Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
File: 33312e3232302e38382e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: Z6xMOGdTgWaNi1z8n6Mqg8zOOe4zNA2KRVKsm7gZBno=
Subject key identifier: B9:1D:76:5F:E3:3E:65:90:C6:74:5B:81:74:CA:43:50:E1:41:E1:91
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21C7F15689CF393C90B258DC021606C57F5CD739
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:00 +0000
ROA not before: Mon 27 Jan 2025 09:40:00 +0000
ROA not after: Mon 26 Jan 2026 09:45:00 +0000
asID: 51167
IP address blocks: 31.220.88.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c7:f1:56:89:cf:39:3c:90:b2:58:dc:02:16:06:c5:7f:5c:d7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:00 2025 GMT
Not After : Jan 26 09:45:00 2026 GMT
Subject: CN=B91D765FE33E6590C6745B8174CA4350E141E191
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bd:60:19:b4:bd:ed:2a:59:4b:71:f7:43:02:
8d:92:b8:b8:98:e7:fb:fd:0f:0e:9e:8c:e9:d3:18:
3b:42:cb:19:3a:62:ad:97:68:ef:c8:4a:19:c3:f0:
ef:8e:bf:8f:3c:f4:78:e4:7e:14:90:79:fa:3e:2a:
63:0c:27:50:8e:34:62:24:1b:78:fb:20:d9:8e:30:
6e:ce:fc:0f:7e:33:b2:88:e3:37:c7:ac:f6:73:df:
d5:f4:af:f3:b9:1c:e4:7a:b2:fc:40:10:89:62:e4:
a2:d1:da:b0:49:d0:8e:df:1e:25:d5:98:5d:dd:30:
16:7b:d0:b9:ce:e8:b7:f8:88:de:c3:1e:e3:e9:ff:
f3:db:f6:26:22:f4:70:ec:bf:3c:04:58:c0:84:52:
f8:c6:0b:2f:76:90:0b:b5:83:2e:be:31:a9:70:86:
4c:4c:d0:6b:ea:d4:74:2f:88:05:9b:02:33:aa:f8:
5a:dc:70:32:12:bf:ca:89:a9:b7:29:aa:d1:81:77:
34:6b:e0:ef:8e:8c:43:d9:39:cf:f2:f7:fb:6f:2a:
b4:87:4c:92:77:a4:78:33:b0:6a:a5:eb:f3:c7:9f:
bd:07:cc:d7:03:f1:48:8e:94:7b:dc:52:0d:88:a8:
92:29:60:fa:ad:3b:11:9b:b4:c2:3c:09:0b:be:a1:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:1D:76:5F:E3:3E:65:90:C6:74:5B:81:74:CA:43:50:E1:41:E1:91
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.88.0/21
Signature Algorithm: sha256WithRSAEncryption
58:5d:9b:ee:85:fa:6c:b6:6d:f4:76:8d:12:cc:af:13:ca:9f:
df:c0:53:73:39:60:f6:c3:1a:7d:eb:c9:81:12:75:23:38:8c:
17:f5:b5:9b:58:56:c9:c8:2e:8e:76:f0:90:96:4c:82:b7:33:
56:c0:9d:84:6b:60:a9:16:5d:01:51:0b:47:44:fe:3f:ba:df:
3c:72:cd:cb:f9:bb:2d:26:fe:19:f1:1e:c7:67:1c:1b:1f:0f:
0c:3e:83:1a:db:4f:03:56:84:2a:33:ed:2a:fd:40:56:f1:1a:
34:00:3b:1c:7e:7c:8c:44:96:f5:40:bd:54:d2:03:d8:af:73:
ed:ab:ed:3a:24:81:9d:ce:87:91:54:1e:5d:b6:94:c6:4e:35:
8e:9d:e1:37:ae:19:2e:50:53:23:82:22:8e:75:4c:8e:7f:ee:
45:ce:9d:f3:ed:5c:f3:19:2a:4f:f7:1b:ef:da:06:49:aa:cc:
8f:74:d8:49:dc:ba:d1:a9:73:78:68:2a:d2:b9:26:66:5f:aa:
14:2f:ad:ec:31:1b:5e:5e:2f:33:2c:ba:98:34:93:98:f3:50:
4b:35:d0:b6:52:22:19:fd:29:42:a0:ec:08:47:bc:90:78:0f:
9e:28:65:ec:e3:70:cf:cf:02:8f:68:22:f8:fb:3a:06:2c:1d:
1e:de:db:30
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUIcfxVonPOTyQsljcAhYGxX9c1zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDBaFw0yNjAxMjYwOTQ1MDBaMDMxMTAvBgNV
BAMTKEI5MUQ3NjVGRTMzRTY1OTBDNjc0NUI4MTc0Q0E0MzUwRTE0MUUxOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLvWAZtL3tKllLcfdDAo2SuLiY
5/v9Dw6ejOnTGDtCyxk6Yq2XaO/IShnD8O+Ov4889HjkfhSQefo+KmMMJ1CONGIk
G3j7INmOMG7O/A9+M7KI4zfHrPZz39X0r/O5HOR6svxAEIli5KLR2rBJ0I7fHiXV
mF3dMBZ70LnO6Lf4iN7DHuPp//Pb9iYi9HDsvzwEWMCEUvjGCy92kAu1gy6+Malw
hkxM0Gvq1HQviAWbAjOq+FrccDISv8qJqbcpqtGBdzRr4O+OjEPZOc/y9/tvKrSH
TJJ3pHgzsGql6/PHn70HzNcD8UiOlHvcUg2IqJIpYPqtOxGbtMI8CQu+oZ5NAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUuR12X+M+ZZDGdFuBdMpDUOFB4ZEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzODM4
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c
WDANBgkqhkiG9w0BAQsFAAOCAQEAWF2b7oX6bLZt9HaNEsyvE8qf38BTczlg9sMa
fevJgRJ1IziMF/W1m1hWycgujnbwkJZMgrczVsCdhGtgqRZdAVELR0T+P7rfPHLN
y/m7LSb+GfEex2ccGx8PDD6DGttPA1aEKjPtKv1AVvEaNAA7HH58jESW9UC9VNID
2K9z7avtOiSBnc6HkVQeXbaUxk41jp3hN64ZLlBTI4IijnVMjn/uRc6d8+1c8xkq
T/cb79oGSarMj3TYSdy60alzeGgq0rkmZl+qFC+t7DEbXl4vMyy6mDSTmPNQSzXQ
tlIiGf0pQqDsCEe8kHgPnihl7ONwz88Cj2gi+Ps6BiwdHt7bMA==
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:03:23 2025 by rpki-client