Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a6263363a3a2f34382d3438203d3e20323134333132.roa
File: 326130623a346530373a6263363a3a2f34382d3438203d3e20323134333132.roa (raw, json)
Hash identifier: IQCiJOrT/IGm+e39ccF3g0EprEEjvFJ2FvEIPxjdKvk=
Subject key identifier: C9:CB:BE:5C:44:25:A7:B4:1D:99:5D:03:DE:10:73:39:89:04:32:2B
Certificate issuer: /CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Certificate serial: 12C6E1139A20040A1C045030FC5CA24674A305F6
Authority key identifier: D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a6263363a3a2f34382d3438203d3e20323134333132.roa
Signing time: Mon 02 Sep 2024 11:55:50 +0000
ROA not before: Mon 02 Sep 2024 11:50:50 +0000
ROA not after: Mon 01 Sep 2025 11:55:50 +0000
asID: 214312
IP address blocks: 2a0b:4e07:bc6::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c6:e1:13:9a:20:04:0a:1c:04:50:30:fc:5c:a2:46:74:a3:05:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D18207466AB0A7D7D1EF3C7CD02E80BED58340BC
Validity
Not Before: Sep 2 11:50:50 2024 GMT
Not After : Sep 1 11:55:50 2025 GMT
Subject: CN=C9CBBE5C4425A7B41D995D03DE1073398904322B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:7c:f0:36:ec:66:7d:9b:ee:e9:3c:7d:08:ef:
6c:6e:2b:af:ca:8d:44:43:a8:02:c7:4d:1a:32:0e:
5d:06:c2:42:6d:32:7b:ed:7c:4f:d0:86:91:7c:e4:
ae:98:09:79:e0:e7:49:bc:48:9c:22:5d:23:b2:a9:
fc:00:54:9c:bb:0d:f9:f9:e2:c3:c6:9e:9b:1e:9f:
00:b5:4c:90:d1:ec:f1:ce:eb:d0:48:89:e0:b9:03:
33:6d:d7:cd:68:35:f9:2f:5a:21:4f:c6:dc:ab:98:
92:28:63:5f:45:6f:61:e0:a0:8c:98:48:0b:82:8f:
70:a8:03:2a:9b:b9:dd:da:4e:6b:9e:f8:03:df:54:
69:18:74:df:10:2b:52:b1:d3:0d:b3:d6:6a:59:39:
81:76:51:80:f8:5c:5e:3b:2e:c8:91:35:d8:8d:eb:
3a:86:8f:85:13:db:18:4c:a5:5e:d7:2e:91:c4:b0:
d9:b5:3a:d9:ea:4b:66:33:bc:1e:8b:9b:e1:b2:70:
f1:c7:da:50:ef:95:0e:5c:98:df:15:61:cf:5f:95:
1b:4c:2b:36:86:e4:f8:ba:5e:02:25:1a:0e:5b:53:
53:fc:80:fe:ab:6f:68:93:7a:31:e4:c9:45:0f:19:
e0:9a:5a:c1:40:36:fa:0e:58:f8:e1:89:d9:11:f4:
64:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:CB:BE:5C:44:25:A7:B4:1D:99:5D:03:DE:10:73:39:89:04:32:2B
X509v3 Authority Key Identifier:
keyid:D1:82:07:46:6A:B0:A7:D7:D1:EF:3C:7C:D0:2E:80:BE:D5:83:40:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/73b8ec01-8ba5-479f-a229-0ab70e4815bb/0/D18207466AB0A7D7D1EF3C7CD02E80BED58340BC.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/326130623a346530373a6263363a3a2f34382d3438203d3e20323134333132.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:bc6::/48
Signature Algorithm: sha256WithRSAEncryption
38:e7:78:a1:a9:99:ba:52:4a:0c:52:22:11:c6:f8:6a:2d:6a:
5c:99:1d:2d:f9:ff:e9:0a:ee:7c:19:ef:3c:39:ec:e9:c2:c3:
85:ea:df:03:a5:a0:ef:82:a1:4e:96:23:c2:50:57:86:22:ac:
75:a1:87:80:37:34:9e:00:43:f5:0d:cf:c5:ac:5f:21:d1:64:
32:5b:15:a8:51:22:b2:81:a2:13:02:ee:ae:0a:7c:57:24:b1:
38:b7:7d:ec:06:0a:bb:29:3c:2c:40:44:91:d8:f9:67:74:9d:
6c:9e:8b:c8:6a:37:77:4a:d9:96:7b:0d:f0:1d:c1:09:6e:41:
5f:ec:3b:1f:87:2e:f8:20:66:25:ef:01:d3:ec:40:ae:2d:ac:
7f:42:f9:f5:f7:8e:36:75:79:72:30:cc:ad:7c:b3:9f:56:38:
4e:b6:19:ca:73:07:bf:e7:64:b1:19:55:44:bb:c6:6c:02:3f:
da:df:50:3e:d1:a6:bb:46:4d:80:d1:b1:ed:7f:d6:65:fa:cc:
b4:2b:8e:a2:68:50:e2:d7:f4:4e:14:1c:9a:bc:89:a2:93:a7:
9a:4b:80:8a:2a:9e:e9:d3:fc:37:e5:ed:9f:5c:f5:42:17:c9:
c2:8c:47:31:c8:ae:be:b5:a4:1b:ee:9b:c2:cc:22:16:08:40:
e3:0a:77:5a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUEsbhE5ogBAocBFAw/FyiRnSjBfYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVE
NTgzNDBCQzAeFw0yNDA5MDIxMTUwNTBaFw0yNTA5MDExMTU1NTBaMDMxMTAvBgNV
BAMTKEM5Q0JCRTVDNDQyNUE3QjQxRDk5NUQwM0RFMTA3MzM5ODkwNDMyMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdfPA27GZ9m+7pPH0I72xuK6/K
jURDqALHTRoyDl0GwkJtMnvtfE/QhpF85K6YCXng50m8SJwiXSOyqfwAVJy7Dfn5
4sPGnpsenwC1TJDR7PHO69BIieC5AzNt181oNfkvWiFPxtyrmJIoY19Fb2HgoIyY
SAuCj3CoAyqbud3aTmue+APfVGkYdN8QK1Kx0w2z1mpZOYF2UYD4XF47LsiRNdiN
6zqGj4UT2xhMpV7XLpHEsNm1OtnqS2YzvB6Lm+GycPHH2lDvlQ5cmN8VYc9flRtM
KzaG5Pi6XgIlGg5bU1P8gP6rb2iTejHkyUUPGeCaWsFANvoOWPjhidkR9GSnAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUycu+XEQlp7QdmV0D3hBzOYkEMiswHwYDVR0j
BBgwFoAU0YIHRmqwp9fR7zx80C6AvtWDQLwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGM3MDQwMWMtN2Y0MS00YTZiLTk0MzQtY2M4MGRjYTA5
M2U2LzIvRDE4MjA3NDY2QUIwQTdEN0QxRUYzQzdDRDAyRTgwQkVENTgzNDBCQy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83M2I4ZWMwMS04YmE1LTQ3
OWYtYTIyOS0wYWI3MGU0ODE1YmIvMC9EMTgyMDc0NjZBQjBBN0Q3RDFFRjNDN0NE
MDJFODBCRUQ1ODM0MEJDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wYzcwNDAxYy03ZjQxLTRhNmItOTQzNC1jYzgwZGNhMDkzZTYvMi8zMjYxMzA2
MjNhMzQ2NTMwMzczYTYyNjMzNjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NDMzMzEzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoLTgcLxjANBgkqhkiG9w0BAQsFAAOCAQEAOOd4
oamZulJKDFIiEcb4ai1qXJkdLfn/6QrufBnvPDns6cLDherfA6Wg74KhTpYjwlBX
hiKsdaGHgDc0ngBD9Q3PxaxfIdFkMlsVqFEisoGiEwLurgp8VySxOLd97AYKuyk8
LEBEkdj5Z3SdbJ6LyGo3d0rZlnsN8B3BCW5BX+w7H4cu+CBmJe8B0+xAri2sf0L5
9feONnV5cjDMrXyzn1Y4TrYZynMHv+dksRlVRLvGbAI/2t9QPtGmu0ZNgNGx7X/W
ZfrMtCuOomhQ4tf0ThQcmryJopOnmkuAiiqe6dP8N+Xtn1z1QhfJwoxHMciuvrWk
G+6bwswiFghA4wp3Wg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:32:41 2025 by rpki-client