Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030363a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030363a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: OCwycLFdhR0H9q9Nq5Z6ber9UihoWUXuc2ODQ/3Q0LU=
Subject key identifier: 8D:CA:F2:B3:4E:8F:20:87:46:9F:B2:26:30:7D:AC:AE:20:AD:A1:9F
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 4705118FFE97BFE9F3C98C7BDA22C20A7915AC34
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030363a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:17 +0000
ROA not before: Wed 05 Mar 2025 15:57:17 +0000
ROA not after: Wed 04 Mar 2026 16:02:17 +0000
asID: 215364
IP address blocks: 2a14:7581:1006::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:05:11:8f:fe:97:bf:e9:f3:c9:8c:7b:da:22:c2:0a:79:15:ac:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:17 2025 GMT
Not After : Mar 4 16:02:17 2026 GMT
Subject: CN=8DCAF2B34E8F2087469FB226307DACAE20ADA19F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ea:ba:2e:29:73:36:c3:1f:79:55:bf:0d:94:
ef:89:ed:95:d9:83:13:21:bd:f6:db:43:46:5d:8f:
22:2e:b3:46:49:e4:1d:fd:ff:9e:68:75:8f:45:e1:
b8:71:70:36:21:51:62:24:38:c8:e0:26:76:bb:b4:
ec:0d:39:29:7f:99:0f:0d:af:38:f1:1e:1f:ae:60:
bb:45:d3:f5:5a:0e:7b:4b:21:55:82:b4:a3:aa:b5:
ec:ef:31:e8:90:14:e5:01:f2:fa:70:c7:37:93:78:
7a:4d:ca:1f:a8:03:3f:4f:c7:3b:ed:21:ee:be:59:
1c:ef:d1:3c:61:db:ab:fd:63:42:7d:49:24:36:28:
2c:c7:d5:dc:99:c7:42:56:d4:07:42:62:c8:f6:b3:
c5:95:34:01:ff:2b:c5:4e:ea:cb:41:d1:dd:65:ed:
0b:86:95:84:e4:22:65:a4:cd:f1:c8:1e:3e:23:7c:
af:a9:f9:49:ff:dc:c8:fa:d3:37:39:89:ab:a6:88:
fa:ba:3b:e5:7f:30:24:c8:ea:33:84:ad:36:c2:7c:
8c:f3:0b:3a:81:fb:e4:11:89:32:03:8c:ff:ef:55:
89:94:9c:33:df:73:fe:35:9e:16:87:3c:0a:57:62:
21:d7:50:c0:be:d5:eb:63:9c:a8:c8:1b:98:33:9d:
6f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CA:F2:B3:4E:8F:20:87:46:9F:B2:26:30:7D:AC:AE:20:AD:A1:9F
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030363a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1006::/48
Signature Algorithm: sha256WithRSAEncryption
80:3d:03:bd:81:b9:7a:ce:92:a7:ae:9f:85:eb:3d:6b:bb:6b:
e9:86:fc:bf:9f:24:f3:16:82:99:a1:ff:ca:e6:63:67:3f:71:
04:48:ec:be:19:8a:50:cb:eb:fb:ca:fe:5c:9d:bf:53:06:a1:
21:b7:2e:2a:66:8c:00:bd:0c:64:6b:cd:6a:f5:d1:6e:5c:6f:
4a:49:25:94:a3:36:87:97:09:b3:a3:93:3a:69:43:77:b0:40:
94:ae:34:bf:ed:4f:82:08:5b:df:60:58:01:02:bf:af:84:f6:
b2:c1:30:5c:82:9f:7b:c8:ac:3c:81:74:e3:1e:90:6a:7c:ae:
25:53:3c:71:eb:35:66:c2:64:04:09:cf:3b:35:f9:6a:24:7c:
c4:7f:b6:76:ae:bd:ae:a8:bf:ba:89:40:47:7a:05:49:4a:8d:
4d:25:0e:82:74:6f:82:0c:b6:ea:4a:5a:8c:7b:7b:c8:10:83:
14:83:3b:cc:cb:a0:05:f5:9e:5f:44:cb:81:83:6e:98:44:49:
24:58:40:92:d9:59:51:55:85:6e:37:8e:35:34:44:47:39:9b:
57:4a:99:8b:b5:5e:1a:c4:c3:e8:70:67:be:36:01:5f:06:33:
ab:43:c7:9c:dc:43:46:ad:c3:f9:f5:db:28:4e:a2:79:1b:1f:
8a:7d:1c:4a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIURwURj/6Xv+nzyYx72iLCCnkVrDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MTdaFw0yNjAzMDQxNjAyMTdaMDMxMTAvBgNV
BAMTKDhEQ0FGMkIzNEU4RjIwODc0NjlGQjIyNjMwN0RBQ0FFMjBBREExOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB6rouKXM2wx95Vb8NlO+J7ZXZ
gxMhvfbbQ0ZdjyIus0ZJ5B39/55odY9F4bhxcDYhUWIkOMjgJna7tOwNOSl/mQ8N
rzjxHh+uYLtF0/VaDntLIVWCtKOqtezvMeiQFOUB8vpwxzeTeHpNyh+oAz9Pxzvt
Ie6+WRzv0Txh26v9Y0J9SSQ2KCzH1dyZx0JW1AdCYsj2s8WVNAH/K8VO6stB0d1l
7QuGlYTkImWkzfHIHj4jfK+p+Un/3Mj60zc5iaumiPq6O+V/MCTI6jOErTbCfIzz
CzqB++QRiTIDjP/vVYmUnDPfc/41nhaHPApXYiHXUMC+1etjnKjIG5gznW8xAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjcrys06PIIdGn7ImMH2sriCtoZ8wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRAGMA0GCSqGSIb3DQEBCwUAA4IBAQCA
PQO9gbl6zpKnrp+F6z1ru2vphvy/nyTzFoKZof/K5mNnP3EESOy+GYpQy+v7yv5c
nb9TBqEhty4qZowAvQxka81q9dFuXG9KSSWUozaHlwmzo5M6aUN3sECUrjS/7U+C
CFvfYFgBAr+vhPaywTBcgp97yKw8gXTjHpBqfK4lUzxx6zVmwmQECc87NflqJHzE
f7Z2rr2uqL+6iUBHegVJSo1NJQ6CdG+CDLbqSlqMe3vIEIMUgzvMy6AF9Z5fRMuB
g26YREkkWECS2VlRVYVuN441NERHOZtXSpmLtV4axMPocGe+NgFfBjOrQ8ec3ENG
rcP59dsoTqJ5Gx+KfRxK
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:13 2025 by rpki-client