Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa
File: 33312e3232302e34332e302f32342d3234203d3e203432373038.roa (raw, json)
Hash identifier: OUObq9JTH/R8A1+BdZglD0hHlMMrWsY9a1C7zcwEBlk=
Subject key identifier: 84:AD:79:C9:2E:BC:F7:66:0B:68:74:F7:D8:93:D2:2B:05:64:9F:B6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 782ADD710EC207AB3A481AAF30391A77EE08A48D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa
Signing time: Mon 27 Jan 2025 09:44:56 +0000
ROA not before: Mon 27 Jan 2025 09:39:56 +0000
ROA not after: Mon 26 Jan 2026 09:44:56 +0000
asID: 42708
IP address blocks: 31.220.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:2a:dd:71:0e:c2:07:ab:3a:48:1a:af:30:39:1a:77:ee:08:a4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:56 2025 GMT
Not After : Jan 26 09:44:56 2026 GMT
Subject: CN=84AD79C92EBCF7660B6874F7D893D22B05649FB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:51:b0:00:a8:14:32:e9:e3:af:45:f3:b0:0e:
c3:f2:3e:d8:97:ec:c6:ec:42:6e:0f:40:aa:58:c7:
45:fa:12:e5:86:56:a9:cb:75:98:76:ea:4d:67:3d:
fe:22:35:fe:48:5d:a4:f4:ab:41:b7:ee:42:64:04:
f5:60:28:78:e7:01:bc:52:76:3f:9f:78:15:f7:2e:
32:e3:30:46:f9:8c:1f:3a:20:67:d3:b1:4d:62:ac:
af:09:3c:4b:46:57:44:55:64:a3:ab:15:72:6e:a3:
8f:a2:1b:e7:30:eb:18:4f:ac:67:3f:c6:a0:1d:c6:
56:fe:16:51:2d:6a:58:75:55:da:26:79:01:0f:e8:
95:6e:da:02:b1:d8:37:6f:aa:91:84:56:33:5b:df:
1d:ee:d0:ba:12:be:38:59:92:14:1a:f9:f0:37:e4:
68:f1:27:9f:91:67:36:4c:7f:2b:b1:74:6f:d3:89:
68:44:88:b5:9f:26:4c:90:38:11:92:e4:e4:f9:92:
08:3d:96:a4:d9:2c:a0:c7:4a:df:d3:45:85:8e:91:
8f:aa:c1:25:a9:c8:36:05:60:c2:d5:23:4b:2a:5c:
ea:35:5e:70:d9:bd:1f:1a:27:84:60:de:3c:87:ca:
7f:62:86:22:75:f7:0b:00:35:6d:7a:11:05:00:5d:
50:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AD:79:C9:2E:BC:F7:66:0B:68:74:F7:D8:93:D2:2B:05:64:9F:B6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.43.0/24
Signature Algorithm: sha256WithRSAEncryption
86:74:a8:68:59:9e:86:1b:c1:b0:f5:56:91:9e:2e:9f:c1:86:
01:ac:e5:2c:84:dc:5b:0c:a6:5a:1a:ef:78:8d:03:b3:19:37:
bd:2c:7a:7a:0d:1d:2d:a3:69:99:63:49:c1:ea:4f:94:9c:bf:
af:69:a6:b6:90:b5:c0:a6:86:1e:b5:ca:8a:67:bc:ba:29:80:
66:aa:27:18:35:3e:e8:ab:70:bd:1c:d8:15:bf:62:18:42:78:
cd:11:18:9a:b5:40:df:84:9a:2e:68:a3:41:e8:2a:b4:97:1f:
5f:f5:ae:2f:c5:10:99:20:05:a0:0a:62:e1:91:61:82:bf:bd:
f5:52:41:60:80:18:89:54:58:95:ed:80:2e:c1:ce:36:0d:e9:
23:e6:2a:cc:b5:df:9d:a4:a4:bf:82:4b:bb:96:01:f4:20:57:
fa:e1:fe:f1:77:07:8b:d1:2f:bd:5d:51:15:1a:85:e2:b3:c4:
f7:23:d3:e4:36:d9:06:c3:e1:14:35:15:c4:fc:19:a2:73:f6:
e3:18:08:3f:a1:57:b1:2f:5e:aa:a3:06:99:d8:72:de:cb:62:
ec:24:0f:6d:e3:24:d8:32:18:1c:b7:8e:20:45:c6:5b:d8:a5:
be:07:a4:9a:bd:c2:1f:71:57:8b:96:9d:a2:60:d9:66:26:d5:
ca:87:b6:85
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUeCrdcQ7CB6s6SBqvMDkad+4IpI0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTZaFw0yNjAxMjYwOTQ0NTZaMDMxMTAvBgNV
BAMTKDg0QUQ3OUM5MkVCQ0Y3NjYwQjY4NzRGN0Q4OTNEMjJCMDU2NDlGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlUbAAqBQy6eOvRfOwDsPyPtiX
7MbsQm4PQKpYx0X6EuWGVqnLdZh26k1nPf4iNf5IXaT0q0G37kJkBPVgKHjnAbxS
dj+feBX3LjLjMEb5jB86IGfTsU1irK8JPEtGV0RVZKOrFXJuo4+iG+cw6xhPrGc/
xqAdxlb+FlEtalh1VdomeQEP6JVu2gKx2DdvqpGEVjNb3x3u0LoSvjhZkhQa+fA3
5GjxJ5+RZzZMfyuxdG/TiWhEiLWfJkyQOBGS5OT5kgg9lqTZLKDHSt/TRYWOkY+q
wSWpyDYFYMLVI0sqXOo1XnDZvR8aJ4Rg3jyHyn9ihiJ19wsANW16EQUAXVAbAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUhK15yS6892YLaHT32JPSKwVkn7YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM3MzAzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c
KzANBgkqhkiG9w0BAQsFAAOCAQEAhnSoaFmehhvBsPVWkZ4un8GGAazlLITcWwym
WhrveI0Dsxk3vSx6eg0dLaNpmWNJwepPlJy/r2mmtpC1wKaGHrXKime8uimAZqon
GDU+6KtwvRzYFb9iGEJ4zREYmrVA34SaLmijQegqtJcfX/WuL8UQmSAFoApi4ZFh
gr+99VJBYIAYiVRYle2ALsHONg3pI+YqzLXfnaSkv4JLu5YB9CBX+uH+8XcHi9Ev
vV1RFRqF4rPE9yPT5DbZBsPhFDUVxPwZonP24xgIP6FXsS9eqqMGmdhy3sti7CQP
beMk2DIYHLeOIEXGW9ilvgekmr3CH3FXi5adomDZZibVyoe2hQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:03:57 2025 by rpki-client