Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562383a3a2f34362d3438203d3e203136353039.roa
File: 326131313a323963303a396562383a3a2f34362d3438203d3e203136353039.roa (raw, json)
Hash identifier: et596bH8tUxjFHs2a6/cNPZoQPevbHRyR0lQ65/r2nA=
Subject key identifier: AC:45:75:98:7F:DB:6C:B9:30:33:44:DE:02:C5:BA:55:5B:4C:87:CC
Certificate issuer: /CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Certificate serial: 4E7465CEE1148E36D38A38FEBE9EE65C837B3052
Authority key identifier: 32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562383a3a2f34362d3438203d3e203136353039.roa
Signing time: Tue 30 Jan 2024 06:33:20 +0000
ROA not before: Tue 30 Jan 2024 06:28:20 +0000
ROA not after: Tue 28 Jan 2025 06:33:20 +0000
asID: 16509
IP address blocks: 2a11:29c0:9eb8::/46 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:74:65:ce:e1:14:8e:36:d3:8a:38:fe:be:9e:e6:5c:83:7b:30:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4
Validity
Not Before: Jan 30 06:28:20 2024 GMT
Not After : Jan 28 06:33:20 2025 GMT
Subject: CN=AC4575987FDB6CB9303344DE02C5BA555B4C87CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:57:db:27:27:45:50:97:41:14:7c:a1:16:f1:
34:46:3d:ee:2d:a7:45:38:f0:f9:8d:35:d4:b9:b2:
28:de:18:27:17:c3:83:23:d1:44:fe:f6:3b:1b:35:
7b:70:5e:d5:35:41:f2:9b:18:49:36:ac:02:e4:2a:
48:38:03:a8:39:8e:34:a4:f8:4e:2f:df:37:12:4f:
42:09:1a:a2:6a:cf:4b:fe:0e:30:4d:25:bd:61:5e:
73:8d:6c:11:59:29:44:21:8f:e3:c5:f7:09:da:5c:
2a:87:5d:b9:24:00:0b:e1:ac:b3:70:3d:2e:9c:a4:
4e:4a:83:90:3a:50:86:95:21:20:ab:55:a0:e8:8b:
66:4e:ff:3b:68:ba:b7:ab:dd:87:26:c9:ad:9a:53:
bb:d1:a1:9d:e8:e1:e3:0c:e9:6b:bb:c8:5d:70:a4:
84:9b:8b:e8:5f:74:f2:0e:76:f7:09:98:0b:5d:ff:
32:f4:bd:43:be:9e:97:ab:27:a8:d7:6a:99:f5:68:
d2:23:27:c5:14:01:a4:3b:0e:c0:c7:bf:bc:05:26:
78:57:10:27:0b:4c:3b:9a:61:27:eb:2b:b0:d6:0f:
da:a2:f3:71:a4:8d:ab:c7:54:95:4c:7f:d0:b2:60:
22:51:23:92:ea:2f:e2:29:e2:1e:79:cd:17:93:ad:
28:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:45:75:98:7F:DB:6C:B9:30:33:44:DE:02:C5:BA:55:5B:4C:87:CC
X509v3 Authority Key Identifier:
keyid:32:39:8A:14:06:A1:C1:D3:23:CA:63:CB:32:0F:FD:1E:B4:D1:B0:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/32398A1406A1C1D323CA63CB320FFD1EB4D1B0C4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bf8e977-7278-46cf-abd1-99cd1fd2be4e/8/326131313a323963303a396562383a3a2f34362d3438203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9eb8::/46
Signature Algorithm: sha256WithRSAEncryption
71:3b:d9:90:c7:ca:81:9a:0c:43:8b:f2:72:ff:e3:e3:c4:48:
