Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/322e35392e3135372e302f32342d3234203d3e20313431303339.roa
File: 322e35392e3135372e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: c7uAxgFr1GuubQKB+hrRsjd0fiXCTqZrA2FdjQr5xdI=
Subject key identifier: E8:C5:89:C0:71:D5:83:37:96:C2:C8:8E:47:7E:DD:4B:F7:A0:A4:8E
Certificate issuer: /CN=dd2a9a475e7b97e1befcfce473c72a08eb471c1a
Certificate serial: 3C833C9982BEE2B57686B1223F547C9C4DAA843B
Authority key identifier: DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SqaR157l-G-_Pzkc8cqCOtHHBo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/322e35392e3135372e302f32342d3234203d3e20313431303339.roa
Signing time: Mon 27 Mar 2023 08:27:46 +0000
ROA not before: Mon 27 Mar 2023 08:22:46 +0000
ROA not after: Mon 25 Mar 2024 08:27:46 +0000
asID: 141039
IP address blocks: 2.59.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:83:3c:99:82:be:e2:b5:76:86:b1:22:3f:54:7c:9c:4d:aa:84:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a9a475e7b97e1befcfce473c72a08eb471c1a
Validity
Not Before: Mar 27 08:22:46 2023 GMT
Not After : Mar 25 08:27:46 2024 GMT
Subject: CN=E8C589C071D5833796C2C88E477EDD4BF7A0A48E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9f:b6:6e:3d:95:91:94:79:fb:eb:a7:14:88:
6c:c0:59:02:f7:b3:2d:bf:57:73:df:23:47:72:d2:
64:51:c0:e1:27:50:6f:d5:de:02:a7:59:a5:dc:39:
4c:a9:73:97:2c:3b:72:ab:f3:99:5f:2b:d3:4e:f0:
dd:a1:ab:73:09:dc:6a:e2:24:7d:30:0a:91:2f:32:
70:01:33:a3:92:b6:e9:65:bb:c3:47:3a:54:fb:e7:
ee:29:ac:5a:8d:9c:d3:4c:87:87:ba:7f:55:64:84:
47:87:96:33:eb:fa:4b:77:7b:c0:11:33:35:63:85:
1e:b6:13:39:5e:9a:e7:47:34:5d:d0:ea:c6:e8:2a:
3d:0b:fa:48:85:73:de:28:e2:94:e7:98:85:c7:38:
3c:70:12:69:3d:4d:31:e5:67:21:c6:96:06:71:23:
7d:de:47:81:05:8e:2b:cf:5d:93:05:f5:a9:a2:4e:
ab:48:fc:4e:52:39:7b:d1:bc:cf:6e:f7:62:a1:71:
26:aa:9d:16:7f:74:1d:4b:3d:ba:2b:a7:84:64:bc:
1b:fd:23:4b:44:cf:01:c9:36:19:89:8b:e2:e4:1e:
83:3e:f9:2d:68:11:22:31:17:89:78:4a:cf:31:1f:
2e:1b:c7:cd:fc:7e:3e:b1:62:b4:a4:4d:51:ac:9b:
06:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:C5:89:C0:71:D5:83:37:96:C2:C8:8E:47:7E:DD:4B:F7:A0:A4:8E
X509v3 Authority Key Identifier:
keyid:DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/DD2A9A475E7B97E1BEFCFCE473C72A08EB471C1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SqaR157l-G-_Pzkc8cqCOtHHBo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/322e35392e3135372e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.157.0/24
Signature Algorithm: sha256WithRSAEncryption
