Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
File: 33312e3232302e32382e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: sn0yCG78R4r4yFj25XJ1uXMIrwU98vIdNN3RMdAuP1s=
Subject key identifier: 36:43:5A:BB:AC:69:31:6C:27:DC:57:49:0C:06:A9:C1:29:27:D5:2C
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03C3CB27949325B860FACECD4E031A711FDBD385
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 27 Jan 2025 09:45:08 +0000
ROA not before: Mon 27 Jan 2025 09:40:08 +0000
ROA not after: Mon 26 Jan 2026 09:45:08 +0000
asID: 201341
IP address blocks: 31.220.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:c3:cb:27:94:93:25:b8:60:fa:ce:cd:4e:03:1a:71:1f:db:d3:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:08 2025 GMT
Not After : Jan 26 09:45:08 2026 GMT
Subject: CN=36435ABBAC69316C27DC57490C06A9C12927D52C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:f7:f6:fe:b4:f1:92:07:58:15:90:c7:60:22:
8d:de:f6:86:11:55:09:f2:d2:c0:52:02:9b:ed:06:
b1:bc:4d:1d:d6:75:ce:af:7c:9b:ce:64:26:7a:0f:
fc:bd:18:20:3b:b0:8a:7b:ff:b1:73:a7:7a:f1:23:
88:e8:75:b8:58:a7:7e:56:86:95:19:a4:50:62:90:
93:5c:5e:ea:77:be:ee:f3:3e:1f:88:01:2d:31:fa:
39:d2:b1:65:49:47:0f:4e:1d:85:c8:60:46:37:e9:
a0:2e:45:ac:57:1d:6f:07:f3:03:f8:c6:56:ef:ae:
3a:da:94:84:18:4d:cf:44:44:3c:b7:81:33:58:64:
b0:5b:77:82:98:73:8c:77:ba:a0:62:d4:37:59:98:
71:e0:57:42:72:41:f4:7f:f6:83:ca:10:07:0f:1d:
67:0f:40:5a:0a:1c:bc:f6:48:e0:8b:b5:f3:75:3c:
a4:70:6b:ae:f3:75:ce:69:f4:d8:61:3c:b0:a3:e7:
dc:ed:1c:cb:1d:dd:f3:e1:45:b2:cf:3e:6c:9d:9f:
55:2e:3c:45:5b:8f:be:6c:7c:6f:da:f2:18:03:a5:
d6:50:65:cd:83:a6:ad:c0:8b:a8:7a:8c:40:b9:ba:
73:e7:4b:ea:6d:ad:21:c2:0d:a6:53:d1:9f:0d:d0:
a3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:43:5A:BB:AC:69:31:6C:27:DC:57:49:0C:06:A9:C1:29:27:D5:2C
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e32382e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.28.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:9d:75:89:f2:61:8f:cc:82:8c:0f:b6:e9:31:ec:fd:2c:f4:
44:57:ad:97:4a:10:a5:52:44:d1:8e:3d:1b:05:0c:eb:6f:b5:
87:34:e5:8c:01:79:a8:f9:d1:cd:6c:ab:f8:96:d5:04:ca:e9:
66:2a:1a:3d:4b:85:72:c7:99:bc:77:b9:14:58:5d:b8:b4:a1:
6d:a0:b4:65:0d:ed:03:e6:52:fa:28:40:27:bf:d9:8a:c1:80:
e9:8f:7e:bc:ac:3b:07:95:5b:cf:75:8e:a3:92:10:d9:1b:09:
89:24:68:6a:67:d5:cc:95:97:d9:90:9f:83:ea:de:72:fb:0b:
28:01:e0:ed:00:37:b3:a4:23:29:12:fa:c3:c1:fa:1f:02:f5:
77:85:0a:e3:4c:b2:95:2c:ed:51:8f:4c:55:89:a7:01:d2:0f:
08:a4:89:fc:05:5b:d3:6e:13:de:88:50:0b:06:8f:0d:20:51:
eb:16:55:8a:c8:f0:a1:a9:86:a8:e7:42:3e:55:40:32:85:52:
09:aa:f0:60:f1:31:94:1a:6e:c6:23:67:26:18:dd:a3:4d:e0:
44:58:86:e3:96:fb:4c:a1:7b:26:49:92:fb:e5:a2:80:ee:95:
e6:01:9d:3b:d6:f1:5c:f4:e0:02:41:12:08:3d:26:4e:20:d0:
fc:7c:52:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUA8PLJ5STJbhg+s7NTgMacR/b04UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDhaFw0yNjAxMjYwOTQ1MDhaMDMxMTAvBgNV
BAMTKDM2NDM1QUJCQUM2OTMxNkMyN0RDNTc0OTBDMDZBOUMxMjkyN0Q1MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX9/b+tPGSB1gVkMdgIo3e9oYR
VQny0sBSApvtBrG8TR3Wdc6vfJvOZCZ6D/y9GCA7sIp7/7Fzp3rxI4jodbhYp35W
hpUZpFBikJNcXup3vu7zPh+IAS0x+jnSsWVJRw9OHYXIYEY36aAuRaxXHW8H8wP4
xlbvrjralIQYTc9ERDy3gTNYZLBbd4KYc4x3uqBi1DdZmHHgV0JyQfR/9oPKEAcP
HWcPQFoKHLz2SOCLtfN1PKRwa67zdc5p9NhhPLCj59ztHMsd3fPhRbLPPmydn1Uu
PEVbj75sfG/a8hgDpdZQZc2Dpq3Ai6h6jEC5unPnS+ptrSHCDaZT0Z8N0KMpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNkNau6xpMWwn3FdJDAapwSkn1SwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMjM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
H9wcMA0GCSqGSIb3DQEBCwUAA4IBAQA8nXWJ8mGPzIKMD7bpMez9LPREV62XShCl
UkTRjj0bBQzrb7WHNOWMAXmo+dHNbKv4ltUEyulmKho9S4Vyx5m8d7kUWF24tKFt
oLRlDe0D5lL6KEAnv9mKwYDpj368rDsHlVvPdY6jkhDZGwmJJGhqZ9XMlZfZkJ+D
6t5y+wsoAeDtADezpCMpEvrDwfofAvV3hQrjTLKVLO1Rj0xViacB0g8IpIn8BVvT
bhPeiFALBo8NIFHrFlWKyPChqYao50I+VUAyhVIJqvBg8TGUGm7GI2cmGN2jTeBE
WIbjlvtMoXsmSZL75aKA7pXmAZ071vFc9OACQRIIPSZOIND8fFIk
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:11:24 2025 by rpki-client