Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a62383a3a2f34372d3438203d3e20323135303037.roa
File: 326130623a346530373a62383a3a2f34372d3438203d3e20323135303037.roa (raw, json)
Hash identifier: J+eGJsEMZGX36lQ9tdx8bIXRVnJEFI3LmQRJ+DlwHMs=
Subject key identifier: C5:C9:B8:56:BB:A0:04:92:B1:60:72:34:37:7F:6F:DF:DF:F2:91:7C
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 39FF72F495A272C1FFB64B9EF7E0FD9D60992033
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a62383a3a2f34372d3438203d3e20323135303037.roa
Signing time: Fri 01 Nov 2024 08:19:47 +0000
ROA not before: Fri 01 Nov 2024 08:14:47 +0000
ROA not after: Fri 31 Oct 2025 08:19:47 +0000
asID: 215007
IP address blocks: 2a0b:4e07:b8::/47 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:ff:72:f4:95:a2:72:c1:ff:b6:4b:9e:f7:e0:fd:9d:60:99:20:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Nov 1 08:14:47 2024 GMT
Not After : Oct 31 08:19:47 2025 GMT
Subject: CN=C5C9B856BBA00492B1607234377F6FDFDFF2917C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:40:c6:41:a1:26:b3:d1:b4:7e:74:2a:e9:d0:
64:d8:b9:d0:94:1d:f7:fd:b7:43:4b:5f:ee:6e:c6:
cc:e0:45:e3:c7:e0:6c:96:f2:bc:df:b6:bf:ee:b3:
d5:11:78:0b:41:1f:39:7c:b4:75:9d:b4:8f:e9:12:
92:7c:47:1e:e6:96:4c:95:36:f1:70:8c:b3:77:a9:
61:8f:0f:75:f6:12:68:a7:43:0d:b8:00:c1:3d:ef:
6a:52:19:7f:22:5c:e9:b8:23:e0:12:41:7c:aa:fd:
28:7f:81:e4:4a:d1:ce:08:1e:e7:47:fa:26:5e:b2:
c0:e2:32:80:99:a8:9c:2e:85:52:df:6b:b0:29:e5:
fb:22:1e:03:d6:fa:68:6e:3e:35:d3:3a:6f:16:55:
1a:55:92:02:16:c6:64:2f:07:22:a5:82:c5:bc:e8:
54:f0:f0:65:2a:8d:68:d1:4b:3b:2d:be:2d:7c:17:
b3:55:5f:e6:54:55:2c:ba:48:5b:26:df:32:ba:03:
36:c9:95:76:86:f0:6e:4b:a9:26:59:79:77:88:a9:
85:38:01:a8:d5:b1:ce:5c:34:e5:e9:15:4b:37:7d:
a7:e1:c8:29:87:b8:25:96:23:ba:19:ac:1f:03:00:
fc:67:59:26:2f:45:2b:b5:6b:21:db:d1:12:52:7b:
8b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C9:B8:56:BB:A0:04:92:B1:60:72:34:37:7F:6F:DF:DF:F2:91:7C
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a62383a3a2f34372d3438203d3e20323135303037.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:b8::/47
Signature Algorithm: sha256WithRSAEncryption
2e:05:98:41:e6:30:c0:97:92:47:d7:8a:ff:e4:9a:ff:b4:b6:
93:54:cc:4f:50:f7:dc:97:e6:31:38:1c:25:40:55:60:ab:86:
a3:df:bb:64:55:4a:f6:5c:e9:a4:84:6e:a9:31:27:3f:7a:0b:
cd:04:fe:f0:80:77:6b:97:21:49:1b:b6:16:1d:90:0a:ec:9e:
ae:75:5f:74:92:d0:aa:6a:91:40:d8:0b:c6:76:4a:22:cc:cd:
e3:24:3b:99:c9:d5:6e:a6:a4:79:14:72:7c:1a:80:07:f8:22:
a5:22:5f:17:bd:7e:ef:aa:07:28:8b:93:de:eb:3c:cf:c3:62:
ca:63:75:48:49:8b:73:1c:1b:b1:4f:07:7b:9e:29:34:a3:f4:
bc:35:ce:95:33:23:31:cc:ae:75:0e:d5:0d:e6:49:95:cb:29:
9e:b4:2f:ee:b8:ca:6a:b9:bb:f9:01:ce:3c:6c:4a:39:84:5c:
61:c8:7a:98:af:6c:31:83:1b:2b:6a:db:02:23:87:88:05:f1:
fa:c9:60:13:60:06:f6:73:6b:a6:aa:2e:73:22:cb:4a:a8:d4:
1f:92:3b:fe:1f:e8:15:0f:7f:44:8e:d6:01:ba:0c:1a:60:a7:
0d:40:ed:96:63:73:0b:f0:ad:81:5d:1e:4a:09:a8:de:09:3e:
14:4b:20:50
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgIUOf9y9JWicsH/tkue9+D9nWCZIDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDExMDEwODE0NDdaFw0yNTEwMzEwODE5NDdaMDMxMTAvBgNV
BAMTKEM1QzlCODU2QkJBMDA0OTJCMTYwNzIzNDM3N0Y2RkRGREZGMjkxN0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHQMZBoSaz0bR+dCrp0GTYudCU
Hff9t0NLX+5uxszgRePH4GyW8rzftr/us9UReAtBHzl8tHWdtI/pEpJ8Rx7mlkyV
NvFwjLN3qWGPD3X2EminQw24AME972pSGX8iXOm4I+ASQXyq/Sh/geRK0c4IHudH
+iZessDiMoCZqJwuhVLfa7Ap5fsiHgPW+mhuPjXTOm8WVRpVkgIWxmQvByKlgsW8
6FTw8GUqjWjRSzstvi18F7NVX+ZUVSy6SFsm3zK6AzbJlXaG8G5LqSZZeXeIqYU4
AajVsc5cNOXpFUs3fafhyCmHuCWWI7oZrB8DAPxnWSYvRSu1ayHb0RJSe4u7AgMB
AAGjggKBMIICfTAdBgNVHQ4EFgQUxcm4VrugBJKxYHI0N39v39/ykXwwHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBswYIKwYBBQUHAQsEgaYwgaMwgaAGCCsGAQUF
BzALhoGTcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTYyMzgzYTNhMmYzNDM3MmQzNDM4MjAzZDNlMjAzMjMxMzUz
MDMwMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcB
Af8EEzARMA8EAgACMAkDBwEqC04HALgwDQYJKoZIhvcNAQELBQADggEBAC4FmEHm
MMCXkkfXiv/kmv+0tpNUzE9Q99yX5jE4HCVAVWCrhqPfu2RVSvZc6aSEbqkxJz96
C80E/vCAd2uXIUkbthYdkArsnq51X3SS0KpqkUDYC8Z2SiLMzeMkO5nJ1W6mpHkU
cnwagAf4IqUiXxe9fu+qByiLk97rPM/DYspjdUhJi3McG7FPB3ueKTSj9Lw1zpUz
IzHMrnUO1Q3mSZXLKZ60L+64ymq5u/kBzjxsSjmEXGHIepivbDGDGytq2wIjh4gF
8frJYBNgBvZza6aqLnMiy0qo1B+SO/4f6BUPf0SO1gG6DBpgpw1A7ZZjcwvwrYFd
HkoJqN4JPhRLIFA=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:05:26 2025 by rpki-client