Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562303a3a2f34342d3438203d3e20323033303639.roa
File: 326131313a323963303a396562303a3a2f34342d3438203d3e20323033303639.roa (raw, json)
Hash identifier: EzDrSU0tEdoyrWBny4WwvfoAYESt5HomMWAJ483CPZA=
Subject key identifier: 77:DF:9E:C4:6E:85:FC:FD:D9:DA:3D:7F:53:3C:10:9F:59:10:C5:A2
Certificate issuer: /CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Certificate serial: 34A9B1B9F053D2A3F45C7E9CF6C838590D0CD047
Authority key identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562303a3a2f34342d3438203d3e20323033303639.roa
Signing time: Tue 30 Jan 2024 06:33:23 +0000
ROA not before: Tue 30 Jan 2024 06:28:23 +0000
ROA not after: Tue 28 Jan 2025 06:33:23 +0000
asID: 203069
IP address blocks: 2a11:29c0:9eb0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:a9:b1:b9:f0:53:d2:a3:f4:5c:7e:9c:f6:c8:38:59:0d:0c:d0:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Validity
Not Before: Jan 30 06:28:23 2024 GMT
Not After : Jan 28 06:33:23 2025 GMT
Subject: CN=77DF9EC46E85FCFDD9DA3D7F533C109F5910C5A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d3:3d:4c:6d:ac:6f:9e:0a:8a:52:94:14:28:
bd:8a:e0:58:96:9f:b5:06:a3:61:e3:68:17:f5:89:
5e:80:63:6f:8a:3a:aa:78:c8:bd:ac:55:fe:5d:b7:
85:70:f1:30:60:f8:9b:eb:c0:1e:a5:b0:5d:57:10:
d0:18:5d:b1:77:ed:cd:ef:c3:37:b9:13:b7:ef:43:
80:41:3c:55:01:67:c2:4e:6d:01:ee:92:1f:2f:e3:
d6:27:f3:41:e8:b2:68:fb:71:43:b7:b9:54:ec:56:
a4:e5:8f:30:d6:76:c0:36:1a:a1:d8:3f:07:e6:c0:
e2:9b:f9:c3:e4:1b:8b:ff:3f:41:df:8f:19:ac:f8:
25:73:79:61:72:9f:98:43:a5:ae:80:50:7f:fb:fb:
9c:4e:0e:74:19:74:ab:b0:86:5a:93:77:a4:e8:ab:
98:c8:11:05:7a:8f:80:28:bb:28:71:1e:0f:41:80:
83:4c:c4:00:e8:91:ea:26:de:02:a6:95:29:cc:28:
f0:49:27:50:af:05:84:58:6a:9a:4c:fe:d2:6f:73:
2a:63:c7:34:0e:08:40:b2:8e:69:b0:33:04:5c:2c:
34:af:70:87:db:89:ca:e7:10:6f:52:87:f6:51:2d:
bf:a4:42:ae:f4:20:60:10:4a:55:84:26:65:98:36:
1c:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:DF:9E:C4:6E:85:FC:FD:D9:DA:3D:7F:53:3C:10:9F:59:10:C5:A2
X509v3 Authority Key Identifier:
keyid:32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562303a3a2f34342d3438203d3e20323033303639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9eb0::/44
Signature Algorithm: sha256WithRSAEncryption
68:52:3d:2c:d4:7f:de:d4:1b:27:58:85:2b:bd:fb:45:45:59:
91:38:32:77:34:77:45:4f:fa:7b:c4:7e:9c:15:34:65:0c:e5:
87:95:6f:f6:f2:aa:5e:31:8b:86:4f:10:e4:72:14:b5:5d:47:
