Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e2030.roa
File: 352e3235322e3134302e302f32322d3234203d3e2030.roa (raw, json)
Hash identifier: W4mTCqs1kwer1j2c/lQuTlBvBIGmEUbRqw9qLI22iTw=
Subject key identifier: 98:43:5B:42:BF:82:C9:EF:EC:42:0E:99:84:00:C4:76:73:12:78:04
Certificate issuer: /CN=5d70845822a61408ec2a5fd580c132da777f09d1
Certificate serial: 3EA278C60A8A01C6029A9AC38DA4CA61B1955A42
Authority key identifier: 5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e2030.roa
Signing time: Mon 27 Mar 2023 08:27:50 +0000
ROA not before: Mon 27 Mar 2023 08:22:50 +0000
ROA not after: Mon 25 Mar 2024 08:27:50 +0000
asID: 0
IP address blocks: 5.252.140.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:a2:78:c6:0a:8a:01:c6:02:9a:9a:c3:8d:a4:ca:61:b1:95:5a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d70845822a61408ec2a5fd580c132da777f09d1
Validity
Not Before: Mar 27 08:22:50 2023 GMT
Not After : Mar 25 08:27:50 2024 GMT
Subject: CN=98435B42BF82C9EFEC420E998400C47673127804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7e:79:89:cc:41:41:57:5d:cd:19:a4:0b:7a:
8e:34:d8:90:4e:fc:98:a7:3e:38:a1:00:6c:95:c3:
a0:30:7b:02:42:20:2f:21:83:ef:ed:5e:8a:0c:d9:
7b:54:b1:2e:88:8c:92:3e:7b:b8:a5:81:d6:87:d6:
d6:69:48:f8:ac:ac:a5:e6:43:cd:28:e9:18:2a:63:
68:31:20:03:39:92:27:5e:9e:be:ac:75:0b:bb:e9:
1c:c2:f4:f2:15:40:1d:28:dd:66:18:7c:2b:79:ed:
01:30:3b:f2:20:40:ee:c5:06:09:b9:ff:fa:2c:87:
f6:ab:3d:ed:54:7e:98:4e:03:19:ee:7a:db:fc:83:
05:5e:da:57:7a:8d:6f:78:18:dc:01:94:b1:7e:e4:
ca:2a:ed:a5:db:e2:fa:38:cf:df:6b:c5:ef:5b:31:
a9:74:ab:c3:f2:60:70:75:2c:df:5c:e0:24:b5:4c:
4c:3f:aa:ef:d4:ef:91:e2:d6:d6:94:06:eb:33:01:
b4:32:e7:f5:c8:6f:92:44:ce:c9:b0:93:09:a5:65:
e2:2b:e0:f1:52:a0:90:3c:94:e4:74:b3:21:bd:29:
bb:73:a5:45:c2:a0:63:e3:b8:88:93:93:1c:05:75:
66:9a:13:ee:cc:1e:59:3f:74:b2:54:10:bf:a6:00:
e6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:43:5B:42:BF:82:C9:EF:EC:42:0E:99:84:00:C4:76:73:12:78:04
X509v3 Authority Key Identifier:
keyid:5D:70:84:58:22:A6:14:08:EC:2A:5F:D5:80:C1:32:DA:77:7F:09:D1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/5D70845822A61408EC2A5FD580C132DA777F09D1.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XXCEWCKmFAjsKl_VgMEy2nd_CdE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/8/352e3235322e3134302e302f32322d3234203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.140.0/22
Signature Algorithm: sha256WithRSAEncryption
