Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fd140e86-c26b-4533-9d49-29fc424f0d6c/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
File: 33312e3231372e3235302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: uzVngyuF74r+99K73FNP02mr7zCwcIT0HrZ8A2k6r+c=
Subject key identifier: 04:31:C4:40:C1:4D:46:80:CF:1B:6B:FA:8F:9B:6E:34:7C:0D:5B:FC
Certificate issuer: /CN=d70c18f610931a5e0df5cad1d69b7e6a20363bff
Certificate serial: 60B98D50687429F66B04A291485115E10A2AAA10
Authority key identifier: D7:0C:18:F6:10:93:1A:5E:0D:F5:CA:D1:D6:9B:7E:6A:20:36:3B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wwY9hCTGl4N9crR1pt-aiA2O_8.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fd140e86-c26b-4533-9d49-29fc424f0d6c/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
Signing time: Thu 19 Oct 2023 08:30:14 +0000
ROA not before: Thu 19 Oct 2023 08:25:14 +0000
ROA not after: Thu 17 Oct 2024 08:30:14 +0000
asID: 834
IP address blocks: 31.217.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:b9:8d:50:68:74:29:f6:6b:04:a2:91:48:51:15:e1:0a:2a:aa:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d70c18f610931a5e0df5cad1d69b7e6a20363bff
Validity
Not Before: Oct 19 08:25:14 2023 GMT
Not After : Oct 17 08:30:14 2024 GMT
Subject: CN=0431C440C14D4680CF1B6BFA8F9B6E347C0D5BFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2b:6b:55:52:10:29:f2:8e:07:67:97:22:b2:
17:06:69:85:ac:73:f8:8b:85:ec:12:e4:cc:e0:83:
ee:59:1c:b8:86:ef:93:ee:5a:5c:19:af:73:f6:2f:
20:14:5c:0a:50:33:a2:ab:81:13:b0:9e:69:e7:53:
5a:38:87:3a:85:3f:4b:87:eb:41:3c:46:08:54:0d:
6c:e7:cf:c7:7f:e4:3f:d9:1f:8a:61:58:2a:75:c5:
c9:6a:41:aa:34:54:e2:62:80:9b:21:75:55:9f:57:
30:89:18:cb:9c:3b:cd:d1:5d:52:69:1d:5c:4d:3e:
14:5f:93:7a:fd:d3:a0:4f:60:e7:e9:91:ec:e4:09:
a7:e1:30:ef:84:96:bb:b3:ac:be:15:11:53:3d:ff:
3a:72:5a:44:47:6e:63:7e:2d:65:6f:54:8e:55:8d:
9b:f2:f4:40:6f:33:a7:70:68:c1:40:f6:9c:51:0e:
56:d7:18:65:6a:92:97:cb:53:aa:b6:54:08:c5:62:
6b:b4:dc:73:d9:32:4e:96:b9:b8:ef:a7:a1:8e:c8:
a8:72:93:02:2a:7c:03:ec:f7:27:9b:87:43:21:88:
78:8b:a8:4a:8d:b2:8e:c1:6f:ca:d8:07:c2:7a:99:
21:75:e0:4d:3e:6a:f9:69:e7:3d:54:c0:4c:81:17:
65:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:31:C4:40:C1:4D:46:80:CF:1B:6B:FA:8F:9B:6E:34:7C:0D:5B:FC
X509v3 Authority Key Identifier:
keyid:D7:0C:18:F6:10:93:1A:5E:0D:F5:CA:D1:D6:9B:7E:6A:20:36:3B:FF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fd140e86-c26b-4533-9d49-29fc424f0d6c/0/D70C18F610931A5E0DF5CAD1D69B7E6A20363BFF.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wwY9hCTGl4N9crR1pt-aiA2O_8.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fd140e86-c26b-4533-9d49-29fc424f0d6c/0/33312e3231372e3235302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.250.0/24
