Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663430303a3a2f33382d3438203d3e203630323334.roa
File: 326131333a646638303a663430303a3a2f33382d3438203d3e203630323334.roa (raw, json)
Hash identifier: /gFZJ/o8snOcyuIjoie8lJpYsKGlNrowCkvxVG6gIgw=
Subject key identifier: DC:D5:05:65:DD:35:23:E5:99:BC:CD:00:9D:D6:FF:32:64:DE:A0:E3
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 31BB368A1607B90CF1916759CCAA1CC317C67D87
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663430303a3a2f33382d3438203d3e203630323334.roa
Signing time: Sun 06 Aug 2023 09:28:05 +0000
ROA not before: Sun 06 Aug 2023 09:23:05 +0000
ROA not after: Sun 04 Aug 2024 09:28:05 +0000
asID: 60234
IP address blocks: 2a13:df80:f400::/38 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:bb:36:8a:16:07:b9:0c:f1:91:67:59:cc:aa:1c:c3:17:c6:7d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Aug 6 09:23:05 2023 GMT
Not After : Aug 4 09:28:05 2024 GMT
Subject: CN=DCD50565DD3523E599BCCD009DD6FF3264DEA0E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:7a:b2:ca:31:cd:00:a3:91:23:72:c9:e4:4c:
7f:7a:52:03:cc:2d:34:53:7c:6e:42:bb:93:0f:88:
64:32:96:7c:d0:47:ed:82:32:95:d8:6a:e5:13:4b:
24:df:ad:46:c6:03:3d:5a:ac:0c:c5:65:ce:2a:de:
08:d3:0b:68:0d:6d:0f:b1:91:89:d2:e5:4c:8c:cd:
1e:2a:4f:20:d7:57:d8:29:b7:c1:ee:7e:1c:5c:33:
33:23:fb:58:ad:62:70:50:0d:1b:db:82:12:ec:00:
1a:40:37:10:8d:01:c4:e3:f0:c7:3b:03:c7:3c:2a:
2c:e1:3c:4f:61:ca:82:77:2a:c5:99:12:a1:ee:d8:
26:1d:51:9e:1e:56:78:cc:46:c3:d8:68:69:69:21:
d4:e2:89:d6:a0:eb:65:f4:c8:36:11:ee:aa:8a:f0:
45:fe:65:27:21:ee:1a:e2:79:03:b1:bb:c2:62:11:
a5:ea:df:6e:c3:1b:e3:d9:18:32:37:e2:83:9b:5b:
17:31:25:11:24:5a:8a:9f:fa:84:60:8d:37:23:bc:
44:66:1f:ca:62:5c:74:4a:8b:a8:a0:f8:d9:83:05:
8c:a5:4d:89:a0:f0:71:69:73:31:47:5b:2a:9d:38:
3c:ce:57:96:bb:f5:d3:f3:95:95:fd:d3:bb:f2:0e:
78:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:D5:05:65:DD:35:23:E5:99:BC:CD:00:9D:D6:FF:32:64:DE:A0:E3
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638303a663430303a3a2f33382d3438203d3e203630323334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:f400::/38
Signature Algorithm: sha256WithRSAEncryption
14:c5:1e:67:f4:0f:f8:c5:b0:f0:9b:63:c0:ad:85:9b:ad:5e:
7f:a3:07:10:2f:5c:9b:66:a3:22:fc:9d:b8:11:e6:aa:03:51:
dd:a3:50:08:3e:33:2c:2d:ba:0e:8d:4f:cc:d6:02:58:7f:d6:
d5:41:58:ce:42:fa:c3:15:7a:75:2a:cb:c9:53:4d:99:74:86:
ae:9d:0f:28:50:b3:40:b1:4c:2e:62:19:c4:3d:cf:9e:69:3b:
9d:56:fd:01:b6:32:a1:f7:fc:0f:09:57:6c:2f:3f:94:83:b7:
ae:3a:3b:ae:44:7e:d9:23:de:6f:c2:b0:59:1b:b6:2e:f5:cc:
b7:0a:45:e7:57:a5:35:c6:77:e4:21:22:9e:6b:5a:b1:85:5b:
49:7a:cb:1f:a0:be:4a:2f:ca:0e:f0:a3:d0:2e:f2:00:02:a1:
05:a7:c0:5d:92:2a:7c:7d:4d:18:75:56:28:7a:f6:ef:33:eb:
b2:3d:fa:91:e2:92:07:92:f9:5f:6e:6f:4c:13:1d:ad:76:7d:
fb:70:91:3d:df:d9:09:63:6c:1e:13:a7:f5:0c:68:14:a5:53:
84:4b:85:09:6c:5d:75:85:46:73:1e:ac:91:ae:0d:4d:bf:2a:
3a:40:59:0a:49:dc:e7:ad:57:73:a2:59:88:83:fd:97:3d:4f:
86:34:af:3c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUMbs2ihYHuQzxkWdZzKocwxfGfYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzA4MDYwOTIzMDVaFw0yNDA4MDQwOTI4MDVaMDMxMTAvBgNV
BAMTKERDRDUwNTY1REQzNTIzRTU5OUJDQ0QwMDlERDZGRjMyNjRERUEwRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXerLKMc0Ao5EjcsnkTH96UgPM
LTRTfG5Cu5MPiGQylnzQR+2CMpXYauUTSyTfrUbGAz1arAzFZc4q3gjTC2gNbQ+x
kYnS5UyMzR4qTyDXV9gpt8HufhxcMzMj+1itYnBQDRvbghLsABpANxCNAcTj8Mc7
A8c8KizhPE9hyoJ3KsWZEqHu2CYdUZ4eVnjMRsPYaGlpIdTiidag62X0yDYR7qqK
8EX+ZSch7hrieQOxu8JiEaXq327DG+PZGDI34oObWxcxJREkWoqf+oRgjTcjvERm
H8piXHRKi6ig+NmDBYylTYmg8HFpczFHWyqdODzOV5a79dPzlZX907vyDnjXAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU3NUFZd01I+WZvM0Andb/MmTeoOMwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzI2MTMxMzMzYTY0NjYzODMw
M2E2NjM0MzAzMDNhM2EyZjMzMzgyZDM0MzgyMDNkM2UyMDM2MzAzMjMzMzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgIqE9+A9DANBgkqhkiG9w0BAQsFAAOCAQEAFMUeZ/QP+MWw8JtjwK2F
m61ef6MHEC9cm2ajIvyduBHmqgNR3aNQCD4zLC26Do1PzNYCWH/W1UFYzkL6wxV6
dSrLyVNNmXSGrp0PKFCzQLFMLmIZxD3Pnmk7nVb9AbYyoff8DwlXbC8/lIO3rjo7
rkR+2SPeb8KwWRu2LvXMtwpF51elNcZ35CEinmtasYVbSXrLH6C+Si/KDvCj0C7y
AAKhBafAXZIqfH1NGHVWKHr27zPrsj36keKSB5L5X25vTBMdrXZ9+3CRPd/ZCWNs
HhOn9QxoFKVThEuFCWxddYVGcx6ska4NTb8qOkBZCknc561Xc6JZiIP9lz1PhjSv
PA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org