a7:fe:24:f4:62:8a:bf:7f:00:cd:17:1b:33:2b:25:61:7b:01:
31:05:46:c9:ed:b7:63:02:15:bf:fe:e6:93:28:69:74:20:f0:
e7:ef:57:4b:50:e4:b0:20:fa:35:cb:ba:d3:15:d3:05:ef:56:
ab:3a:94:bb:03:37:3f:4f:b8:08:3c:6f:7b:99:0c:25:a7:fb:
da:cc:7f:f3:cc:02:d2:56:90:41:6f:77:ac:37:29:17:2e:d9:
79:d8:92:00:ad:ec:d5:29:c1:94:20:63:92:7b:50:7e:76:c9:
8b:d0:71:83:f3:b7:11:46:bd:49:c0:e4:5a:ed:b3:90:79:24:
1a:24:50:c8:f2:aa:f3:a6:31:b1:65:4d:a7:4e:c0:0b:95:59:
73:8a:b6:28:71:94:87:40:92:e5:e9:e3:64:f2:9b:96:36:7d:
8a:29:1b:c9:c3:09:1d:f3:19:02:97:98:ea:4c:d4:bb:ea:db:
80:f3:8b:d7:77:c2:e1:c9:6a:f7:b2:6d:07:d3:4d:f7:51:59:
62:82:d8:fd
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUNKmxufBT0qP0XH6c9sg4WQ0M0EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVC
NEQxQjBDNDAeFw0yNDAxMzAwNjI4MjNaFw0yNTAxMjgwNjMzMjNaMDMxMTAvBgNV
BAMTKDc3REY5RUM0NkU4NUZDRkREOURBM0Q3RjUzM0MxMDlGNTkxMEM1QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0z1MbaxvngqKUpQUKL2K4FiW
n7UGo2HjaBf1iV6AY2+KOqp4yL2sVf5dt4Vw8TBg+JvrwB6lsF1XENAYXbF37c3v
wze5E7fvQ4BBPFUBZ8JObQHukh8v49Yn80Hosmj7cUO3uVTsVqTljzDWdsA2GqHY
PwfmwOKb+cPkG4v/P0Hfjxms+CVzeWFyn5hDpa6AUH/7+5xODnQZdKuwhlqTd6To
q5jIEQV6j4AouyhxHg9BgINMxADokeom3gKmlSnMKPBJJ1CvBYRYappM/tJvcypj
xzQOCECyjmmwMwRcLDSvcIfbicrnEG9Sh/ZRLb+kQq70IGAQSlWEJmWYNhxRAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUd9+exG6F/P3Z2j1/UzwQn1kQxaIwHwYDVR0j
BBgwFoAUMjmKFAahwdMjymPLMg/9HrTRsMQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzgvMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVCNEQxQjBDNC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjM5OEExNDA2QTFDMUQzMjNDQTYzQ0Iz
MjBGRkQxRUI0RDFCMEM0LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xYmY4ZTk3Ny03Mjc4LTQ2Y2YtYWJkMS05OWNkMWZkMmJlNGUvOC8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5NjU2MjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MDMzMzAzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhEpwJ6wMA0GCSqGSIb3DQEBCwUAA4IBAQBo
Uj0s1H/e1BsnWIUrvftFRVmRODJ3NHdFT/p7xH6cFTRlDOWHlW/28qpeMYuGTxDk
chS1XUen/iT0Yoq/fwDNFxszKyVhewExBUbJ7bdjAhW//uaTKGl0IPDn71dLUOSw
IPo1y7rTFdMF71arOpS7Azc/T7gIPG97mQwlp/vazH/zzALSVpBBb3esNykXLtl5
2JIArezVKcGUIGOSe1B+dsmL0HGD87cRRr1JwORa7bOQeSQaJFDI8qrzpjGxZU2n
TsALlVlzirYocZSHQJLl6eNk8puWNn2KKRvJwwkd8xkCl5jqTNS76tuA84vXd8Lh
yWr3sm0H0033UVligtj9
-----END CERTIFICATE-----
Generated at Mon Jul 1 20:56:00 2024 by rpki-client on console-fra.rpki-client.org