Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638353a653830303a3a2f33382d3438203d3e20323039303235.roa
File: 326131333a646638353a653830303a3a2f33382d3438203d3e20323039303235.roa (raw, json)
Hash identifier: 28Yy6tz0FFy7Ua91Vp0My5pIltEJ/5kkWbvxbf0oz+Q=
Subject key identifier: 10:CB:F4:4B:49:08:99:E5:CD:73:81:AC:80:61:83:E5:9E:47:0E:D2
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 43BD89637E9A6608BA1BC8D74C88D1202244FA78
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638353a653830303a3a2f33382d3438203d3e20323039303235.roa
Signing time: Wed 06 Dec 2023 11:59:55 +0000
ROA not before: Wed 06 Dec 2023 11:54:55 +0000
ROA not after: Wed 04 Dec 2024 11:59:55 +0000
asID: 209025
IP address blocks: 2a13:df85:e800::/38 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:bd:89:63:7e:9a:66:08:ba:1b:c8:d7:4c:88:d1:20:22:44:fa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 6 11:54:55 2023 GMT
Not After : Dec 4 11:59:55 2024 GMT
Subject: CN=10CBF44B490899E5CD7381AC806183E59E470ED2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:0d:f1:54:36:0d:93:f9:8d:e5:01:e1:06:49:
3c:1b:41:f9:ce:80:36:83:d4:e7:ca:75:e5:71:d1:
f6:77:67:9d:15:f1:d2:18:99:0c:2a:f1:23:87:89:
1f:d0:ed:cf:f0:e4:07:31:7f:74:30:40:cc:6f:81:
19:a5:0a:a1:f3:12:07:49:ab:18:58:2f:69:a3:03:
94:f9:80:37:53:24:81:fb:2e:47:7d:4d:7b:68:38:
60:9e:0c:9e:b3:de:31:25:7d:44:3c:7f:37:8e:49:
9c:76:1f:35:a3:1c:3c:8e:e9:6e:19:f1:9c:d1:57:
26:7a:26:f5:0c:15:0e:79:72:fa:34:ba:a9:22:87:
70:ad:26:55:7b:7f:d5:87:1a:e9:69:8e:d7:00:e4:
e6:e4:c0:30:23:c8:8f:67:c7:70:af:ee:a3:59:04:
74:6c:26:9d:19:4e:35:48:9f:17:df:64:8f:21:13:
c5:83:0c:94:be:9e:9f:c3:45:4a:be:b4:96:73:c0:
72:8f:58:ec:fd:36:10:ab:0c:06:e3:51:d2:cf:b6:
75:5e:1c:ac:4d:60:63:cc:5f:45:08:fc:e3:d7:da:
64:b1:98:89:8b:e8:cd:5c:6d:9c:e3:1b:4d:ac:ad:
4f:89:38:51:56:06:5f:08:79:82:1a:02:62:5c:fd:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CB:F4:4B:49:08:99:E5:CD:73:81:AC:80:61:83:E5:9E:47:0E:D2
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/326131333a646638353a653830303a3a2f33382d3438203d3e20323039303235.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:e800::/38
Signature Algorithm: sha256WithRSAEncryption
7f:aa:1c:aa:ee:a1:53:52:ff:56:52:f6:37:eb:15:51:d8:29:
1f:b9:ed:44:17:41:5d:cc:e5:f9:3e:73:e8:93:2e:38:7e:59:
d8:42:ef:25:15:dc:a2:0f:a4:a6:d3:8d:9e:9a:80:fd:bd:13:
00:4f:cb:53:a7:eb:c5:df:6e:ca:2f:cb:8f:c2:ff:17:95:f7:
30:06:d0:ec:66:49:43:ad:ef:06:22:2d:1b:23:12:36:20:e0:
9a:ba:3b:30:ea:32:05:0a:d7:49:05:d0:b1:2b:dc:aa:a2:29:
8d:46:55:ac:64:f2:b8:93:1f:32:14:a2:9e:43:6c:7e:da:40:
4b:15:e6:38:8b:5c:30:6d:2e:dd:d9:9f:d0:be:7b:40:4f:9c:
57:4d:8f:28:33:21:1d:d4:a7:7f:b5:4c:fd:73:f4:e1:48:ba:
59:99:fc:54:eb:3c:94:96:62:61:a9:68:3e:c2:61:d1:d2:b0:
69:77:1c:d5:48:c9:47:43:08:69:84:7e:75:0c:64:eb:2a:e4:
e4:28:5b:e7:c9:36:d3:8f:06:ac:13:9f:1c:78:b0:2d:58:03:
46:24:e3:b6:8c:0a:95:f9:ce:35:04:8d:42:79:f8:8c:ae:42:
28:23:94:9b:01:91:f1:e9:4a:33:b3:c8:2c:ab:72:c3:1f:e0:
ce:84:71:eb
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUQ72JY36aZgi6G8jXTIjRICJE+ngwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMDYxMTU0NTVaFw0yNDEyMDQxMTU5NTVaMDMxMTAvBgNV
BAMTKDEwQ0JGNDRCNDkwODk5RTVDRDczODFBQzgwNjE4M0U1OUU0NzBFRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXDfFUNg2T+Y3lAeEGSTwbQfnO
gDaD1OfKdeVx0fZ3Z50V8dIYmQwq8SOHiR/Q7c/w5Acxf3QwQMxvgRmlCqHzEgdJ
qxhYL2mjA5T5gDdTJIH7Lkd9TXtoOGCeDJ6z3jElfUQ8fzeOSZx2HzWjHDyO6W4Z
8ZzRVyZ6JvUMFQ55cvo0uqkih3CtJlV7f9WHGulpjtcA5ObkwDAjyI9nx3Cv7qNZ
BHRsJp0ZTjVInxffZI8hE8WDDJS+np/DRUq+tJZzwHKPWOz9NhCrDAbjUdLPtnVe
HKxNYGPMX0UI/OPX2mSxmImL6M1cbZzjG02srU+JOFFWBl8IeYIaAmJc/XJPAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUEMv0S0kImeXNc4GsgGGD5Z5HDtIwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYt
MWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYxNjdkLzAvMzI2MTMxMzMzYTY0NjYzODM1
M2E2NTM4MzAzMDNhM2EyZjMzMzgyZDM0MzgyMDNkM2UyMDMyMzAzOTMwMzIzNS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGAioT34XoMA0GCSqGSIb3DQEBCwUAA4IBAQB/qhyq7qFTUv9WUvY3
6xVR2Ckfue1EF0FdzOX5PnPoky44flnYQu8lFdyiD6Sm042emoD9vRMAT8tTp+vF
327KL8uPwv8XlfcwBtDsZklDre8GIi0bIxI2IOCaujsw6jIFCtdJBdCxK9yqoimN
RlWsZPK4kx8yFKKeQ2x+2kBLFeY4i1wwbS7d2Z/QvntAT5xXTY8oMyEd1Kd/tUz9
c/ThSLpZmfxU6zyUlmJhqWg+wmHR0rBpdxzVSMlHQwhphH51DGTrKuTkKFvnyTbT
jwasE58ceLAtWANGJOO2jAqV+c41BI1CefiMrkIoI5SbAZHx6Uozs8gsq3LDH+DO
hHHr
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org