Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
File: 3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: /Dv9NGw0M0vhALWa42mTW6RyIKdtjiEq4ZBfLbAGwX0=
Subject key identifier: 7B:DF:BA:89:9F:D4:56:F5:6E:92:7A:1A:6B:19:DF:E4:7A:24:34:5F
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 62914FAFAA6DB251A40AECAF4C9FA555750042E6
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
Signing time: Wed 27 Nov 2024 15:44:24 +0000
ROA not before: Wed 27 Nov 2024 15:39:24 +0000
ROA not after: Wed 26 Nov 2025 15:44:24 +0000
asID: 62240
IP address blocks: 213.109.200.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:91:4f:af:aa:6d:b2:51:a4:0a:ec:af:4c:9f:a5:55:75:00:42:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Nov 27 15:39:24 2024 GMT
Not After : Nov 26 15:44:24 2025 GMT
Subject: CN=7BDFBA899FD456F56E927A1A6B19DFE47A24345F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:45:f1:cd:34:2d:fb:ca:79:ea:8e:b6:bc:
13:d7:bc:2c:3f:5e:9d:f9:1f:4f:55:21:1f:01:ca:
4f:ad:43:5b:39:20:aa:ab:a0:2b:9f:ad:10:98:5c:
0b:22:88:db:59:8e:92:c9:e9:6a:63:7c:af:d6:3b:
ba:0f:8e:ee:45:e3:4d:00:21:71:37:74:90:79:bb:
e5:00:53:61:7d:2e:a8:3e:91:44:b2:f4:fb:e6:6f:
98:a5:31:f5:9f:97:5c:27:71:6a:09:0b:4a:9d:37:
7b:ee:49:b4:ef:cf:77:34:dd:d7:89:75:d4:05:7b:
f8:f2:f0:af:7a:82:3a:f2:e1:a5:30:89:f4:0e:81:
a1:1e:5d:fc:a4:2d:b3:e3:62:9a:57:b3:3a:49:f3:
b5:c8:6d:e5:58:0f:78:86:88:dd:78:4d:72:44:c3:
10:83:a3:4e:32:ea:97:c1:db:52:bb:3f:de:cb:2c:
11:8e:72:f7:2a:27:99:5c:ea:4c:08:47:b2:ca:d3:
e3:49:af:c1:2c:18:6d:8f:6e:eb:4a:08:9b:bd:00:
d6:ba:5e:f9:a3:b8:01:ee:06:f1:49:45:be:e8:3d:
f5:2b:f1:11:35:b2:3f:1e:4e:4d:ff:81:e9:79:6d:
9f:e5:e6:99:d0:76:91:dc:1a:2d:3a:8f:ce:95:08:
1b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:DF:BA:89:9F:D4:56:F5:6E:92:7A:1A:6B:19:DF:E4:7A:24:34:5F
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/3231332e3130392e3230302e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.200.0/24
Signature Algorithm: sha256WithRSAEncryption
29:f7:7f:f3:dc:d1:e4:27:4c:4b:2e:65:9f:82:56:d5:34:04:
0f:d1:64:1e:59:a2:f6:91:df:71:31:5c:27:ff:9c:67:19:56:
04:cc:90:c7:5b:54:3a:84:b9:fd:01:1f:d3:bc:ac:74:59:28:
f4:44:8e:9a:e2:2b:c7:72:1b:c9:59:5c:1d:c3:b9:52:0e:47:
37:fa:8e:62:86:81:08:96:13:da:dc:2e:2e:b0:ec:ef:b8:8f:
f3:68:62:f3:1d:2b:f8:e8:de:ef:99:0d:48:af:43:7b:47:45:
0f:e0:9a:81:17:58:ad:63:f2:45:e5:db:12:c9:a0:cf:e8:3a:
ba:f5:19:c9:10:54:b0:08:f0:72:fa:bb:91:db:c3:3e:0e:b7:
3c:48:d6:5f:9f:8e:c3:bb:bc:91:7e:65:b2:52:2e:3c:9d:6d:
ba:04:2a:3b:47:2e:61:fa:81:9a:dd:07:79:d3:d4:71:4e:1c:
82:02:a5:d5:42:14:4b:27:7c:75:7f:8e:b7:61:ef:5d:ca:64:
6e:d2:12:24:9e:20:62:0c:b9:9d:07:7f:46:42:fa:5b:69:d3:
66:d4:e4:22:eb:46:ea:c4:e0:7f:e1:34:52:64:38:6b:bb:b0:
36:41:72:88:c1:40:c7:cb:d1:23:04:75:75:be:f2:e7:bd:a3:
65:c4:46:31
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYpFPr6ptslGkCuyvTJ+lVXUAQuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDExMjcxNTM5MjRaFw0yNTExMjYxNTQ0MjRaMDMxMTAvBgNV
BAMTKDdCREZCQTg5OUZENDU2RjU2RTkyN0ExQTZCMTlERkU0N0EyNDM0NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL+UXxzTQt+8p56o62vBPXvCw/
Xp35H09VIR8Byk+tQ1s5IKqroCufrRCYXAsiiNtZjpLJ6WpjfK/WO7oPju5F400A
IXE3dJB5u+UAU2F9Lqg+kUSy9Pvmb5ilMfWfl1wncWoJC0qdN3vuSbTvz3c03deJ
ddQFe/jy8K96gjry4aUwifQOgaEeXfykLbPjYppXszpJ87XIbeVYD3iGiN14TXJE
wxCDo04y6pfB21K7P97LLBGOcvcqJ5lc6kwIR7LK0+NJr8EsGG2PbutKCJu9ANa6
XvmjuAHuBvFJRb7oPfUr8RE1sj8eTk3/gel5bZ/l5pnQdpHcGi06j86VCBtHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUe9+6iZ/UVvVuknoaaxnf5HokNF8wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzIzMTMzMmUzMTMwMzkyZTMy
MzAzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzIzMjM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADVbcgwDQYJKoZIhvcNAQELBQADggEBACn3f/Pc0eQnTEsuZZ+CVtU0BA/RZB5Z
ovaR33ExXCf/nGcZVgTMkMdbVDqEuf0BH9O8rHRZKPREjpriK8dyG8lZXB3DuVIO
Rzf6jmKGgQiWE9rcLi6w7O+4j/NoYvMdK/jo3u+ZDUivQ3tHRQ/gmoEXWK1j8kXl
2xLJoM/oOrr1GckQVLAI8HL6u5Hbwz4OtzxI1l+fjsO7vJF+ZbJSLjydbboEKjtH
LmH6gZrdB3nT1HFOHIICpdVCFEsnfHV/jrdh713KZG7SEiSeIGIMuZ0Hf0ZC+ltp
02bU5CLrRurE4H/hNFJkOGu7sDZBcojBQMfL0SMEdXW+8ue9o2XERjE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:07 2025 by rpki-client