Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
File: 33312e3232302e33302e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: tnfNbIjw0EVPyEN9e1/Y74t51P8Oxt1zHPAv7NX6kFs=
Subject key identifier: 2A:02:A2:EE:AD:E2:F0:53:4C:22:45:3B:97:30:39:30:E8:9E:8C:D7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 486678661D091C6D1C4C121D3B0F968C599891DF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
Signing time: Mon 27 Jan 2025 09:45:07 +0000
ROA not before: Mon 27 Jan 2025 09:40:07 +0000
ROA not after: Mon 26 Jan 2026 09:45:07 +0000
asID: 63473
IP address blocks: 31.220.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:66:78:66:1d:09:1c:6d:1c:4c:12:1d:3b:0f:96:8c:59:98:91:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:07 2025 GMT
Not After : Jan 26 09:45:07 2026 GMT
Subject: CN=2A02A2EEADE2F0534C22453B97303930E89E8CD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7e:21:80:1a:17:e4:fe:3a:49:c1:03:cf:e8:
bf:0c:21:36:ab:bc:d1:d6:e3:0a:ab:e0:cd:33:32:
81:9b:11:fd:f1:e0:a6:80:63:a7:e9:48:51:ae:3e:
17:79:4c:24:90:52:8a:cc:0d:14:0f:08:b1:c4:08:
77:46:c1:d4:a1:cd:f4:e9:50:aa:a8:c1:35:61:99:
e1:e7:79:51:ea:df:c9:10:a6:11:ef:2c:8b:ed:b2:
c9:53:16:f3:78:9d:4d:36:cd:a0:e3:01:1e:b5:83:
02:0d:c1:6b:71:68:f0:aa:40:ed:6b:a7:dc:28:99:
55:e3:0b:4b:21:6e:9f:be:3d:1f:51:d5:7f:95:d4:
26:46:0c:9c:c8:66:a9:a4:3d:24:39:fa:54:a5:f1:
e6:52:55:68:18:2b:44:ed:e5:a7:d6:76:e9:c0:17:
e2:25:e9:fd:48:bd:03:cf:44:b7:bd:5e:5a:8a:b8:
6b:f0:34:32:d0:e6:06:ed:d8:22:6a:a6:bf:37:11:
f1:02:57:a9:c5:84:66:5d:6e:f7:a7:b6:96:52:0a:
68:8b:5e:52:54:00:bf:2d:c2:16:88:f0:5e:8c:dd:
81:58:d5:b9:be:d3:5f:29:de:12:19:b9:ca:56:34:
d5:fe:63:51:a1:a9:eb:84:12:29:36:9c:c2:ad:9d:
df:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:02:A2:EE:AD:E2:F0:53:4C:22:45:3B:97:30:39:30:E8:9E:8C:D7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.30.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:a8:49:af:63:59:32:b3:68:d3:95:4f:19:53:10:98:be:7e:
7a:2d:b1:85:ca:ec:eb:be:04:d9:94:7a:b8:68:85:d7:08:7c:
6e:21:2b:c5:b1:07:d6:5a:71:9a:62:fd:a7:35:31:17:41:c9:
32:94:e3:f1:da:2a:02:df:d1:35:a2:59:6d:82:4b:d2:d9:e7:
d5:1a:33:f6:d1:ca:89:9e:5a:f6:f2:ee:85:9b:ec:90:f5:81:
cd:82:8b:28:77:83:f6:d5:5e:d3:03:c0:68:f8:f7:52:f0:d1:
4c:02:d5:2c:7d:6c:4b:b0:58:10:91:e0:0f:1c:36:ab:31:67:
ae:63:d6:44:6a:00:85:f2:e7:64:9b:a2:02:89:8f:b9:94:fb:
96:88:95:bb:a6:29:ae:24:4c:be:ec:08:74:de:ac:52:94:08:
4c:9b:20:df:3a:4c:19:c8:b6:a2:79:60:3a:94:ac:78:a3:4e:
b4:5b:d3:49:86:ff:61:6d:19:48:6e:1f:d5:d7:d7:48:fa:80:
31:50:52:b3:79:20:41:d5:7a:a7:38:1a:e6:16:6a:aa:41:e1:
5e:f5:94:c9:b4:62:30:8d:e7:e0:2b:70:d0:69:ee:2f:ad:1b:
7d:05:51:5a:9a:64:81:92:29:36:d9:a4:d6:a3:2a:52:4f:0b:
0b:db:89:2f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUSGZ4Zh0JHG0cTBIdOw+WjFmYkd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDdaFw0yNjAxMjYwOTQ1MDdaMDMxMTAvBgNV
BAMTKDJBMDJBMkVFQURFMkYwNTM0QzIyNDUzQjk3MzAzOTMwRTg5RThDRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+fiGAGhfk/jpJwQPP6L8MITar
vNHW4wqr4M0zMoGbEf3x4KaAY6fpSFGuPhd5TCSQUorMDRQPCLHECHdGwdShzfTp
UKqowTVhmeHneVHq38kQphHvLIvtsslTFvN4nU02zaDjAR61gwINwWtxaPCqQO1r
p9womVXjC0shbp++PR9R1X+V1CZGDJzIZqmkPSQ5+lSl8eZSVWgYK0Tt5afWdunA
F+Il6f1IvQPPRLe9XlqKuGvwNDLQ5gbt2CJqpr83EfECV6nFhGZdbventpZSCmiL
XlJUAL8twhaI8F6M3YFY1bm+018p3hIZucpWNNX+Y1GhqeuEEik2nMKtnd97AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUKgKi7q3i8FNMIkU7lzA5MOiejNcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMzMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMzM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c
HjANBgkqhkiG9w0BAQsFAAOCAQEAH6hJr2NZMrNo05VPGVMQmL5+ei2xhcrs674E
2ZR6uGiF1wh8biErxbEH1lpxmmL9pzUxF0HJMpTj8doqAt/RNaJZbYJL0tnn1Roz
9tHKiZ5a9vLuhZvskPWBzYKLKHeD9tVe0wPAaPj3UvDRTALVLH1sS7BYEJHgDxw2
qzFnrmPWRGoAhfLnZJuiAomPuZT7loiVu6YpriRMvuwIdN6sUpQITJsg3zpMGci2
onlgOpSseKNOtFvTSYb/YW0ZSG4f1dfXSPqAMVBSs3kgQdV6pzga5hZqqkHhXvWU
ybRiMI3n4Ctw0GnuL60bfQVRWppkgZIpNtmk1qMqUk8LC9uJLw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:10:50 2025 by rpki-client