Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e2030.roa
File: 322e35382e37322e302f32332d3234203d3e2030.roa (raw, json)
Hash identifier: ppc9Iz47s9vIQzXqyceqihLt1Xi+7NEunqbw+p8D2b0=
Subject key identifier: 26:D5:C1:13:1C:BE:55:98:5B:38:55:34:35:2E:D1:E3:4C:18:25:13
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 541714555352962BD29471F20509A288F0EA9B59
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:35 +0000
ROA not before: Mon 27 Mar 2023 08:22:35 +0000
ROA not after: Mon 25 Mar 2024 08:27:35 +0000
asID: 0
IP address blocks: 2.58.72.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:17:14:55:53:52:96:2b:d2:94:71:f2:05:09:a2:88:f0:ea:9b:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Mar 27 08:22:35 2023 GMT
Not After : Mar 25 08:27:35 2024 GMT
Subject: CN=26D5C1131CBE55985B385534352ED1E34C182513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a0:68:fd:07:23:dc:c7:c8:d4:59:b9:e2:78:
d6:a6:68:f5:42:dd:7e:c1:5e:1a:d5:86:90:87:f6:
23:0b:81:bd:59:19:f4:e3:cb:e2:d4:18:59:c4:81:
8a:1a:0b:f1:83:18:21:2f:88:8e:f5:6d:f6:2f:d6:
bb:59:81:2c:c5:a8:89:45:b9:aa:f9:a6:2b:00:a1:
dd:31:6b:87:34:b4:ac:19:93:c7:02:b1:12:f8:6f:
6d:55:38:44:4e:42:d5:2b:5b:98:54:cc:e8:78:aa:
38:5b:5c:20:58:24:b2:09:16:6d:c1:06:b7:b0:e2:
a3:c7:72:d9:d4:21:fe:04:2b:2b:e0:b7:aa:5b:e3:
7b:56:57:d3:1c:5b:3c:bb:53:ca:8d:0c:5d:c2:41:
f6:41:59:aa:47:c0:db:ef:2c:5f:b8:2a:a7:f8:6c:
a4:6a:bd:40:0b:b7:63:84:04:a9:14:8a:75:af:4e:
8f:03:9c:c1:18:9f:a9:ba:49:0a:89:c7:d0:e5:90:
f9:10:7a:ca:8e:e8:f6:e3:bf:dd:32:5a:82:96:89:
a2:ff:ad:aa:67:c5:2b:ca:1a:a4:e3:fc:0c:42:e2:
1a:5a:8e:3e:fb:bb:c1:7a:f3:3e:18:da:1b:1b:f3:
48:c9:e6:61:6a:77:aa:0b:c3:38:4b:bc:e9:43:98:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:D5:C1:13:1C:BE:55:98:5B:38:55:34:35:2E:D1:E3:4C:18:25:13
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/322e35382e37322e302f32332d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.72.0/23
Signature Algorithm: sha256WithRSAEncryption
2e:7b:fc:78:8e:49:3a:3b:04:fa:a9:d6:1f:c7:aa:79:17:ce:
18:3e:99:29:dc:56:9d:44:8a:a0:1b:cc:a8:f9:6c:ea:e2:01:
7e:31:5a:30:31:2e:53:11:d6:71:78:26:30:d1:9d:55:c4:30:
d4:ef:22:4d:51:56:40:8a:fc:25:47:e3:41:4f:dd:2f:6d:78:
0c:26:16:34:76:1f:9d:d8:2b:61:a3:93:cd:fb:c9:90:df:c6:
bc:85:29:20:ee:a3:d6:3e:f2:a8:0e:cb:5a:3e:91:09:d4:7d:
09:11:0a:72:a7:22:8c:68:1c:54:5c:39:c1:14:b0:e0:c3:ee:
0e:86:81:b1:24:d5:6e:e3:87:fd:7a:f8:63:35:d0:b5:f4:47:
60:86:e1:80:b5:52:3f:5d:45:f1:28:32:c4:58:85:b5:03:05:
73:7e:e5:47:a4:df:fb:5e:db:e1:e8:02:b6:82:eb:b8:e5:51:
f8:cd:df:ac:7a:97:a4:9c:31:78:c3:b9:f3:cc:1b:34:44:92:
83:10:dc:6b:53:17:7c:f1:19:fc:76:63:8d:ef:f9:42:46:12:
00:74:ad:0d:ac:32:19:90:7c:32:1a:83:45:1e:de:5e:22:43:
92:2b:62:59:28:c7:aa:07:29:20:af:ab:83:be:07:3c:0c:55:
db:ed:f7:52
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUVBcUVVNSlivSlHHyBQmiiPDqm1kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yMzAzMjcwODIyMzVaFw0yNDAzMjUwODI3MzVaMDMxMTAvBgNV
BAMTKDI2RDVDMTEzMUNCRTU1OTg1QjM4NTUzNDM1MkVEMUUzNEMxODI1MTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfoGj9ByPcx8jUWbnieNamaPVC
3X7BXhrVhpCH9iMLgb1ZGfTjy+LUGFnEgYoaC/GDGCEviI71bfYv1rtZgSzFqIlF
uar5pisAod0xa4c0tKwZk8cCsRL4b21VOEROQtUrW5hUzOh4qjhbXCBYJLIJFm3B
Brew4qPHctnUIf4EKyvgt6pb43tWV9McWzy7U8qNDF3CQfZBWapHwNvvLF+4Kqf4
bKRqvUALt2OEBKkUinWvTo8DnMEYn6m6SQqJx9DlkPkQesqO6Pbjv90yWoKWiaL/
rapnxSvKGqTj/AxC4hpajj77u8F68z4Y2hsb80jJ5mFqd6oLwzhLvOlDmFeLAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUJtXBExy+VZhbOFU0NS7R40wYJRMwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02
N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvNy8zMjJlMzUzODJlMzczMjJlMzAy
ZjMyMzMyZDMyMzQyMDNkM2UyMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjpIMA0GCSqGSIb3DQEB
CwUAA4IBAQAue/x4jkk6OwT6qdYfx6p5F84YPpkp3FadRIqgG8yo+Wzq4gF+MVow
MS5TEdZxeCYw0Z1VxDDU7yJNUVZAivwlR+NBT90vbXgMJhY0dh+d2Ctho5PN+8mQ
38a8hSkg7qPWPvKoDstaPpEJ1H0JEQpypyKMaBxUXDnBFLDgw+4OhoGxJNVu44f9
evhjNdC19EdghuGAtVI/XUXxKDLEWIW1AwVzfuVHpN/7Xtvh6AK2guu45VH4zd+s
epeknDF4w7nzzBs0RJKDENxrUxd88Rn8dmON7/lCRhIAdK0NrDIZkHwyGoNFHt5e
IkOSK2JZKMeqBykgr6uDvgc8DFXb7fdS
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:53:16 2025 by rpki-client