Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a623430303a3a2f34302d3430203d3e2030.roa
File: 326130613a363034343a623430303a3a2f34302d3430203d3e2030.roa (raw, json)
Hash identifier: M7bO9cg+1yJEg7gD1NfsOkhKUqFGC1eQ7qqB8ckV3+k=
Subject key identifier: 13:3D:23:4D:DB:84:FC:21:A4:89:BC:84:D0:BE:66:31:EE:C3:42:95
Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial: 09DD78CC0AA54A5BB512FC52EDAEF80C40E02D8C
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a623430303a3a2f34302d3430203d3e2030.roa
Signing time: Sun 15 Jun 2025 22:30:03 +0000
ROA not before: Sun 15 Jun 2025 22:25:03 +0000
ROA not after: Sun 14 Jun 2026 22:30:03 +0000
asID: 0
IP address blocks: 2a0a:6044:b400::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:dd:78:cc:0a:a5:4a:5b:b5:12:fc:52:ed:ae:f8:0c:40:e0:2d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Validity
Not Before: Jun 15 22:25:03 2025 GMT
Not After : Jun 14 22:30:03 2026 GMT
Subject: CN=133D234DDB84FC21A489BC84D0BE6631EEC34295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:18:a5:57:a9:c0:29:1d:1d:9d:9a:67:ba:4d:
88:8d:67:27:75:ee:a8:9d:b3:9d:36:8e:cc:ea:16:
6c:8a:a3:6f:ad:d6:da:07:67:e1:c9:9b:ef:e1:da:
60:56:bb:18:c7:c0:1f:69:35:04:98:74:a9:43:a1:
8d:7c:3b:2b:b8:17:ec:d4:60:91:ca:1f:36:0c:92:
b1:e2:4c:c1:81:78:fd:2a:cd:49:34:45:10:64:f2:
9b:06:b9:5f:c1:35:cc:51:9c:04:69:ea:1f:09:b4:
3f:dd:67:28:ae:dc:0b:e1:82:a0:5e:12:e0:c7:ec:
ac:66:62:77:e0:60:60:ab:e2:99:58:bb:33:47:4d:
3d:0f:42:81:da:d6:a0:da:74:58:2a:40:7a:79:0b:
dc:5c:2e:f8:f6:d9:26:b7:96:bd:9f:d0:15:96:ed:
1a:67:8c:a9:5e:f3:6b:0f:d4:30:96:38:76:9f:93:
d2:ff:2f:27:3e:fc:bb:c4:4a:03:2e:cf:80:8a:85:
1e:df:72:cb:a0:1d:4a:c0:ed:9a:e1:9d:22:cd:be:
2f:b7:49:96:c1:64:98:b3:a9:84:46:0e:ee:49:13:
b2:1a:fe:e1:0f:36:74:11:61:bb:06:2c:e6:f5:5e:
96:28:1f:c0:2d:41:ad:48:e8:ea:76:78:de:70:ad:
b0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:3D:23:4D:DB:84:FC:21:A4:89:BC:84:D0:BE:66:31:EE:C3:42:95
X509v3 Authority Key Identifier:
keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/326130613a363034343a623430303a3a2f34302d3430203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:b400::/40
Signature Algorithm: sha256WithRSAEncryption
32:66:e7:c3:c9:9f:e8:3c:16:46:df:6b:02:3a:8a:00:ea:e0:
64:17:70:12:d3:41:4a:15:f6:f3:6a:f5:f7:73:c2:8d:d8:05:
60:c2:87:b2:0c:e5:16:49:35:64:fa:00:c8:af:b6:06:37:22:
80:5e:83:f5:6f:b5:4a:e7:4e:ba:01:82:5e:6e:3c:d7:4a:f6:
3f:37:61:e5:21:7d:d5:43:eb:17:fc:8e:ce:f6:7f:52:98:81:
8b:b2:7f:e6:74:b0:67:3e:8e:7c:89:d7:36:a1:63:37:46:3a:
64:ae:f3:5c:52:39:76:ad:7e:72:39:a6:fa:2b:41:0d:08:28:
bf:40:1c:93:80:ad:c7:87:7c:32:87:40:f0:6b:23:9f:fc:88:
31:cd:9b:fb:5b:65:c6:bf:ce:7b:d8:0a:9d:6a:b6:c9:2e:3c:
b0:b5:78:32:9b:1b:bf:db:85:73:3b:d9:5d:0f:b8:e7:2f:45:
1f:b1:94:2f:d4:f7:63:9c:9b:e0:79:77:e0:ef:13:5f:43:59:
2d:3a:ec:40:24:74:ec:a8:87:98:aa:eb:24:ac:17:b0:30:59:
25:a2:fb:66:90:41:56:bc:6d:3b:1a:0c:a1:dd:7b:24:cc:fe:
7a:9f:cd:6a:70:8b:ca:85:67:1d:e4:34:2f:98:04:30:79:10:
42:3d:c3:ac
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgIUCd14zAqlSlu1EvxS7a74DEDgLYwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA2MTUyMjI1MDNaFw0yNjA2MTQyMjMwMDNaMDMxMTAvBgNV
BAMTKDEzM0QyMzREREI4NEZDMjFBNDg5QkM4NEQwQkU2NjMxRUVDMzQyOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaGKVXqcApHR2dmme6TYiNZyd1
7qids502jszqFmyKo2+t1toHZ+HJm+/h2mBWuxjHwB9pNQSYdKlDoY18Oyu4F+zU
YJHKHzYMkrHiTMGBeP0qzUk0RRBk8psGuV/BNcxRnARp6h8JtD/dZyiu3AvhgqBe
EuDH7KxmYnfgYGCr4plYuzNHTT0PQoHa1qDadFgqQHp5C9xcLvj22Sa3lr2f0BWW
7RpnjKle82sP1DCWOHafk9L/Lyc+/LvESgMuz4CKhR7fcsugHUrA7ZrhnSLNvi+3
SZbBZJizqYRGDu5JE7Ia/uEPNnQRYbsGLOb1XpYoH8AtQa1I6Op2eN5wrbDvAgMB
AAGjggJvMIICazAdBgNVHQ4EFgQUEz0jTduE/CGkibyE0L5mMe7DQpUwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt
MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzMvMzI2MTMwNjEzYTM2MzAzNDM0
M2E2MjM0MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYA
KgpgRLQwDQYJKoZIhvcNAQELBQADggEBADJm58PJn+g8FkbfawI6igDq4GQXcBLT
QUoV9vNq9fdzwo3YBWDCh7IM5RZJNWT6AMivtgY3IoBeg/VvtUrnTroBgl5uPNdK
9j83YeUhfdVD6xf8js72f1KYgYuyf+Z0sGc+jnyJ1zahYzdGOmSu81xSOXatfnI5
pvorQQ0IKL9AHJOArceHfDKHQPBrI5/8iDHNm/tbZca/znvYCp1qtskuPLC1eDKb
G7/bhXM72V0PuOcvRR+xlC/U92Ocm+B5d+DvE19DWS067EAkdOyoh5iq6ySsF7Aw
WSWi+2aQQVa8bTsaDKHdeyTM/nqfzWpwi8qFZx3kNC+YBDB5EEI9w6w=
-----END CERTIFICATE-----
Generated at Fri Jul 25 03:54:30 2025 by rpki-client