95:9c:d4:61:5d:47:2b:cf:46:cf:e9:2d:0c:aa:f2:d2:d9:df:
06:ae:ee:e4:1a:78:03:49:f2:37:67:81:b9:13:d0:c9:52:d2:
b7:33:1f:16:35:4d:b9:ef:9c:a3:13:b3:d1:de:da:3b:3a:5d:
4c:15:83:ae:4f:c1:b5:e0:a2:c0:b4:8d:89:7c:b6:25:ed:69:
03:8d:e5:43:48:95:e4:c4:8b:65:12:7f:71:e1:36:7d:63:a3:
95:d3:0d:b1:9a:93:d5:2d:50:40:e8:20:64:8e:92:de:38:aa:
80:ad:09:77:f7:18:80:3b:8b:4c:4d:8a:df:60:01:b8:e3:17:
40:08:1d:24:95:11:23:36:58:cc:58:6b:45:fe:6a:26:7d:2d:
51:71:2b:91:02:79:2e:9f:88:ca:14:91:d5:6a:14:19:1d:83:
5f:d8:39:ce:c7:7c:df:fb:a6:ad:19:99:80:4e:a9:97:d3:db:
8f:14:91:60:1f:1e:3b:cd:fc:db:0c:1f:e4:05:94:15:56:86:
21:8a:78:fd:7a:aa:ac:5c:bd:0c:58:d0:de:fe:aa:f2:b2:8b:
06:22:af:52:58:c1:0a:1e:c1:62:04:9f:33:3a:0c:9c:ea:2b:
a6:a2:a2:d5
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUTnRlzuEUjjbTijj+vp7mXIN7MFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVC
NEQxQjBDNDAeFw0yNDAxMzAwNjI4MjBaFw0yNTAxMjgwNjMzMjBaMDMxMTAvBgNV
BAMTKEFDNDU3NTk4N0ZEQjZDQjkzMDMzNDRERTAyQzVCQTU1NUI0Qzg3Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgV9snJ0VQl0EUfKEW8TRGPe4t
p0U48PmNNdS5sijeGCcXw4Mj0UT+9jsbNXtwXtU1QfKbGEk2rALkKkg4A6g5jjSk
+E4v3zcST0IJGqJqz0v+DjBNJb1hXnONbBFZKUQhj+PF9wnaXCqHXbkkAAvhrLNw
PS6cpE5Kg5A6UIaVISCrVaDoi2ZO/ztourer3Ycmya2aU7vRoZ3o4eMM6Wu7yF1w
pISbi+hfdPIOdvcJmAtd/zL0vUO+nperJ6jXapn1aNIjJ8UUAaQ7DsDHv7wFJnhX
ECcLTDuaYSfrK7DWD9qi83GkjavHVJVMf9CyYCJRI5LqL+Ip4h55zReTrSgbAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUrEV1mH/bbLkwM0TeAsW6VVtMh8wwHwYDVR0j
BBgwFoAUMjmKFAahwdMjymPLMg/9HrTRsMQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJmOGU5NzctNzI3OC00NmNmLWFiZDEtOTljZDFmZDJi
ZTRlLzgvMzIzOThBMTQwNkExQzFEMzIzQ0E2M0NCMzIwRkZEMUVCNEQxQjBDNC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjM5OEExNDA2QTFDMUQzMjNDQTYzQ0Iz
MjBGRkQxRUI0RDFCMEM0LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xYmY4ZTk3Ny03Mjc4LTQ2Y2YtYWJkMS05OWNkMWZkMmJlNGUvOC8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5NjU2MjM4M2EzYTJmMzQzNjJkMzQzODIwM2QzZTIwMzEz
NjM1MzAzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHAioRKcCeuDANBgkqhkiG9w0BAQsFAAOCAQEAcTvZ
kMfKgZoMQ4vycv/j48RIlZzUYV1HK89Gz+ktDKry0tnfBq7u5Bp4A0nyN2eBuRPQ
yVLStzMfFjVNue+coxOz0d7aOzpdTBWDrk/BteCiwLSNiXy2Je1pA43lQ0iV5MSL
ZRJ/ceE2fWOjldMNsZqT1S1QQOggZI6S3jiqgK0Jd/cYgDuLTE2K32ABuOMXQAgd
JJURIzZYzFhrRf5qJn0tUXErkQJ5Lp+IyhSR1WoUGR2DX9g5zsd83/umrRmZgE6p
l9PbjxSRYB8eO8382wwf5AWUFVaGIYp4/XqqrFy9DFjQ3v6q8rKLBiKvUljBCh7B
YgSfMzoMnOorpqKi1Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:06 2025 by rpki-client