Signature Algorithm: sha256WithRSAEncryption
64:77:21:95:c7:47:af:ac:ac:2c:25:76:d4:ca:3c:8e:b9:38:
c1:88:7d:5d:87:00:e3:c4:5a:33:db:71:9c:4a:07:80:e6:cb:
c5:ae:22:93:a2:5c:ce:1e:e4:89:3d:0c:fe:86:fa:6c:87:dc:
ea:ca:1c:81:55:57:01:3d:52:ee:6b:9d:91:29:9c:e7:7a:ea:
23:ea:34:41:c2:62:ba:3d:b9:61:e6:31:0a:99:ac:2e:86:93:
cf:28:9c:0f:f2:bf:40:7e:7c:1b:91:0d:cd:af:19:39:bc:66:
ca:96:25:30:20:8a:25:20:bb:00:be:4c:85:21:59:60:13:8e:
e8:b8:87:31:9c:a4:3c:dd:04:9c:07:73:92:2d:3e:13:4c:3f:
d0:54:ae:53:5b:21:93:4d:d4:22:4a:22:72:68:03:2b:6a:aa:
80:54:27:5d:b4:be:32:10:b9:94:e7:ed:3d:c6:51:f6:49:27:
df:c5:ee:40:2e:d4:83:68:b2:c5:d7:40:50:3f:c6:c8:38:c0:
ef:c2:97:89:f2:0c:df:15:f2:e8:51:c6:8d:ea:4d:63:30:ae:
d0:57:75:20:ca:07:ff:08:68:6e:7a:b7:7a:74:95:4f:4c:d7:
01:6d:42:b5:7e:7c:aa:36:12:39:f9:4e:d5:dc:2f:af:04:66:
fb:e6:6d:1b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUYLmNUGh0KfZrBKKRSFEV4QoqqhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDcwYzE4ZjYxMDkzMWE1ZTBkZjVjYWQxZDY5YjdlNmEy
MDM2M2JmZjAeFw0yMzEwMTkwODI1MTRaFw0yNDEwMTcwODMwMTRaMDMxMTAvBgNV
BAMTKDA0MzFDNDQwQzE0RDQ2ODBDRjFCNkJGQThGOUI2RTM0N0MwRDVCRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEK2tVUhAp8o4HZ5cishcGaYWs
c/iLhewS5Mzgg+5ZHLiG75PuWlwZr3P2LyAUXApQM6KrgROwnmnnU1o4hzqFP0uH
60E8RghUDWznz8d/5D/ZH4phWCp1xclqQao0VOJigJshdVWfVzCJGMucO83RXVJp
HVxNPhRfk3r906BPYOfpkezkCafhMO+ElruzrL4VEVM9/zpyWkRHbmN+LWVvVI5V
jZvy9EBvM6dwaMFA9pxRDlbXGGVqkpfLU6q2VAjFYmu03HPZMk6Wubjvp6GOyKhy
kwIqfAPs9yebh0MhiHiLqEqNso7Bb8rYB8J6mSF14E0+avlp5z1UwEyBF2V/AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUBDHEQMFNRoDPG2v6j5tuNHwNW/wwHwYDVR0j
BBgwFoAU1wwY9hCTGl4N9crR1pt+aiA2O/8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmQxNDBlODYtYzI2Yi00NTMzLTlkNDktMjlmYzQyNGYw
ZDZjLzAvRDcwQzE4RjYxMDkzMUE1RTBERjVDQUQxRDY5QjdFNkEyMDM2M0JGRi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzF3d1k5aENUR2w0TjljclIxcHQtYWlB
Mk9fOC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmQxNDBlODYt
YzI2Yi00NTMzLTlkNDktMjlmYzQyNGYwZDZjLzAvMzMzMTJlMzIzMTM3MmUzMjM1
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAf2fow
DQYJKoZIhvcNAQELBQADggEBAGR3IZXHR6+srCwldtTKPI65OMGIfV2HAOPEWjPb
cZxKB4Dmy8WuIpOiXM4e5Ik9DP6G+myH3OrKHIFVVwE9Uu5rnZEpnOd66iPqNEHC
Yro9uWHmMQqZrC6Gk88onA/yv0B+fBuRDc2vGTm8ZsqWJTAgiiUguwC+TIUhWWAT
jui4hzGcpDzdBJwHc5ItPhNMP9BUrlNbIZNN1CJKInJoAytqqoBUJ120vjIQuZTn
7T3GUfZJJ9/F7kAu1INossXXQFA/xsg4wO/Cl4nyDN8V8uhRxo3qTWMwrtBXdSDK
B/8IaG56t3p0lU9M1wFtQrV+fKo2Ejn5TtXcL68EZvvmbRs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:13:58 2025 by rpki-client