Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09f71023-9049-4ecb-a8a5-7f08d8ead676/1/326131343a373538313a363030303a3a2f33362d3438203d3e20323034383434.roa
File: 326131343a373538313a363030303a3a2f33362d3438203d3e20323034383434.roa (raw, json)
Hash identifier: Kcf1QRYEJfczCfOHcRWwddAWc71UJKDi3P9jLYnnmxY=
Subject key identifier: C6:26:28:30:56:62:09:F9:91:BE:DC:58:42:9C:11:11:F0:DA:5E:18
Certificate issuer: /CN=81E218874C7149A0F1BC56CDBEC9F94BF59C204F
Certificate serial: 33F6B96D2B3133403F614DEDA523B12BF3853740
Authority key identifier: 81:E2:18:87:4C:71:49:A0:F1:BC:56:CD:BE:C9:F9:4B:F5:9C:20:4F
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/81E218874C7149A0F1BC56CDBEC9F94BF59C204F.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09f71023-9049-4ecb-a8a5-7f08d8ead676/1/326131343a373538313a363030303a3a2f33362d3438203d3e20323034383434.roa
Signing time: Mon 10 Mar 2025 13:39:08 +0000
ROA not before: Mon 10 Mar 2025 13:34:08 +0000
ROA not after: Mon 09 Mar 2026 13:39:08 +0000
asID: 204844
IP address blocks: 2a14:7581:6000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:f6:b9:6d:2b:31:33:40:3f:61:4d:ed:a5:23:b1:2b:f3:85:37:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81E218874C7149A0F1BC56CDBEC9F94BF59C204F
Validity
Not Before: Mar 10 13:34:08 2025 GMT
Not After : Mar 9 13:39:08 2026 GMT
Subject: CN=C6262830566209F991BEDC58429C1111F0DA5E18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ac:2a:49:ae:02:cd:d9:77:bf:9e:24:8e:7c:
01:ca:06:ff:91:67:59:74:b4:fe:b4:38:8b:d0:8b:
87:19:64:00:82:51:58:1d:4e:c9:30:8d:c1:21:d0:
5d:cd:65:18:70:2c:27:36:6f:72:5f:69:86:7d:ba:
37:f6:6e:0a:5e:cc:c2:d7:18:da:2b:e3:84:1e:6b:
91:f9:7e:d3:1e:9c:06:7f:87:7f:28:10:58:30:ab:
c0:4e:4d:2c:2a:a7:96:4e:9f:40:53:be:ae:a6:2e:
74:25:ef:01:0b:5d:ac:db:c8:26:e3:03:85:e3:f0:
ae:b0:65:50:a7:30:a4:56:2b:96:c1:e7:a9:5a:04:
f4:7c:4e:ba:e7:3a:93:2f:91:00:d4:cc:ae:aa:aa:
da:bf:0b:85:b4:76:59:a5:4a:9e:a3:f4:59:af:b3:
b0:f3:bc:f4:11:25:d2:f1:e7:c3:37:98:35:03:6c:
11:55:ca:79:ae:90:93:84:b3:e8:82:7a:d8:56:73:
02:2d:3f:7c:bf:c1:6f:47:b5:31:d4:81:50:08:aa:
55:32:38:45:65:15:12:e6:2f:16:ad:9d:f3:00:37:
03:ab:15:c6:36:b8:a1:1a:d6:fc:57:da:f6:e3:bd:
e9:c5:b9:82:51:25:b4:78:cd:db:b3:82:f4:a9:01:
ea:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:26:28:30:56:62:09:F9:91:BE:DC:58:42:9C:11:11:F0:DA:5E:18
X509v3 Authority Key Identifier:
keyid:81:E2:18:87:4C:71:49:A0:F1:BC:56:CD:BE:C9:F9:4B:F5:9C:20:4F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09f71023-9049-4ecb-a8a5-7f08d8ead676/1/81E218874C7149A0F1BC56CDBEC9F94BF59C204F.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/81E218874C7149A0F1BC56CDBEC9F94BF59C204F.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09f71023-9049-4ecb-a8a5-7f08d8ead676/1/326131343a373538313a363030303a3a2f33362d3438203d3e20323034383434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:6000::/36
