Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663333303a3a2f34342d3438203d3e20323134303330.roa
File: 326131343a373538303a663333303a3a2f34342d3438203d3e20323134303330.roa (raw, json)
Hash identifier: E8taggS6sI4q0LKjH6/GmLcIK3Cj0Fw4lwLi8ILdzT4=
Subject key identifier: AE:9D:52:EA:08:3A:7B:F5:3E:FB:46:4B:E6:77:90:50:4B:04:AD:2E
Certificate issuer: /CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4
Certificate serial: 27D0BECAB195DBCF158CF6663C3E431C312D7000
Authority key identifier: F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663333303a3a2f34342d3438203d3e20323134303330.roa
Signing time: Sun 10 Nov 2024 14:50:36 +0000
ROA not before: Sun 10 Nov 2024 14:45:36 +0000
ROA not after: Sun 09 Nov 2025 14:50:36 +0000
asID: 214030
IP address blocks: 2a14:7580:f330::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:d0:be:ca:b1:95:db:cf:15:8c:f6:66:3c:3e:43:1c:31:2d:70:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4
Validity
Not Before: Nov 10 14:45:36 2024 GMT
Not After : Nov 9 14:50:36 2025 GMT
Subject: CN=AE9D52EA083A7BF53EFB464BE67790504B04AD2E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:c7:2a:5f:24:51:ba:58:6b:d4:04:6d:63:3e:
db:2e:d2:a8:29:d7:d0:b2:79:31:eb:7f:16:d0:9e:
13:91:8f:78:f4:90:24:33:ee:eb:66:52:e1:f6:74:
d5:d0:14:cf:93:86:fd:39:89:42:93:f2:41:e4:df:
c5:7f:fa:78:2e:f7:84:46:fe:09:bc:34:a7:82:13:
14:17:ff:b6:1b:e3:04:94:44:fb:db:81:0c:a2:b7:
2f:43:cb:b7:57:e9:cf:be:3a:c8:e6:a7:d7:bb:2f:
84:8c:df:31:20:3f:a4:f0:eb:63:cf:ca:51:19:8d:
2e:42:ad:51:f9:7a:13:70:83:38:23:c7:23:6d:0c:
6d:a7:6c:0a:95:18:bc:f6:b6:0d:c1:ee:98:e9:97:
9b:4d:76:d4:0a:50:ea:ca:e0:5a:6b:3e:a3:27:cf:
47:7d:27:b7:7e:9b:68:03:0b:10:b2:73:b3:5d:bc:
17:f8:6b:fa:0d:6c:53:6c:56:83:46:f9:0a:55:c1:
9a:a7:54:a3:a0:d2:95:00:55:03:40:94:c5:78:3b:
1d:03:35:2e:02:0e:c2:72:a8:bc:e0:9c:8f:32:23:
89:6e:c2:16:76:7d:c2:42:7e:96:1a:dd:dd:f8:08:
74:a3:07:3f:05:92:21:5e:24:12:a7:a9:ff:26:a9:
6e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:9D:52:EA:08:3A:7B:F5:3E:FB:46:4B:E6:77:90:50:4B:04:AD:2E
X509v3 Authority Key Identifier:
keyid:F4:00:72:FF:DC:0F:1B:15:A6:9E:5B:C7:9A:2F:58:8C:F9:39:F4:F4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F40072FFDC0F1B15A69E5BC79A2F588CF939F4F4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/19aa9da7-f1e4-4d98-bf95-9fdfcf448f77/0/326131343a373538303a663333303a3a2f34342d3438203d3e20323134303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:f330::/44
Signature Algorithm: sha256WithRSAEncryption
9a:f5:d1:ca:ab:d8:b3:00:ca:d2:ff:f8:38:24:8f:ba:60:79:
ec:05:07:d2:9c:4a:43:29:8e:d7:d3:f7:5e:9b:bb:df:dd:ef:
64:2f:24:b3:dd:a6:a0:4b:0f:a8:c8:b0:63:0c:97:e4:ac:1f:
87:ee:7b:0c:84:e3:5c:b1:4a:09:5f:42:b9:1b:7f:1b:7e:2c:
d3:24:82:18:ad:2a:2f:38:6d:2b:20:d9:ce:c4:3b:03:22:7c:
e8:55:84:75:9c:75:05:60:9a:44:4d:0e:d9:9c:6e:5a:87:28:
42:f9:40:de:4a:2c:60:68:27:06:b8:b0:2c:a5:6d:d7:e2:5d:
a9:a2:81:47:94:97:d9:35:f0:38:13:06:87:a5:f5:60:4a:42:
32:a6:c1:67:84:fb:15:06:29:cf:e5:e0:90:88:13:ec:13:24:
07:f3:4e:05:e1:62:c2:5b:0d:1a:6f:37:99:eb:84:f4:fb:0f:
83:ee:1c:eb:60:ce:6e:f0:a4:6d:7e:92:d3:8d:ec:e5:a7:53:
6f:9d:b9:20:0f:5f:db:aa:e1:4c:88:93:42:fa:57:24:16:e7:
1a:c4:ec:02:d4:eb:eb:a2:a7:da:cb:53:b2:3d:9c:5a:1c:fd:
7b:f6:1f:50:39:1a:c1:b4:04:92:d9:01:7e:6e:20:a5:27:09:
10:b4:b0:b1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUJ9C+yrGV288VjPZmPD5DHDEtcAAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENG
OTM5RjRGNDAeFw0yNDExMTAxNDQ1MzZaFw0yNTExMDkxNDUwMzZaMDMxMTAvBgNV
BAMTKEFFOUQ1MkVBMDgzQTdCRjUzRUZCNDY0QkU2Nzc5MDUwNEIwNEFEMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMxypfJFG6WGvUBG1jPtsu0qgp
19CyeTHrfxbQnhORj3j0kCQz7utmUuH2dNXQFM+Thv05iUKT8kHk38V/+ngu94RG
/gm8NKeCExQX/7Yb4wSURPvbgQyity9Dy7dX6c++Osjmp9e7L4SM3zEgP6Tw62PP
ylEZjS5CrVH5ehNwgzgjxyNtDG2nbAqVGLz2tg3B7pjpl5tNdtQKUOrK4FprPqMn
z0d9J7d+m2gDCxCyc7NdvBf4a/oNbFNsVoNG+QpVwZqnVKOg0pUAVQNAlMV4Ox0D
NS4CDsJyqLzgnI8yI4luwhZ2fcJCfpYa3d34CHSjBz8FkiFeJBKnqf8mqW7vAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUrp1S6gg6e/U++0ZL5neQUEsErS4wHwYDVR0j
BBgwFoAU9ABy/9wPGxWmnlvHmi9YjPk59PQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMTlhYTlkYTctZjFlNC00ZDk4LWJmOTUtOWZkZmNmNDQ4
Zjc3LzAvRjQwMDcyRkZEQzBGMUIxNUE2OUU1QkM3OUEyRjU4OENGOTM5RjRGNC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNDAwNzJGRkRDMEYxQjE1QTY5RTVCQzc5
QTJGNTg4Q0Y5MzlGNEY0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xOWFhOWRhNy1mMWU0LTRkOTgtYmY5NS05ZmRmY2Y0NDhmNzcvMC8zMjYxMzEz
NDNhMzczNTM4MzAzYTY2MzMzMzMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MTM0MzAzMzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gPMwMA0GCSqGSIb3DQEBCwUAA4IBAQCa
9dHKq9izAMrS//g4JI+6YHnsBQfSnEpDKY7X0/dem7vf3e9kLySz3aagSw+oyLBj
DJfkrB+H7nsMhONcsUoJX0K5G38bfizTJIIYrSovOG0rINnOxDsDInzoVYR1nHUF
YJpETQ7ZnG5ahyhC+UDeSixgaCcGuLAspW3X4l2pooFHlJfZNfA4EwaHpfVgSkIy
psFnhPsVBinP5eCQiBPsEyQH804F4WLCWw0abzeZ64T0+w+D7hzrYM5u8KRtfpLT
jezlp1NvnbkgD1/bquFMiJNC+lckFucaxOwC1Ovroqfay1OyPZxaHP179h9QORrB
tASS2QF+biClJwkQtLCx
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:35 2025 by rpki-client