09:fd:2a:28:5c:9a:7f:d0:93:01:f3:05:54:1b:5c:ba:c8:9c:
3a:d3:10:e9:2e:1c:e6:29:a7:c6:1e:87:cd:f7:5d:2d:b7:8c:
53:0d:e7:1d:a6:83:5f:9f:ad:78:d5:b9:5c:21:b2:90:6f:05:
92:c6:af:61:26:dc:6f:2f:bd:ed:94:0c:6c:1d:e3:db:c1:d7:
25:5b:c6:15:24:9a:d3:16:db:ed:34:d6:4a:86:05:8b:1b:af:
14:2c:fb:c7:93:4b:a0:9b:8d:5b:9f:8c:b2:a9:fe:a2:89:0d:
71:09:c1:88:57:07:d6:76:44:54:c6:59:78:16:f3:90:50:22:
60:cc:a0:d3:a8:02:fd:1b:5d:8d:04:9c:44:dd:1d:20:e9:16:
fc:e2:c7:39:d9:b8:d6:15:41:0a:2c:aa:b7:8c:10:9a:42:e3:
ed:3d:70:1e:6b:fe:8c:ed:9a:84:d6:14:51:23:56:75:d2:da:
5e:e6:a7:a4:d3:e3:e8:75:69:2d:38:e9:5a:6f:54:ee:e8:46:
f3:6d:cd:91:6d:f4:23:6a:8d:95:7c:94:08:e4:ca:b7:92:b1:
a7:41:4c:54:1e:c1:c5:d4:2f:bd:f7:16:ec:ae:5f:38:a6:6f:
96:0f:c0:9d:19:02:b0:62:dc:ed:ab:8e:21:e1:df:b1:11:7a:
32:b4:fe:c4
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUPqJ4xgqKAcYCmprDjaTKYbGVWkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWQ3MDg0NTgyMmE2MTQwOGVjMmE1ZmQ1ODBjMTMyZGE3
NzdmMDlkMTAeFw0yMzAzMjcwODIyNTBaFw0yNDAzMjUwODI3NTBaMDMxMTAvBgNV
BAMTKDk4NDM1QjQyQkY4MkM5RUZFQzQyMEU5OTg0MDBDNDc2NzMxMjc4MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmfnmJzEFBV13NGaQLeo402JBO
/JinPjihAGyVw6AwewJCIC8hg+/tXooM2XtUsS6IjJI+e7ilgdaH1tZpSPisrKXm
Q80o6RgqY2gxIAM5kidenr6sdQu76RzC9PIVQB0o3WYYfCt57QEwO/IgQO7FBgm5
//osh/arPe1UfphOAxnuetv8gwVe2ld6jW94GNwBlLF+5Moq7aXb4vo4z99rxe9b
Mal0q8PyYHB1LN9c4CS1TEw/qu/U75Hi1taUBuszAbQy5/XIb5JEzsmwkwmlZeIr
4PFSoJA8lOR0syG9KbtzpUXCoGPjuIiTkxwFdWaaE+7MHlk/dLJUEL+mAOZdAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUmENbQr+Cye/sQg6ZhADEdnMSeAQwHwYDVR0j
BBgwFoAUXXCEWCKmFAjsKl/VgMEy2nd/CdEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzgvNUQ3MDg0NTgyMkE2MTQwOEVDMkE1RkQ1ODBDMTMyREE3NzdGMDlEMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hYQ0VXQ0ttRkFqc0tsX1ZnTUV5Mm5k
X0NkRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzgvMzUyZTMyMzUzMjJlMzEzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIF/IwwDQYJKoZI
hvcNAQELBQADggEBAAn9Kihcmn/QkwHzBVQbXLrInDrTEOkuHOYpp8Yeh833XS23
jFMN5x2mg1+frXjVuVwhspBvBZLGr2Em3G8vve2UDGwd49vB1yVbxhUkmtMW2+00
1kqGBYsbrxQs+8eTS6CbjVufjLKp/qKJDXEJwYhXB9Z2RFTGWXgW85BQImDMoNOo
Av0bXY0EnETdHSDpFvzixznZuNYVQQosqreMEJpC4+09cB5r/oztmoTWFFEjVnXS
2l7mp6TT4+h1aS046VpvVO7oRvNtzZFt9CNqjZV8lAjkyreSsadBTFQewcXUL733
FuyuXzimb5YPwJ0ZArBi3O2rjiHh37ERejK0/sQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:45:43 2025 by rpki-client