Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203432373038.roa
File: 33312e3232302e34342e302f32332d3233203d3e203432373038.roa (raw, json)
Hash identifier: qYiikL7R17hmDxZUpsW15FANb3PZhcrKGJVfzadi/NI=
Subject key identifier: 3C:A8:8F:C9:7D:3B:CB:C9:A3:F5:12:5E:34:95:37:4E:BF:28:47:66
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3D6DCBB7806D0385F0D1014DADAF57ECA1502A4B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203432373038.roa
Signing time: Mon 27 Jan 2025 09:45:25 +0000
ROA not before: Mon 27 Jan 2025 09:40:25 +0000
ROA not after: Mon 26 Jan 2026 09:45:25 +0000
asID: 42708
IP address blocks: 31.220.44.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:6d:cb:b7:80:6d:03:85:f0:d1:01:4d:ad:af:57:ec:a1:50:2a:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:25 2025 GMT
Not After : Jan 26 09:45:25 2026 GMT
Subject: CN=3CA88FC97D3BCBC9A3F5125E3495374EBF284766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4e:75:d6:ed:65:bd:30:a9:8c:3b:0c:17:76:
f4:5d:59:e7:4d:eb:8c:a3:65:a0:36:60:9b:b4:04:
dc:8e:30:46:ba:ca:06:04:8b:03:d7:ec:8a:e9:b9:
9a:c7:2e:66:4f:33:37:93:3a:61:a0:9d:bd:fb:23:
37:4b:cf:a9:1d:ae:73:9e:2f:bc:11:d1:28:28:d5:
2c:61:fb:54:c5:ec:d7:9e:97:37:f9:f3:ea:91:ef:
1f:00:d9:8d:23:19:fd:78:df:35:38:ac:d4:b7:c8:
a4:e4:ec:fc:9a:58:0b:8b:78:46:ca:18:f5:73:32:
40:65:f4:bb:24:5f:3a:0e:2e:48:e1:cd:25:fc:57:
0f:63:dd:de:6a:15:ff:a2:12:17:10:c4:0d:5c:9c:
50:50:ee:5c:07:49:18:49:84:78:58:b5:0d:51:ef:
fb:18:a2:ac:d7:43:af:b0:89:bb:37:7c:c3:13:c3:
66:61:cc:d6:26:e8:80:64:80:e3:00:d2:4b:29:5b:
84:11:4a:32:a1:1f:e2:0a:cf:50:dd:51:54:11:52:
05:49:0c:88:f0:9a:20:87:4d:a0:43:ec:49:83:74:
b2:49:7c:fa:17:54:7a:bd:40:14:ac:90:37:0f:b2:
0c:04:3b:91:25:34:d4:b9:07:9e:cd:96:5c:b8:09:
54:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:A8:8F:C9:7D:3B:CB:C9:A3:F5:12:5E:34:95:37:4E:BF:28:47:66
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203432373038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.44.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:80:68:4d:67:44:2c:f5:ac:a2:6e:9b:82:a2:42:13:58:51:
42:79:5c:b3:94:fb:1b:99:46:91:32:34:d3:85:b2:bc:79:c4:
9c:41:06:1c:4e:2d:17:65:b0:64:72:4c:6e:b8:ab:0e:dd:82:
c8:3a:40:c6:14:68:d7:ed:1f:52:b3:6f:ba:2c:31:38:b1:46:
46:11:6b:6c:33:9d:a4:c2:4b:a4:45:69:24:df:e6:8a:db:35:
5a:3a:20:43:6c:cf:db:56:9c:44:b4:a0:09:68:98:c6:f8:80:
43:ff:72:2d:8a:14:6f:df:3b:c7:a0:99:75:9d:71:f9:7d:ff:
63:75:56:40:80:d4:c6:c4:f7:a4:e1:f3:c2:28:3f:ef:8a:70:
20:23:1d:78:fc:98:13:67:bb:a0:ae:10:56:ee:99:ec:0a:b9:
96:25:71:68:33:75:4c:d0:0a:e6:31:4c:90:09:e5:5b:0c:f2:
40:04:04:c3:3d:08:76:95:46:f3:a2:82:55:a8:d6:29:2a:6d:
27:7d:93:b1:3e:05:0b:66:7c:8c:d8:17:76:9d:57:68:55:f9:
ad:c4:64:48:22:c4:79:a3:e7:18:26:c0:97:51:a1:8f:ce:2f:
1f:9f:f8:c5:f3:7d:01:31:8f:db:97:95:cd:a7:ac:5c:a3:41:
99:fa:0c:f2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPW3Lt4BtA4Xw0QFNra9X7KFQKkswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjVaFw0yNjAxMjYwOTQ1MjVaMDMxMTAvBgNV
BAMTKDNDQTg4RkM5N0QzQkNCQzlBM0Y1MTI1RTM0OTUzNzRFQkYyODQ3NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvTnXW7WW9MKmMOwwXdvRdWedN
64yjZaA2YJu0BNyOMEa6ygYEiwPX7IrpuZrHLmZPMzeTOmGgnb37IzdLz6kdrnOe
L7wR0Sgo1Sxh+1TF7Neelzf58+qR7x8A2Y0jGf143zU4rNS3yKTk7PyaWAuLeEbK
GPVzMkBl9LskXzoOLkjhzSX8Vw9j3d5qFf+iEhcQxA1cnFBQ7lwHSRhJhHhYtQ1R
7/sYoqzXQ6+wibs3fMMTw2ZhzNYm6IBkgOMA0kspW4QRSjKhH+IKz1DdUVQRUgVJ
DIjwmiCHTaBD7EmDdLJJfPoXVHq9QBSskDcPsgwEO5ElNNS5B57Nlly4CVTlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUPKiPyX07y8mj9RJeNJU3Tr8oR2YwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDM0
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzQzMjM3MzAzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAR/c
LDANBgkqhkiG9w0BAQsFAAOCAQEAaoBoTWdELPWsom6bgqJCE1hRQnlcs5T7G5lG
kTI004WyvHnEnEEGHE4tF2WwZHJMbrirDt2CyDpAxhRo1+0fUrNvuiwxOLFGRhFr
bDOdpMJLpEVpJN/mits1WjogQ2zP21acRLSgCWiYxviAQ/9yLYoUb987x6CZdZ1x
+X3/Y3VWQIDUxsT3pOHzwig/74pwICMdePyYE2e7oK4QVu6Z7Aq5liVxaDN1TNAK
5jFMkAnlWwzyQAQEwz0IdpVG86KCVajWKSptJ32TsT4FC2Z8jNgXdp1XaFX5rcRk
SCLEeaPnGCbAl1Ghj84vH5/4xfN9ATGP25eVzaesXKNBmfoM8g==
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:59:34 2025 by rpki-client