Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
File: 3231322e322e3233382e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: VVYPAAk3xy4MrgB8AAgDQjWltX1Zl3X1TeYihvwO4a4=
Subject key identifier: 8A:7D:EF:DF:46:AB:E9:C5:8D:E9:B7:45:EE:D2:9D:A3:D8:F1:6D:C4
Certificate issuer: /CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Certificate serial: 370A07687E27283B0E480366ACBE59767BDA3EF3
Authority key identifier: DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
Signing time: Sat 29 Apr 2023 09:39:28 +0000
ROA not before: Sat 29 Apr 2023 09:34:28 +0000
ROA not after: Sat 27 Apr 2024 09:39:28 +0000
asID: 42831
IP address blocks: 212.2.238.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:0a:07:68:7e:27:28:3b:0e:48:03:66:ac:be:59:76:7b:da:3e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Validity
Not Before: Apr 29 09:34:28 2023 GMT
Not After : Apr 27 09:39:28 2024 GMT
Subject: CN=8A7DEFDF46ABE9C58DE9B745EED29DA3D8F16DC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:ba:52:34:4b:b8:95:a2:65:4f:82:71:2e:
81:d6:0c:80:7b:4d:ad:90:01:15:e4:30:68:88:74:
3b:a1:9c:cf:d8:52:56:d2:ed:e1:16:e1:97:3d:44:
86:99:55:0d:fc:eb:93:ef:3d:69:bd:7a:57:89:da:
2a:ab:c1:80:2e:d4:59:27:fc:bb:04:5d:b4:4e:a5:
41:83:46:af:f4:13:19:60:a6:96:c5:65:60:61:24:
e1:7f:52:60:42:32:e5:32:f9:e1:97:6e:0a:4d:7a:
76:c0:30:f2:5c:ad:94:40:9f:84:90:e1:82:1f:c3:
98:27:f0:fd:23:87:47:13:14:3b:53:df:a1:80:86:
70:69:6d:b4:1d:5f:b0:e4:c3:68:9b:54:6f:0e:72:
ac:f0:ef:6f:9b:a2:45:74:52:7c:1a:bf:c0:b6:eb:
cb:45:73:ca:1a:f2:a0:4c:1a:1b:db:49:fc:3a:a5:
78:ea:ff:f7:7f:a3:64:d7:5e:79:71:fe:76:da:f6:
73:60:cb:36:52:9a:b1:16:bf:1d:df:84:6e:7a:5d:
5c:47:6d:60:03:aa:7b:6c:03:6d:44:f1:92:90:36:
cd:27:5a:68:9b:5f:91:72:11:0f:08:fa:3b:d5:bf:
d5:92:55:30:31:fa:56:f6:9c:30:a1:bb:07:43:26:
dd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:7D:EF:DF:46:AB:E9:C5:8D:E9:B7:45:EE:D2:9D:A3:D8:F1:6D:C4
X509v3 Authority Key Identifier:
keyid:DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/DF6F1AF9E919A9653268327B98814CAFEB5C0A13.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/3231322e322e3233382e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.2.238.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7b:73:3b:b7:fd:f6:89:86:68:f3:e3:65:09:62:3c:64:e0:
dd:54:49:aa:53:8f:ea:ba:7f:d6:9b:44:7a:c2:31:99:7d:11:
07:78:f7:bc:26:48:3b:93:27:5c:07:24:4a:e2:95:3c:85:61:
cf:1d:3a:60:2c:02:01:6e:71:db:e1:75:55:fb:1e:88:78:71:
1e:e7:c9:64:0c:eb:02:a6:8e:2b:12:8f:c6:48:0c:df:96:3a:
51:9f:63:a8:6d:30:0d:d4:59:55:1a:3a:16:08:df:7e:39:15:
68:40:e4:6d:a2:98:7b:b7:56:27:57:19:5b:c1:d8:66:c1:22:
d6:dc:27:2b:ca:a3:15:95:fa:81:8f:5e:dc:b5:49:f0:b0:6e:
fa:e1:ad:a9:8f:5a:60:20:69:53:77:6a:47:12:f2:d5:c5:39:
f1:c5:5c:37:04:6f:10:bf:a6:55:68:73:52:ca:98:9e:e9:e5:
00:99:8e:e2:2c:f4:0c:3f:72:0c:98:a9:97:1f:0d:48:cb:a2:
54:f9:02:e5:bd:65:d2:6d:0b:aa:c0:df:e2:20:fb:a5:94:fa:
1d:51:aa:46:22:ac:69:21:f5:fd:48:5b:66:25:8e:69:32:ca:
42:83:bd:17:5c:a5:71:f3:1c:bb:c3:28:ba:00:e0:a0:8f:d7:
af:06:1c:04
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNwoHaH4nKDsOSANmrL5ZdnvaPvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY2ZjFhZjllOTE5YTk2NTMyNjgzMjdiOTg4MTRjYWZl
YjVjMGExMzAeFw0yMzA0MjkwOTM0MjhaFw0yNDA0MjcwOTM5MjhaMDMxMTAvBgNV
BAMTKDhBN0RFRkRGNDZBQkU5QzU4REU5Qjc0NUVFRDI5REEzRDhGMTZEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIg7pSNEu4laJlT4JxLoHWDIB7
Ta2QARXkMGiIdDuhnM/YUlbS7eEW4Zc9RIaZVQ3865PvPWm9eleJ2iqrwYAu1Fkn
/LsEXbROpUGDRq/0ExlgppbFZWBhJOF/UmBCMuUy+eGXbgpNenbAMPJcrZRAn4SQ
4YIfw5gn8P0jh0cTFDtT36GAhnBpbbQdX7Dkw2ibVG8Ocqzw72+bokV0Unwav8C2
68tFc8oa8qBMGhvbSfw6pXjq//d/o2TXXnlx/nba9nNgyzZSmrEWvx3fhG56XVxH
bWADqntsA21E8ZKQNs0nWmibX5FyEQ8I+jvVv9WSVTAx+lb2nDChuwdDJt3DAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUin3v30ar6cWN6bdF7tKdo9jxbcQwHwYDVR0j
BBgwFoAU328a+ekZqWUyaDJ7mIFMr+tcChMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzAvREY2RjFBRjlFOTE5QTk2NTMyNjgzMjdCOTg4MTRDQUZFQjVDMEExMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyOGEtZWtacVdVeWFESjdtSUZNci10
Y0NoTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzAvMzIzMTMyMmUzMjJlMzIzMzM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM4MzMzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANQC
7jANBgkqhkiG9w0BAQsFAAOCAQEAd3tzO7f99omGaPPjZQliPGTg3VRJqlOP6rp/
1ptEesIxmX0RB3j3vCZIO5MnXAckSuKVPIVhzx06YCwCAW5x2+F1VfseiHhxHufJ
ZAzrAqaOKxKPxkgM35Y6UZ9jqG0wDdRZVRo6FgjffjkVaEDkbaKYe7dWJ1cZW8HY
ZsEi1twnK8qjFZX6gY9e3LVJ8LBu+uGtqY9aYCBpU3dqRxLy1cU58cVcNwRvEL+m
VWhzUsqYnunlAJmO4iz0DD9yDJiplx8NSMuiVPkC5b1l0m0LqsDf4iD7pZT6HVGq
RiKsaSH1/UhbZiWOaTLKQoO9F1ylcfMcu8MougDgoI/XrwYcBA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:22 2024 by rpki-client on console-fra.rpki-client.org