Signature Algorithm: sha256WithRSAEncryption
66:f0:50:5a:cc:a0:50:2a:25:35:af:3f:a2:8c:cb:b7:05:7d:
ec:12:a6:d0:66:a4:4d:a6:f4:4b:67:56:4c:59:06:b4:98:d1:
b8:be:62:68:1e:e5:7e:db:48:b9:3a:29:88:c0:ad:52:94:b5:
70:e8:1d:b1:6e:53:ad:67:13:e9:bf:75:2f:ef:08:76:3d:63:
23:0d:c5:07:7a:c9:1e:39:86:55:9c:3a:75:9a:42:d2:6d:82:
ed:c1:cc:07:47:ca:69:84:f6:52:23:ae:24:3d:9a:5f:0c:f2:
ec:20:79:bf:62:0f:f1:ba:61:66:11:cf:4e:08:80:e8:26:c9:
fc:e1:66:73:21:bf:25:99:9d:e3:8b:72:a0:22:07:5f:3b:21:
c0:ad:cc:87:98:e6:1f:30:5b:fe:84:d5:ed:b5:fd:b1:66:df:
42:61:bd:6c:14:bb:d7:5e:37:c1:e6:c4:03:fb:36:e0:fb:70:
ba:4e:df:91:bc:1b:f2:2d:43:e2:5e:4d:7b:b9:5a:de:df:b1:
e4:4b:15:db:73:46:4f:aa:d5:90:83:fe:cf:95:d5:1b:19:d8:
7c:62:b6:0e:11:fe:ab:8c:21:c7:48:ac:5d:03:be:fb:ed:ad:
f9:e5:f4:02:b5:fe:24:ba:f5:22:69:8c:e6:69:a2:ae:7d:bd:
c3:e5:a8:50
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUM/a5bSsxM0A/YU3tpSOxK/OFN0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODFFMjE4ODc0QzcxNDlBMEYxQkM1NkNEQkVDOUY5NEJG
NTlDMjA0RjAeFw0yNTAzMTAxMzM0MDhaFw0yNjAzMDkxMzM5MDhaMDMxMTAvBgNV
BAMTKEM2MjYyODMwNTY2MjA5Rjk5MUJFREM1ODQyOUMxMTExRjBEQTVFMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0rCpJrgLN2Xe/niSOfAHKBv+R
Z1l0tP60OIvQi4cZZACCUVgdTskwjcEh0F3NZRhwLCc2b3JfaYZ9ujf2bgpezMLX
GNor44Qea5H5ftMenAZ/h38oEFgwq8BOTSwqp5ZOn0BTvq6mLnQl7wELXazbyCbj
A4Xj8K6wZVCnMKRWK5bB56laBPR8TrrnOpMvkQDUzK6qqtq/C4W0dlmlSp6j9Fmv
s7DzvPQRJdLx58M3mDUDbBFVynmukJOEs+iCethWcwItP3y/wW9HtTHUgVAIqlUy
OEVlFRLmLxatnfMANwOrFcY2uKEa1vxX2vbjvenFuYJRJbR4zduzgvSpAeppAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUxiYoMFZiCfmRvtxYQpwREfDaXhgwHwYDVR0j
BBgwFoAUgeIYh0xxSaDxvFbNvsn5S/WcIE8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDlmNzEwMjMtOTA0OS00ZWNiLWE4YTUtN2YwOGQ4ZWFk
Njc2LzEvODFFMjE4ODc0QzcxNDlBMEYxQkM1NkNEQkVDOUY5NEJGNTlDMjA0Ri5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84MUUyMTg4NzRDNzE0OUEwRjFCQzU2Q0RC
RUM5Rjk0QkY1OUMyMDRGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wOWY3MTAyMy05MDQ5LTRlY2ItYThhNS03ZjA4ZDhlYWQ2NzYvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM2MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz
MDM0MzgzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1gWAwDQYJKoZIhvcNAQELBQADggEBAGbw
UFrMoFAqJTWvP6KMy7cFfewSptBmpE2m9EtnVkxZBrSY0bi+Ymge5X7bSLk6KYjA
rVKUtXDoHbFuU61nE+m/dS/vCHY9YyMNxQd6yR45hlWcOnWaQtJtgu3BzAdHymmE
9lIjriQ9ml8M8uwgeb9iD/G6YWYRz04IgOgmyfzhZnMhvyWZneOLcqAiB187IcCt
zIeY5h8wW/6E1e21/bFm30JhvWwUu9deN8HmxAP7NuD7cLpO35G8G/ItQ+JeTXu5
Wt7fseRLFdtzRk+q1ZCD/s+V1RsZ2Hxitg4R/quMIcdIrF0Dvvvtrfnl9AK1/iS6
9SJpjOZpoq59vcPlqFA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:39 2025 by rpki-client