Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e203432333636.roa
File: 3130392e3233362e36322e302f32332d3234203d3e203432333636.roa (raw, json)
Hash identifier: J+v85cyizGP7nKajLhDwMOy8gxzLSTPzXneB+CL0U20=
Subject key identifier: 8F:64:DB:1C:48:F4:44:EC:8C:71:1C:FE:ED:0C:F1:9B:DE:34:A7:5D
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 7E09F608ED17C5A5E23F9AF1FBABF031F42F6C11
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e203432333636.roa
Signing time: Fri 31 Mar 2023 12:17:52 +0000
ROA not before: Fri 31 Mar 2023 12:12:52 +0000
ROA not after: Fri 29 Mar 2024 12:17:52 +0000
asID: 42366
IP address blocks: 109.236.62.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:09:f6:08:ed:17:c5:a5:e2:3f:9a:f1:fb:ab:f0:31:f4:2f:6c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 31 12:12:52 2023 GMT
Not After : Mar 29 12:17:52 2024 GMT
Subject: CN=8F64DB1C48F444EC8C711CFEED0CF19BDE34A75D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1e:60:af:9d:82:e1:3a:3e:dc:b3:60:60:ea:
99:ef:6c:ab:03:5b:11:ae:b8:1a:77:98:50:df:d8:
c7:89:78:6b:a0:49:1f:9e:e0:43:9e:9a:c2:f3:74:
2e:80:2a:16:2d:e2:82:1f:ab:7d:c0:4d:47:55:21:
f0:70:fd:52:e7:ae:7e:ff:74:ec:7f:d8:10:9d:7e:
82:7f:eb:ef:e5:75:ff:45:c9:ea:cd:0c:c1:e3:a1:
a2:a5:1d:2d:89:d3:ec:e4:45:20:7c:33:c8:dc:28:
20:98:93:4e:07:cd:6b:78:be:0f:34:6a:b1:8a:7b:
60:26:51:63:00:c9:fd:96:91:9b:4b:d9:ce:5e:b7:
96:d5:fd:30:2f:0f:b9:f8:74:7c:86:21:36:f6:0c:
45:cd:41:28:81:5e:00:29:7f:07:60:f5:ca:69:9f:
f6:85:fb:68:3f:0e:d4:7c:1f:82:69:00:44:18:06:
bd:13:1b:03:7c:ef:73:96:68:9d:3f:bf:79:9b:ca:
de:1e:9a:de:79:13:80:a7:be:df:f4:6e:72:af:4e:
14:1f:61:c5:dc:f3:61:9e:3e:4f:91:fe:8e:65:4d:
f0:c5:25:37:25:ec:a8:bc:f0:06:ae:8b:a2:ba:25:
a7:4d:31:4e:dc:d1:6f:2c:8d:d2:68:80:20:77:54:
b8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:64:DB:1C:48:F4:44:EC:8C:71:1C:FE:ED:0C:F1:9B:DE:34:A7:5D
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/3130392e3233362e36322e302f32332d3234203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.62.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:07:29:f3:a0:93:19:f7:14:70:bd:3d:34:02:17:6e:43:67:
33:bb:a4:ed:b8:52:c1:64:7d:e4:8e:c4:f7:0d:4d:b6:84:a9:
0d:56:3d:34:39:5a:3e:59:f4:83:1d:44:2d:80:3e:30:fe:d3:
13:86:b3:80:f0:f7:4a:78:9d:e9:a6:e8:1c:c5:8f:e5:f6:5f:
06:b1:0a:04:27:d2:59:e6:5c:1c:f1:bd:c9:46:aa:78:90:5c:
a7:9d:7b:36:13:39:f6:97:3a:bd:6b:22:c9:03:e3:6d:93:e2:
f3:5c:f8:b2:72:6d:97:19:0f:27:98:92:fe:fc:7e:17:ae:50:
35:af:e8:f9:2e:e2:55:75:04:d9:b1:06:66:c7:94:41:9c:2d:
71:e1:3b:9e:ed:6c:e4:9c:4d:f3:15:97:ea:af:88:31:68:26:
a5:fd:8d:a3:3f:2c:d8:a0:25:1f:04:ba:fb:fa:4a:57:d3:5a:
ba:49:15:80:e2:91:2f:e5:8b:3f:a9:66:1e:9a:04:e2:bd:95:
6b:2a:0f:bc:23:29:0a:39:48:24:3a:ff:94:c8:29:bd:83:4c:
09:20:af:d5:49:e9:ef:10:34:58:7c:81:b2:e0:05:3e:94:bd:
b0:56:ed:83:ec:cb:92:de:39:e2:4f:34:25:c9:e3:76:5a:9d:
83:68:68:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfgn2CO0XxaXiP5rx+6vwMfQvbBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMzExMjEyNTJaFw0yNDAzMjkxMjE3NTJaMDMxMTAvBgNV
BAMTKDhGNjREQjFDNDhGNDQ0RUM4QzcxMUNGRUVEMENGMTlCREUzNEE3NUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8HmCvnYLhOj7cs2Bg6pnvbKsD
WxGuuBp3mFDf2MeJeGugSR+e4EOemsLzdC6AKhYt4oIfq33ATUdVIfBw/VLnrn7/
dOx/2BCdfoJ/6+/ldf9FyerNDMHjoaKlHS2J0+zkRSB8M8jcKCCYk04HzWt4vg80
arGKe2AmUWMAyf2WkZtL2c5et5bV/TAvD7n4dHyGITb2DEXNQSiBXgApfwdg9cpp
n/aF+2g/DtR8H4JpAEQYBr0TGwN873OWaJ0/v3mbyt4emt55E4Cnvt/0bnKvThQf
YcXc82GePk+R/o5lTfDFJTcl7Ki88Aaui6K6JadNMU7c0W8sjdJogCB3VLiNAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUj2TbHEj0ROyMcRz+7Qzxm940p10wHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzEzMDM5MmUzMjMzMzYyZTM2
MzIyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMyMzMzNjM2LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
bew+MA0GCSqGSIb3DQEBCwUAA4IBAQAdBynzoJMZ9xRwvT00AhduQ2czu6TtuFLB
ZH3kjsT3DU22hKkNVj00OVo+WfSDHUQtgD4w/tMThrOA8PdKeJ3ppugcxY/l9l8G
sQoEJ9JZ5lwc8b3JRqp4kFynnXs2Ezn2lzq9ayLJA+Ntk+LzXPiycm2XGQ8nmJL+
/H4XrlA1r+j5LuJVdQTZsQZmx5RBnC1x4Tue7WzknE3zFZfqr4gxaCal/Y2jPyzY
oCUfBLr7+kpX01q6SRWA4pEv5Ys/qWYemgTivZVrKg+8IykKOUgkOv+UyCm9g0wJ
IK/VSenvEDRYfIGy4AU+lL2wVu2D7MuS3jniTzQlyeN2Wp2DaGj5
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:45:32 2025 by rpki-client