Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/38322e3131382e33312e302f32342d3234203d3e203136353039.roa
File: 38322e3131382e33312e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: glBiDnciBNzqasTlPB/55sSf/saRILkrHxrDYHCK+Bw=
Subject key identifier: 54:6F:2C:D4:40:12:88:FF:65:F9:27:2B:A0:7F:B4:EE:55:64:2E:91
Certificate issuer: /CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Certificate serial: 361829CFC0F76E9645C83401BD4DC9BDBBCE431D
Authority key identifier: DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/38322e3131382e33312e302f32342d3234203d3e203136353039.roa
Signing time: Sat 29 Apr 2023 09:35:08 +0000
ROA not before: Sat 29 Apr 2023 09:30:08 +0000
ROA not after: Sat 27 Apr 2024 09:35:08 +0000
asID: 16509
IP address blocks: 82.118.31.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:18:29:cf:c0:f7:6e:96:45:c8:34:01:bd:4d:c9:bd:bb:ce:43:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Validity
Not Before: Apr 29 09:30:08 2023 GMT
Not After : Apr 27 09:35:08 2024 GMT
Subject: CN=546F2CD4401288FF65F9272BA07FB4EE55642E91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:dd:24:2a:d9:29:c8:67:83:52:99:b1:b8:25:
e8:64:f1:bd:16:71:d6:1a:f1:16:b0:c8:84:f3:65:
0f:bd:5f:44:c7:2b:22:08:68:9a:4d:1e:5f:53:52:
07:91:84:e8:e4:41:86:b2:af:bd:99:86:04:d8:62:
21:3a:ac:a8:8b:cc:7d:be:84:ea:8c:9f:fa:0b:a1:
f1:46:48:cb:0e:7b:48:60:51:ea:0b:47:f0:2d:2d:
64:ba:16:bb:03:f8:87:82:dd:8e:13:91:f4:84:80:
72:a9:85:97:23:18:89:16:9c:38:5b:c4:5e:dc:87:
9d:0a:f6:38:b6:39:22:b6:f9:4b:96:15:c0:0e:ff:
b2:84:c9:42:df:8c:de:76:23:76:ac:6b:ba:a7:89:
87:3d:8c:4b:f2:cb:09:ce:f4:49:85:8a:f9:b6:f5:
12:54:81:01:7e:c8:69:b5:35:12:fa:f7:cc:2b:a9:
13:47:ab:73:67:86:d8:09:9c:f0:5a:31:09:ae:62:
8c:bc:94:e1:c8:8a:80:74:7c:e0:bb:d3:95:e1:5d:
26:9a:35:40:aa:41:cd:a9:dd:79:12:cd:32:50:c8:
53:34:40:c0:6d:bc:17:95:bf:25:c1:de:43:bd:b2:
9d:78:2c:21:7a:42:f6:62:3d:fb:9c:bb:af:c1:e3:
29:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6F:2C:D4:40:12:88:FF:65:F9:27:2B:A0:7F:B4:EE:55:64:2E:91
X509v3 Authority Key Identifier:
keyid:DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/DF6F1AF9E919A9653268327B98814CAFEB5C0A13.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/38322e3131382e33312e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.31.0/24
Signature Algorithm: sha256WithRSAEncryption
37:0a:de:1f:4f:31:03:db:73:d8:2a:ec:1d:36:4f:de:7a:1a:
b6:de:1d:35:f3:57:71:a3:8c:76:eb:88:57:12:69:7f:fb:04:
e9:9d:36:60:42:80:db:00:74:65:c1:2e:a8:aa:91:62:7a:7e:
ce:e2:ee:a9:56:ee:fa:97:a7:8d:00:33:11:66:7e:94:1c:0f:
f1:84:4f:03:c4:63:f6:32:1f:84:43:49:b6:b7:58:1f:90:21:
e2:b7:28:33:bc:55:7a:12:4b:6c:d0:db:57:ea:ef:8f:32:de:
92:f0:0a:eb:62:2e:55:a7:ed:63:7f:be:14:6c:59:15:ad:22:
fc:22:24:52:75:d1:89:70:af:81:16:a9:2e:15:ee:10:50:e2:
0f:7e:59:0d:d2:d7:87:4c:72:5c:90:7b:ad:26:90:29:f3:2a:
00:32:62:83:b7:7d:df:f4:e3:b7:0e:4f:0a:f4:9b:22:9c:bf:
1c:40:da:55:a6:05:53:da:af:47:05:37:b9:f2:4d:3f:35:fd:
e6:e8:05:3b:61:fc:3a:39:31:82:4f:6b:94:80:3b:33:7a:fa:
70:0b:96:5c:99:10:be:23:c2:24:c6:0e:0b:10:e3:77:6d:58:
a8:f6:08:44:a9:1e:c7:e9:b5:74:7a:11:a7:90:9a:40:47:5e:
b1:9d:7d:d7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNhgpz8D3bpZFyDQBvU3JvbvOQx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY2ZjFhZjllOTE5YTk2NTMyNjgzMjdiOTg4MTRjYWZl
YjVjMGExMzAeFw0yMzA0MjkwOTMwMDhaFw0yNDA0MjcwOTM1MDhaMDMxMTAvBgNV
BAMTKDU0NkYyQ0Q0NDAxMjg4RkY2NUY5MjcyQkEwN0ZCNEVFNTU2NDJFOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa3SQq2SnIZ4NSmbG4Jehk8b0W
cdYa8RawyITzZQ+9X0THKyIIaJpNHl9TUgeRhOjkQYayr72ZhgTYYiE6rKiLzH2+
hOqMn/oLofFGSMsOe0hgUeoLR/AtLWS6FrsD+IeC3Y4TkfSEgHKphZcjGIkWnDhb
xF7ch50K9ji2OSK2+UuWFcAO/7KEyULfjN52I3asa7qniYc9jEvyywnO9EmFivm2
9RJUgQF+yGm1NRL698wrqRNHq3NnhtgJnPBaMQmuYoy8lOHIioB0fOC705XhXSaa
NUCqQc2p3XkSzTJQyFM0QMBtvBeVvyXB3kO9sp14LCF6QvZiPfucu6/B4ymJAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUVG8s1EASiP9l+ScroH+07lVkLpEwHwYDVR0j
BBgwFoAU328a+ekZqWUyaDJ7mIFMr+tcChMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzAvREY2RjFBRjlFOTE5QTk2NTMyNjgzMjdCOTg4MTRDQUZFQjVDMEExMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyOGEtZWtacVdVeWFESjdtSUZNci10
Y0NoTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzAvMzgzMjJlMzEzMTM4MmUzMzMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFJ2
HzANBgkqhkiG9w0BAQsFAAOCAQEANwreH08xA9tz2CrsHTZP3noatt4dNfNXcaOM
duuIVxJpf/sE6Z02YEKA2wB0ZcEuqKqRYnp+zuLuqVbu+penjQAzEWZ+lBwP8YRP
A8Rj9jIfhENJtrdYH5Ah4rcoM7xVehJLbNDbV+rvjzLekvAK62IuVaftY3++FGxZ
Fa0i/CIkUnXRiXCvgRapLhXuEFDiD35ZDdLXh0xyXJB7rSaQKfMqADJig7d93/Tj
tw5PCvSbIpy/HEDaVaYFU9qvRwU3ufJNPzX95ugFO2H8Ojkxgk9rlIA7M3r6cAuW
XJkQviPCJMYOCxDjd21YqPYIRKkex+m1dHoRp5CaQEdesZ191w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:22 2025 by rpki-client