Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa
File: 33312e3232302e39362e302f32312d3332203d3e203430303231.roa (raw, json)
Hash identifier: N290rBhAC0kRZ0nlO54YiY/QalrXGcMZxXZdoKr0o28=
Subject key identifier: 43:9D:BB:B0:07:3A:3F:C3:E3:DF:CF:75:01:93:2A:0D:0F:98:12:8F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 57EBE8E306164BF8A3C3DF29B97AC957CC1F586D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa
Signing time: Mon 27 Jan 2025 09:45:19 +0000
ROA not before: Mon 27 Jan 2025 09:40:19 +0000
ROA not after: Mon 26 Jan 2026 09:45:19 +0000
asID: 40021
IP address blocks: 31.220.96.0/21 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:eb:e8:e3:06:16:4b:f8:a3:c3:df:29:b9:7a:c9:57:cc:1f:58:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:19 2025 GMT
Not After : Jan 26 09:45:19 2026 GMT
Subject: CN=439DBBB0073A3FC3E3DFCF7501932A0D0F98128F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:dd:a9:af:eb:fa:7b:d0:ea:bd:9c:06:41:
5c:d6:65:b1:fd:9e:27:c1:67:3e:6c:b7:a9:44:99:
f4:9c:6f:07:23:0e:d2:54:6c:2b:54:fc:18:cd:97:
dd:92:97:a1:76:84:37:00:8c:3e:fb:de:49:fd:41:
5e:d2:4b:cb:fa:53:0b:d3:53:63:c4:bf:e7:d9:60:
91:b4:da:3a:ba:b0:2b:23:89:e6:ff:ae:91:eb:29:
7d:a3:8b:7d:9a:84:9f:de:4f:b3:b4:79:e3:d2:ad:
32:b6:2e:93:85:40:98:9c:38:a4:b2:3a:e1:23:29:
b8:ed:a1:4d:77:e8:e5:3e:3f:35:ba:f4:20:1c:da:
b7:93:57:5e:b3:8d:fa:1c:4d:ff:fa:15:9b:e9:94:
10:74:d0:92:5e:b2:b5:6f:f1:f8:b1:f0:2b:4a:69:
60:d0:46:c5:43:94:cd:53:24:22:fe:65:c8:e8:f6:
97:62:a1:c9:37:a2:fe:35:cb:d5:7f:9b:66:7d:89:
eb:83:8d:22:95:01:f4:7e:8b:a2:64:d4:16:c8:78:
3d:cc:be:7b:89:19:e5:e5:fc:02:ee:55:01:88:ec:
03:dc:7e:65:93:2a:5d:c8:60:31:02:da:27:4b:bf:
08:64:d6:bc:64:7a:6b:64:25:e3:fd:44:95:46:c4:
8b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:9D:BB:B0:07:3A:3F:C3:E3:DF:CF:75:01:93:2A:0D:0F:98:12:8F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.96.0/21
Signature Algorithm: sha256WithRSAEncryption
82:46:ea:bf:6d:be:cd:3f:1f:c5:98:00:ca:8b:d5:04:04:f7:
db:63:88:a8:d2:db:04:48:52:a1:23:57:87:c3:f6:28:ea:7f:
b9:f9:6d:f2:85:14:90:13:d6:33:25:96:56:30:7d:62:b6:25:
b2:d3:73:6e:44:ad:53:2e:44:bd:4a:8b:61:d4:c8:b2:80:31:
ce:c1:61:02:87:cc:33:69:fd:1b:fa:c8:7f:70:3d:84:c7:15:
40:3c:28:1e:1b:0b:9e:9b:8e:c5:6c:be:68:23:e4:31:dd:ec:
b9:bd:1b:ab:32:71:fa:ec:e1:b6:69:6c:82:90:be:fa:1f:ec:
d7:fa:92:8f:aa:e3:ce:40:3e:15:19:92:e0:79:b6:3f:fa:00:
18:2a:b6:4e:bd:b6:70:0a:c1:d3:8e:31:29:b0:89:1b:17:f1:
27:e0:0b:86:a1:9a:51:c7:40:5c:69:16:02:92:5d:7d:b4:e1:
0e:ae:f9:72:14:d1:57:7b:35:ca:5a:81:1f:5e:1a:2f:e8:ef:
ca:4a:af:da:68:80:94:88:7e:f4:7a:ac:95:6e:62:8d:04:86:
fc:6e:73:74:36:e3:11:d9:88:17:b6:1d:92:40:90:6e:41:1d:
de:f6:0b:f5:6d:52:70:cb:dc:eb:c3:5a:4d:57:97:94:08:38:
3c:95:46:1f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUV+vo4wYWS/ijw98puXrJV8wfWG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTlaFw0yNjAxMjYwOTQ1MTlaMDMxMTAvBgNV
BAMTKDQzOURCQkIwMDczQTNGQzNFM0RGQ0Y3NTAxOTMyQTBEMEY5ODEyOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIpN2pr+v6e9DqvZwGQVzWZbH9
nifBZz5st6lEmfScbwcjDtJUbCtU/BjNl92Sl6F2hDcAjD773kn9QV7SS8v6UwvT
U2PEv+fZYJG02jq6sCsjieb/rpHrKX2ji32ahJ/eT7O0eePSrTK2LpOFQJicOKSy
OuEjKbjtoU136OU+PzW69CAc2reTV16zjfocTf/6FZvplBB00JJesrVv8fix8CtK
aWDQRsVDlM1TJCL+Zcjo9pdiock3ov41y9V/m2Z9ieuDjSKVAfR+i6Jk1BbIeD3M
vnuJGeXl/ALuVQGI7APcfmWTKl3IYDEC2idLvwhk1rxkemtkJeP9RJVGxIu5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUQ527sAc6P8Pj3891AZMqDQ+YEo8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzOTM2
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzQzMDMwMzIzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c
YDANBgkqhkiG9w0BAQsFAAOCAQEAgkbqv22+zT8fxZgAyovVBAT322OIqNLbBEhS
oSNXh8P2KOp/uflt8oUUkBPWMyWWVjB9YrYlstNzbkStUy5EvUqLYdTIsoAxzsFh
AofMM2n9G/rIf3A9hMcVQDwoHhsLnpuOxWy+aCPkMd3sub0bqzJx+uzhtmlsgpC+
+h/s1/qSj6rjzkA+FRmS4Hm2P/oAGCq2Tr22cArB044xKbCJGxfxJ+ALhqGaUcdA
XGkWApJdfbThDq75chTRV3s1ylqBH14aL+jvykqv2miAlIh+9HqslW5ijQSG/G5z
dDbjEdmIF7YdkkCQbkEd3vYL9W1ScMvc68NaTVeXlAg4PJVGHw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 15:56:19 2025 by rpki-client