Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa
File: 33312e3232302e34322e302f32342d3234203d3e203530363733.roa (raw, json)
Hash identifier: pfApvhPSN+rKcZ1d5h7gt79h815eGcIiDu0ta/TmYoo=
Subject key identifier: E3:D7:7E:6A:D1:41:10:C8:FF:31:D1:F5:5A:3B:13:B6:BA:EE:A8:04
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 59D40F02E646CBA5846E0BA1E7A01FBD86AB0859
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa
Signing time: Mon 27 Jan 2025 09:45:10 +0000
ROA not before: Mon 27 Jan 2025 09:40:10 +0000
ROA not after: Mon 26 Jan 2026 09:45:10 +0000
asID: 50673
IP address blocks: 31.220.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:d4:0f:02:e6:46:cb:a5:84:6e:0b:a1:e7:a0:1f:bd:86:ab:08:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:10 2025 GMT
Not After : Jan 26 09:45:10 2026 GMT
Subject: CN=E3D77E6AD14110C8FF31D1F55A3B13B6BAEEA804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4a:ea:ae:98:d7:19:f3:f4:f2:9d:8b:11:c5:
8f:4e:3d:68:58:d8:bd:d7:ca:70:7e:09:e0:c0:70:
cf:6f:e3:55:47:42:c3:1d:6c:39:10:cd:61:35:a6:
b1:94:50:0e:99:5c:99:5c:5d:7e:47:ff:71:af:83:
67:c8:06:2c:13:ec:0a:86:41:29:70:b3:35:3d:29:
b0:5f:3d:1f:88:bd:a6:31:0c:b9:44:d4:9d:da:45:
11:3b:57:8b:dc:af:bd:7b:91:16:7c:44:3c:85:53:
87:82:7e:b8:55:bc:50:0a:d3:b7:e0:da:c3:0c:08:
2d:8a:48:a0:c1:71:a4:ab:ff:b4:36:6b:7e:64:63:
32:9d:a0:8e:bf:56:61:f2:b7:f4:88:f4:d1:57:b4:
60:6c:6d:7b:83:c3:67:61:cd:45:45:da:88:f9:46:
91:38:a5:05:ba:4c:53:c5:92:d6:a8:97:6a:ed:c5:
6a:d2:f4:71:41:b2:c6:8e:0a:8e:01:b6:da:42:fa:
e2:42:37:42:48:37:dd:11:ae:42:09:8f:23:c5:b6:
03:fe:97:9b:2f:6e:69:10:15:c9:de:50:05:1f:06:
fa:88:62:7e:44:21:a9:f7:47:43:c3:be:5f:cf:68:
da:11:42:cf:e2:31:e0:ae:8c:24:e9:84:62:d3:de:
a5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:D7:7E:6A:D1:41:10:C8:FF:31:D1:F5:5A:3B:13:B6:BA:EE:A8:04
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.42.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:a7:c5:22:c6:c6:23:b2:c3:12:5c:f9:d2:94:d8:b3:ab:be:
42:ff:b6:b4:34:74:6d:0d:59:16:6e:d2:a2:f8:21:d7:14:01:
b3:7f:2c:9d:1a:ad:68:5d:66:39:13:ca:18:1f:0f:d3:19:36:
30:f6:6b:14:78:86:e5:a9:1c:48:0d:94:4e:d2:e2:8f:d2:9f:
5c:0f:b8:8b:9e:b1:90:65:e5:2d:8c:20:27:9a:43:c1:1d:48:
48:1c:1a:7a:17:b8:76:7a:5a:92:c7:d3:28:dc:4e:4d:66:39:
90:8a:be:dc:25:7c:60:9a:57:88:05:58:c1:05:61:c1:d8:5b:
47:bd:24:62:9b:53:89:23:b1:3f:32:b6:5c:c7:5e:fd:d8:0b:
52:84:3d:36:9f:fc:91:a0:ec:ab:ba:4c:8b:50:b9:03:39:1e:
fd:71:cf:f9:d1:2a:93:24:ba:aa:9c:8b:41:9d:a2:b5:14:f3:
bc:c8:7c:3e:f3:22:02:ef:08:2c:6c:da:02:ee:89:5a:fc:a8:
61:ad:36:4a:d5:67:96:a2:7f:62:62:a4:75:dc:9e:ff:67:5f:
b0:0e:14:35:ee:14:ac:ac:99:d0:83:f7:7d:72:3f:fb:68:df:
cf:a4:c3:0d:b4:d9:99:fa:2c:42:be:40:83:4b:63:a3:6a:b8:
cd:32:50:59
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUWdQPAuZGy6WEbguh56AfvYarCFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTBaFw0yNjAxMjYwOTQ1MTBaMDMxMTAvBgNV
BAMTKEUzRDc3RTZBRDE0MTEwQzhGRjMxRDFGNTVBM0IxM0I2QkFFRUE4MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOSuqumNcZ8/TynYsRxY9OPWhY
2L3XynB+CeDAcM9v41VHQsMdbDkQzWE1prGUUA6ZXJlcXX5H/3Gvg2fIBiwT7AqG
QSlwszU9KbBfPR+IvaYxDLlE1J3aRRE7V4vcr717kRZ8RDyFU4eCfrhVvFAK07fg
2sMMCC2KSKDBcaSr/7Q2a35kYzKdoI6/VmHyt/SI9NFXtGBsbXuDw2dhzUVF2oj5
RpE4pQW6TFPFktaol2rtxWrS9HFBssaOCo4BttpC+uJCN0JIN90RrkIJjyPFtgP+
l5svbmkQFcneUAUfBvqIYn5EIan3R0PDvl/PaNoRQs/iMeCujCTphGLT3qXZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU49d+atFBEMj/MdH1WjsTtrruqAQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMDM2MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c
KjANBgkqhkiG9w0BAQsFAAOCAQEAbafFIsbGI7LDElz50pTYs6u+Qv+2tDR0bQ1Z
Fm7Sovgh1xQBs38snRqtaF1mORPKGB8P0xk2MPZrFHiG5akcSA2UTtLij9KfXA+4
i56xkGXlLYwgJ5pDwR1ISBwaehe4dnpaksfTKNxOTWY5kIq+3CV8YJpXiAVYwQVh
wdhbR70kYptTiSOxPzK2XMde/dgLUoQ9Np/8kaDsq7pMi1C5Azke/XHP+dEqkyS6
qpyLQZ2itRTzvMh8PvMiAu8ILGzaAu6JWvyoYa02StVnlqJ/YmKkddye/2dfsA4U
Ne4UrKyZ0IP3fXI/+2jfz6TDDbTZmfosQr5Ag0tjo2q4zTJQWQ==
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:46:29 2025 by rpki-client