Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/36322e332e382e302f32342d3234203d3e20323031333431.roa
File: 36322e332e382e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: lJK3DkUiD9civ1bAFtYAVm6SwkqAwPO3Hp8qbv6ran8=
Subject key identifier: CF:7B:CB:05:1F:C5:8E:87:02:D0:AF:79:1C:C5:3C:48:B2:AD:E9:15
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 3D75F0EFC056E9207776ACF4851D81A885F85E72
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/36322e332e382e302f32342d3234203d3e20323031333431.roa
Signing time: Wed 27 Nov 2024 15:44:24 +0000
ROA not before: Wed 27 Nov 2024 15:39:24 +0000
ROA not after: Wed 26 Nov 2025 15:44:24 +0000
asID: 201341
IP address blocks: 62.3.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:75:f0:ef:c0:56:e9:20:77:76:ac:f4:85:1d:81:a8:85:f8:5e:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Nov 27 15:39:24 2024 GMT
Not After : Nov 26 15:44:24 2025 GMT
Subject: CN=CF7BCB051FC58E8702D0AF791CC53C48B2ADE915
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:62:c1:84:5c:63:c7:f8:a7:93:2d:b3:fe:8b:
e3:ad:2f:13:6f:3b:49:81:6b:99:77:b1:e8:70:1c:
bf:6a:8f:7d:57:cb:0e:d9:8e:27:93:dc:49:10:b9:
4c:f9:a9:81:17:88:01:96:44:64:c4:8c:d6:39:2b:
88:0a:1f:e6:2a:e0:f3:86:31:ec:70:17:07:b1:eb:
c9:14:74:87:c1:4b:b6:cc:57:e9:df:fb:a9:a5:20:
91:4c:c3:1b:25:2a:bc:8e:19:56:1a:2f:33:b2:01:
03:72:e1:f9:95:84:2e:d2:ff:ff:66:cd:b7:19:24:
b2:85:ab:8d:ed:97:48:0e:eb:7f:6b:6d:34:57:9c:
27:b9:3e:73:93:6d:82:3d:8b:53:f8:2a:1e:81:79:
5b:23:f8:af:c3:62:17:0a:58:61:d4:db:d4:71:02:
4c:b1:a0:e9:8c:b0:39:4b:1a:c0:00:e2:92:0e:57:
ff:5d:4e:33:79:e3:ad:84:90:01:26:96:94:93:2e:
6a:44:d6:4d:b4:7f:f3:58:5b:b1:1d:b4:ef:82:82:
eb:9e:bf:9a:3d:3a:24:28:34:65:1e:46:03:f0:c5:
9a:2b:70:ad:a5:20:37:c5:e0:89:f7:5a:bb:49:2b:
8f:94:0c:93:40:e5:3f:9f:3c:a0:82:af:70:e3:05:
2e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7B:CB:05:1F:C5:8E:87:02:D0:AF:79:1C:C5:3C:48:B2:AD:E9:15
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/36322e332e382e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.8.0/24
Signature Algorithm: sha256WithRSAEncryption
af:70:63:e2:06:2a:07:d3:d8:d3:7a:07:1a:1e:6b:b2:93:4e:
59:86:e9:13:38:05:aa:49:89:68:05:40:e4:db:2e:03:61:d5:
48:7a:b2:0c:ef:2b:ff:f5:82:76:0d:7b:63:45:3e:7c:e9:41:
de:b5:4c:1d:dd:32:f5:c6:f9:3b:d6:e3:12:82:50:9f:5e:3d:
81:db:67:ca:bb:a8:a0:7f:9f:da:9e:7a:fc:ac:be:37:25:f5:
02:e3:df:88:f0:78:a6:b5:3b:16:3b:d4:c8:56:15:10:1c:f2:
cc:e1:e7:fe:df:d9:c3:e1:09:a5:44:0b:dd:a6:ad:6c:36:b0:
2c:ed:c4:82:04:72:57:02:00:6b:9f:6e:87:07:21:7b:87:ab:
b6:1f:bc:ab:7b:9d:71:24:2f:e1:96:d6:cf:40:d2:24:05:96:
bf:eb:15:d4:a4:d9:e4:38:a7:65:86:9e:64:b0:01:12:7b:b2:
b1:97:fd:9b:da:9d:7d:b7:7c:73:60:11:94:cd:ba:6c:bd:c9:
d9:bb:44:40:ff:4a:dc:85:d6:8b:df:b0:21:69:63:74:85:8d:
40:5e:08:6e:16:1a:6b:0b:71:32:8f:59:9b:79:e7:0e:ca:8c:
3c:72:63:7c:42:41:26:fe:e7:32:cc:88:41:3e:ba:2f:85:3d:
76:3a:2d:27
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUPXXw78BW6SB3dqz0hR2BqIX4XnIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDExMjcxNTM5MjRaFw0yNTExMjYxNTQ0MjRaMDMxMTAvBgNV
BAMTKENGN0JDQjA1MUZDNThFODcwMkQwQUY3OTFDQzUzQzQ4QjJBREU5MTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEYsGEXGPH+KeTLbP+i+OtLxNv
O0mBa5l3sehwHL9qj31Xyw7ZjieT3EkQuUz5qYEXiAGWRGTEjNY5K4gKH+Yq4POG
MexwFwex68kUdIfBS7bMV+nf+6mlIJFMwxslKryOGVYaLzOyAQNy4fmVhC7S//9m
zbcZJLKFq43tl0gO639rbTRXnCe5PnOTbYI9i1P4Kh6BeVsj+K/DYhcKWGHU29Rx
AkyxoOmMsDlLGsAA4pIOV/9dTjN5462EkAEmlpSTLmpE1k20f/NYW7EdtO+Cguue
v5o9OiQoNGUeRgPwxZorcK2lIDfF4In3WrtJK4+UDJNA5T+fPKCCr3DjBS6rAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUz3vLBR/FjocC0K95HMU8SLKt6RUwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzYzMjJlMzMyZTM4MmUzMDJm
MzIzNDJkMzIzNDIwM2QzZTIwMzIzMDMxMzMzNDMxLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPgMIMA0G
CSqGSIb3DQEBCwUAA4IBAQCvcGPiBioH09jTegcaHmuyk05ZhukTOAWqSYloBUDk
2y4DYdVIerIM7yv/9YJ2DXtjRT586UHetUwd3TL1xvk71uMSglCfXj2B22fKu6ig
f5/annr8rL43JfUC49+I8HimtTsWO9TIVhUQHPLM4ef+39nD4QmlRAvdpq1sNrAs
7cSCBHJXAgBrn26HByF7h6u2H7yre51xJC/hltbPQNIkBZa/6xXUpNnkOKdlhp5k
sAESe7Kxl/2b2p19t3xzYBGUzbpsvcnZu0RA/0rchdaL37AhaWN0hY1AXghuFhpr
C3Eyj1mbeecOyow8cmN8QkEm/ucyzIhBProvhT12Oi0n
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:38:16 2025 by rpki-client