ83dTk3b7PwtcJTqp/zSCGsiD7oRsFvwECh
AEeXu00i0YjxerncOKS0dQpVygUCAwEAAaOCAlUwggJRMB0GA1UdDgQWBBTXhzWR
b9imWR/AGJFzDS54Q2u0/jAfBgNVHSMEGDAWgBSbVDOVkpIX4+xwivVOWOL5OMsc
wTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mOGU3ZDg2Ny1j
MzVlLTRlNjktYTgxNS1iYTFlOWIzMzZkNjIvMy85QjU0MzM5NTkyOTIxN0UzRUM3
MDhBRjU0RTU4RTJGOTM4Q0IxQ0MxLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYB
BQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1
ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9tMVF6bFpLU0YtUHNjSXIxVGxqaS1U
akxITUUuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUHMAuGgYtyc3lu
YzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3
LWMzNWUtNGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8zLzMyMzcyZTMwMmUzMjMzMzQy
ZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzMDMyMzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAb
AOowDQYJKoZIhvcNAQELBQADggEBAGzQ0b0V/eQlOtzjvf2pE1FWREwodgnObw9l
3lfVpc42Dg/fZV+j2Tu+D9mWRQvCGk/8aQSvnv8ic/uJIHA7/0XCKKhBo8lftmY0
40V4I9JqFaYCiP5qr89zxzGelmRWMYHSuCC8M6DVFKwBSZUGYa6Xz5UT0SZ/MPdf
7bBlegOxhCYAeLIoL2xcDPn36SrB5miRwRTmy2im85nZBjJnh1x8lc8+e+cJiFzL
uNyjwNjd0B7NFcrHx0ZkjRS2xHh/S10+r8tNFJy3c9KVp0Yzty2pHZwm6LdJ/Z76
v0qVdYpdF/rxkIK/SJ+zfAv3sYkd/FZZByDKI3N9qHixUi2wdbY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:09 2024 by rpki-client on console-ams.rpki-client.org