Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa
File: 33312e3232302e31332e302f32342d3234203d3e203237343538.roa (raw, json)
Hash identifier: YQv69ooKbh6PQPwTrtBQIgce0qiFDItalXdSsU/r+uw=
Subject key identifier: 03:46:58:D2:B5:99:99:FC:AA:69:F2:8C:09:09:AD:1F:92:29:60:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1AA0CC70B0AEE485A7EA2F75D5CEB9C38072EFFB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa
Signing time: Mon 27 Jan 2025 09:45:24 +0000
ROA not before: Mon 27 Jan 2025 09:40:24 +0000
ROA not after: Mon 26 Jan 2026 09:45:24 +0000
asID: 27458
IP address blocks: 31.220.13.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:a0:cc:70:b0:ae:e4:85:a7:ea:2f:75:d5:ce:b9:c3:80:72:ef:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:24 2025 GMT
Not After : Jan 26 09:45:24 2026 GMT
Subject: CN=034658D2B59999FCAA69F28C0909AD1F922960B9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:92:33:9d:64:cc:84:b6:4f:bf:4e:c0:ca:a3:
bd:74:e7:d3:8d:cc:6e:ed:18:db:09:b0:28:40:67:
05:92:2a:27:a3:be:11:b0:86:e6:19:b6:4f:9e:f4:
02:e5:0c:ca:e1:36:d1:00:e5:3c:d9:e8:0b:91:49:
62:17:d6:39:63:eb:06:45:74:08:73:29:74:43:d1:
52:38:d1:f6:bc:97:99:0c:7d:b8:90:40:93:ae:43:
33:21:a5:64:14:8a:04:7b:54:63:18:eb:1c:d5:be:
f3:74:12:a2:d2:1f:01:bf:8f:01:6c:9c:52:3d:ea:
5f:63:9e:10:21:d0:4a:51:f5:2a:72:2a:da:b9:d4:
d3:6e:c9:8c:28:23:97:f0:c5:d8:1d:02:4e:6c:1c:
cf:8b:5c:15:2c:37:87:70:63:e4:0b:69:45:58:50:
da:23:3c:46:e1:bd:37:1c:24:37:0e:10:c1:21:c4:
17:8f:36:c1:1c:f2:4f:86:b6:fc:b4:ac:4c:83:68:
39:9f:bf:cc:23:0c:c1:9f:5c:27:3c:70:05:41:93:
79:16:6a:8f:a8:a2:bc:e5:68:bc:38:a0:3c:50:36:
3f:48:38:bf:dc:c3:5d:84:6f:62:3b:99:c8:af:5b:
39:91:b9:f8:42:92:ec:25:cb:ab:a1:e6:de:a2:82:
f3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:46:58:D2:B5:99:99:FC:AA:69:F2:8C:09:09:AD:1F:92:29:60:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.13.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a8:28:7d:f9:95:eb:b2:e7:b4:9b:ea:78:0f:10:a6:77:01:
5f:29:33:b8:85:ad:54:78:c6:0b:84:6a:b8:dd:3d:ad:58:58:
d3:af:a4:fa:d9:c3:6a:56:a7:39:3d:4b:4f:c5:ba:a9:5e:78:
e3:e8:0c:f6:e6:75:8b:0a:5b:70:d3:a1:c0:e9:d8:5c:22:6a:
b6:4f:6f:86:9e:a7:00:aa:cd:7c:10:f8:4b:7d:03:35:6c:1c:
e3:20:85:c6:a8:50:c7:87:22:29:e2:23:0a:4b:f9:66:3e:3b:
84:a1:6d:9f:4f:ad:e7:6c:f9:74:00:95:ff:04:2f:b1:88:e7:
eb:da:e3:dd:6a:d6:ef:90:ec:c8:f6:1f:b6:f2:a3:d6:b8:0b:
b8:76:2f:be:1e:32:fe:6f:ac:f2:9b:41:b2:02:73:16:fe:31:
a6:b9:15:db:cb:0f:c5:3f:ca:c5:d0:c5:ff:16:18:3f:1d:95:
71:01:b6:ab:2f:8b:b9:f0:2f:91:eb:f9:17:b5:7d:c7:24:17:
f6:36:ec:ed:17:38:d5:3d:16:b1:9b:ae:5b:3e:dd:3e:eb:da:
0b:ef:e8:f9:5c:4b:f9:f6:85:3e:37:c1:0f:fa:0c:68:4d:2f:
59:ea:84:05:df:e8:cf:c8:06:bf:6d:ab:73:d7:3f:f8:83:8c:
b1:37:70:15
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGqDMcLCu5IWn6i911c65w4By7/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjRaFw0yNjAxMjYwOTQ1MjRaMDMxMTAvBgNV
BAMTKDAzNDY1OEQyQjU5OTk5RkNBQTY5RjI4QzA5MDlBRDFGOTIyOTYwQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOkjOdZMyEtk+/TsDKo71059ON
zG7tGNsJsChAZwWSKiejvhGwhuYZtk+e9ALlDMrhNtEA5TzZ6AuRSWIX1jlj6wZF
dAhzKXRD0VI40fa8l5kMfbiQQJOuQzMhpWQUigR7VGMY6xzVvvN0EqLSHwG/jwFs
nFI96l9jnhAh0EpR9SpyKtq51NNuyYwoI5fwxdgdAk5sHM+LXBUsN4dwY+QLaUVY
UNojPEbhvTccJDcOEMEhxBePNsEc8k+Gtvy0rEyDaDmfv8wjDMGfXCc8cAVBk3kW
ao+oorzlaLw4oDxQNj9IOL/cw12Eb2I7mcivWzmRufhCkuwly6uh5t6igvMHAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUA0ZY0rWZmfyqafKMCQmtH5IpYLkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM0MzUzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c
DTANBgkqhkiG9w0BAQsFAAOCAQEAa6goffmV67LntJvqeA8QpncBXykzuIWtVHjG
C4RquN09rVhY06+k+tnDalanOT1LT8W6qV544+gM9uZ1iwpbcNOhwOnYXCJqtk9v
hp6nAKrNfBD4S30DNWwc4yCFxqhQx4ciKeIjCkv5Zj47hKFtn0+t52z5dACV/wQv
sYjn69rj3WrW75DsyPYftvKj1rgLuHYvvh4y/m+s8ptBsgJzFv4xprkV28sPxT/K
xdDF/xYYPx2VcQG2qy+LufAvkev5F7V9xyQX9jbs7Rc41T0WsZuuWz7dPuvaC+/o
+VxL+faFPjfBD/oMaE0vWeqEBd/oz8gGv22rc9c/+IOMsTdwFQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:05:41 2025 by rpki-client