24:72:cf:0e:47:79:e0:c3:9b:05:75:75:65:3d:14:40:ff:b7:
b3:2c:10:37:d9:44:02:63:16:81:c4:67:94:e3:c2:b5:d4:f0:
5e:9f:93:69:8c:0e:6e:97:3b:5a:f6:5e:63:c0:8f:b5:f2:c5:
e8:2f:53:41:d3:75:43:99:9c:89:9c:42:29:e6:b6:b1:d5:6f:
77:c8:7c:c6:10:8c:1a:2b:86:4a:68:20:26:a0:32:cf:80:80:
8d:33:60:0c:2c:a9:bf:dc:01:f6:61:5a:e2:5e:06:f9:19:0b:
95:5c:e6:dc:52:81:41:ef:7f:cb:f5:0a:63:00:ac:7d:42:cd:
2d:dd:0d:68:b8:f9:c8:81:68:a9:95:55:a8:ab:18:6d:d6:48:
0c:94:14:b8:ce:4b:9a:6e:89:9d:90:20:52:70:87:50:ae:99:
95:e2:f6:c2:6c:4e:ed:da:47:7e:c9:74:0c:fd:7d:76:69:78:
cc:55:76:4c:d6:23:2e:7e:b3:a2:9e:63:5f:e0:e4:5c:9b:fb:
ed:65:1e:da:6a:3b:b7:e8:c3:ac:4d:f5:96:e8:30:a8:79:b5:
7b:d4:4b:16:d9:20:af:27:a4:2a:5d:eb:0d:60:f8:a2:fa:38:
a1:fd:f7:8f:42:3d:79:47:9c:5b:0d:6f:a1:b8:89:ff:e1:c9:
b0:8a:2a:6e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUPIM8mYK+4rV2hrEiP1R8nE2qhDswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGQyYTlhNDc1ZTdiOTdlMWJlZmNmY2U0NzNjNzJhMDhl
YjQ3MWMxYTAeFw0yMzAzMjcwODIyNDZaFw0yNDAzMjUwODI3NDZaMDMxMTAvBgNV
BAMTKEU4QzU4OUMwNzFENTgzMzc5NkMyQzg4RTQ3N0VERDRCRjdBMEE0OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzn7ZuPZWRlHn766cUiGzAWQL3
sy2/V3PfI0dy0mRRwOEnUG/V3gKnWaXcOUypc5csO3Kr85lfK9NO8N2hq3MJ3Gri
JH0wCpEvMnABM6OStullu8NHOlT75+4prFqNnNNMh4e6f1VkhEeHljPr+kt3e8AR
MzVjhR62EzlemudHNF3Q6sboKj0L+kiFc94o4pTnmIXHODxwEmk9TTHlZyHGlgZx
I33eR4EFjivPXZMF9amiTqtI/E5SOXvRvM9u92KhcSaqnRZ/dB1LPborp4RkvBv9
I0tEzwHJNhmJi+LkHoM++S1oESIxF4l4Ss8xHy4bx838fj6xYrSkTVGsmwbNAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU6MWJwHHVgzeWwsiOR37dS/egpI4wHwYDVR0j
BBgwFoAU3SqaR157l+G+/Pzkc8cqCOtHHBowDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xMDgvREQyQTlBNDc1RTdCOTdFMUJFRkNGQ0U0NzNDNzJBMDhFQjQ3MUMx
QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNTcWFSMTU3bC1HLV9QemtjOGNx
Q090SEhCby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzEwOC8zMjJlMzUzOTJlMzEz
NTM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDMxMzAzMzM5LnJvYTAYBgNV
HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAAjudMA0GCSqGSIb3DQEBCwUAA4IBAQAkcs8OR3ngw5sFdXVlPRRA/7ezLBA3
2UQCYxaBxGeU48K11PBen5NpjA5ulzta9l5jwI+18sXoL1NB03VDmZyJnEIp5rax
1W93yHzGEIwaK4ZKaCAmoDLPgICNM2AMLKm/3AH2YVriXgb5GQuVXObcUoFB73/L
9QpjAKx9Qs0t3Q1ouPnIgWiplVWoqxht1kgMlBS4zkuabomdkCBScIdQrpmV4vbC
bE7t2kd+yXQM/X12aXjMVXZM1iMufrOinmNf4ORcm/vtZR7aaju36MOsTfWW6DCo
ebV71EsW2SCvJ6QqXesNYPii+jih/fePQj15R5xbDW+huIn/4cmwiipu
-----END CERTIFICATE-----
Generated at Wed Sep 27 12:48:16 2023 by rpki-client on console-ams.rpki-client.org