Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: J/2ajpwDKf6E9Q3DTjMfojSE4Io2RPp82MuQv5bNwJw=
Subject key identifier: A8:F1:73:6A:42:79:DA:29:6A:EF:87:1C:C7:32:78:FE:A0:A2:32:BB
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 3D87EBBF44B3833873866EE636522FBDA07DB07A
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 04 Feb 2025 15:01:56 +0000
ROA not before: Tue 04 Feb 2025 14:56:56 +0000
ROA not after: Tue 03 Feb 2026 15:01:56 +0000
asID: 216324
IP address blocks: 2a14:7581:101::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:87:eb:bf:44:b3:83:38:73:86:6e:e6:36:52:2f:bd:a0:7d:b0:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Feb 4 14:56:56 2025 GMT
Not After : Feb 3 15:01:56 2026 GMT
Subject: CN=A8F1736A4279DA296AEF871CC73278FEA0A232BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:5a:3b:d2:ed:04:77:06:2a:fe:04:da:61:4e:
8f:32:5a:ca:7c:51:6e:74:16:58:bd:81:13:86:2b:
e9:63:ab:a0:65:5f:98:87:50:f6:19:c1:a1:7f:0e:
71:33:4d:6e:8c:1b:bc:f5:c1:21:7a:2c:c6:84:bc:
f3:7d:ad:20:a7:c6:27:bb:dd:e9:14:7e:90:36:61:
29:8d:90:1f:2b:0d:c0:f6:b4:c7:c3:cd:d0:75:c3:
e7:73:0a:5e:b5:25:10:22:b0:8d:7c:45:66:08:3d:
12:c8:e1:74:24:3b:e2:3a:a2:75:b1:a0:ec:ba:a4:
ee:b2:94:38:bb:22:b3:eb:6c:97:12:73:df:34:6c:
16:ab:7b:32:2e:79:13:3d:0a:d2:61:98:05:3b:f1:
f8:88:b1:19:7e:d1:79:6d:e3:e8:07:49:ab:0e:f1:
8a:98:16:41:33:ae:6a:1f:f3:5f:7a:c5:62:e5:27:
9c:00:4b:99:39:ec:d4:e2:13:f7:03:62:a6:69:5f:
68:1a:e4:e8:47:0d:8d:bf:bc:d1:3f:8a:c8:74:fc:
cc:49:87:0e:9e:47:a7:08:cc:84:c9:d5:ec:ea:0d:
f9:0c:cd:be:57:c1:14:69:ad:ce:0f:8d:07:6f:54:
ed:1d:8a:5e:ec:56:50:44:7f:01:35:e1:f2:61:2c:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:F1:73:6A:42:79:DA:29:6A:EF:87:1C:C7:32:78:FE:A0:A2:32:BB
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130313a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:101::/48
Signature Algorithm: sha256WithRSAEncryption
1d:19:68:e6:bd:08:dc:c0:2d:ea:96:fe:b1:bb:ce:93:d2:aa:
34:b4:2a:20:31:28:bd:e4:11:8f:6f:23:d2:85:3e:9f:1d:61:
e5:31:f3:8f:28:42:c4:37:9d:c6:eb:1a:2f:dd:3b:02:cb:29:
7e:dc:29:a3:7a:62:52:63:8b:c9:cb:d6:8c:91:2d:91:6f:f0:
87:50:ca:c0:79:50:32:c0:a4:c3:50:77:3e:04:db:a2:2e:78:
df:d3:58:74:32:c8:71:fd:71:a8:fe:5d:5e:7f:90:4b:da:8c:
89:ed:b6:51:07:a2:69:d6:3e:fc:d1:97:d7:4a:7b:dd:3f:5a:
96:2f:c9:50:d7:25:7f:71:d1:54:86:36:e8:42:e3:b0:51:1e:
94:f8:d0:72:1c:22:01:ac:14:ff:72:a3:72:31:ac:ce:0c:b3:
d5:d1:06:6e:e0:7b:1b:1e:4b:f2:62:39:ca:e3:44:a0:0b:06:
91:72:8c:95:7c:d6:8a:d1:39:70:4e:81:53:ab:1b:e9:91:de:
4f:7a:89:ef:6c:ab:e5:77:ff:0c:4d:20:5c:fd:5c:b0:6b:b8:
68:83:13:97:62:81:82:bf:bd:78:e4:2b:b9:61:bf:ac:15:00:
d6:db:2b:9b:02:83:f8:69:b4:57:d7:28:98:9d:fd:36:1c:23:
7a:c0:ad:15
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUPYfrv0Szgzhzhm7mNlIvvaB9sHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAyMDQxNDU2NTZaFw0yNjAyMDMxNTAxNTZaMDMxMTAvBgNV
BAMTKEE4RjE3MzZBNDI3OURBMjk2QUVGODcxQ0M3MzI3OEZFQTBBMjMyQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbWjvS7QR3Bir+BNphTo8yWsp8
UW50Fli9gROGK+ljq6BlX5iHUPYZwaF/DnEzTW6MG7z1wSF6LMaEvPN9rSCnxie7
3ekUfpA2YSmNkB8rDcD2tMfDzdB1w+dzCl61JRAisI18RWYIPRLI4XQkO+I6onWx
oOy6pO6ylDi7IrPrbJcSc980bBarezIueRM9CtJhmAU78fiIsRl+0Xlt4+gHSasO
8YqYFkEzrmof8196xWLlJ5wAS5k57NTiE/cDYqZpX2ga5OhHDY2/vNE/ish0/MxJ
hw6eR6cIzITJ1ezqDfkMzb5XwRRprc4PjQdvVO0dil7sVlBEfwE14fJhLPOhAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUqPFzakJ52ilq74ccxzJ4/qCiMrswHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBATANBgkqhkiG9w0BAQsFAAOCAQEAHRlo
5r0I3MAt6pb+sbvOk9KqNLQqIDEoveQRj28j0oU+nx1h5THzjyhCxDedxusaL907
Asspftwpo3piUmOLycvWjJEtkW/wh1DKwHlQMsCkw1B3PgTboi5439NYdDLIcf1x
qP5dXn+QS9qMie22UQeiadY+/NGX10p73T9ali/JUNclf3HRVIY26ELjsFEelPjQ
chwiAawU/3KjcjGszgyz1dEGbuB7Gx5L8mI5yuNEoAsGkXKMlXzWitE5cE6BU6sb
6ZHeT3qJ72yr5Xf/DE0gXP1csGu4aIMTl2KBgr+9eOQruWG/rBUA1tsrmwKD+Gm0
V9comJ39NhwjesCtFQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:21 2025 by rpki-client