Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: 1mjQTK2lJL4tc+S8VU0tMRSWqd4uZzYSjOZ3wTPofAQ=
Subject key identifier: AA:68:9B:7B:08:52:07:C7:5D:ED:04:82:0A:D0:CA:98:B4:66:76:06
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 3B470EA839E1ABB1FC3B59379949D8698F83C978
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa
Signing time: Mon 24 Mar 2025 06:09:02 +0000
ROA not before: Mon 24 Mar 2025 06:04:02 +0000
ROA not after: Mon 23 Mar 2026 06:09:02 +0000
asID: 216324
IP address blocks: 2a14:7581:105::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:47:0e:a8:39:e1:ab:b1:fc:3b:59:37:99:49:d8:69:8f:83:c9:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 24 06:04:02 2025 GMT
Not After : Mar 23 06:09:02 2026 GMT
Subject: CN=AA689B7B085207C75DED04820AD0CA98B4667606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b0:61:67:56:74:e4:b4:46:bb:18:9d:5c:83:
21:2d:37:72:14:74:e0:cb:68:0d:3f:49:fc:db:13:
c5:43:fa:c8:e7:09:a4:74:b7:25:28:75:77:54:cc:
3b:03:b3:ab:9e:50:7c:a7:c5:67:e2:4f:e4:5f:46:
5b:fb:16:e2:8f:23:f9:29:ac:d9:16:a4:09:7b:ea:
1a:db:d9:73:e5:e3:c7:f0:79:7c:48:a9:76:34:46:
b0:ed:3f:51:f0:11:0b:bb:74:bf:a2:e7:c1:9c:bd:
17:c8:d8:b7:0a:bc:71:a9:a4:ec:e5:98:d1:fb:be:
35:bd:52:91:6c:a2:03:bc:98:1c:8d:0d:fa:0a:df:
ef:89:fc:80:a3:b5:bc:37:93:39:4a:45:52:83:01:
8a:b7:d1:b5:40:5a:08:27:55:44:11:3a:c7:dd:12:
b3:38:b3:f7:47:8e:7d:df:3a:7d:59:9d:2a:ce:5e:
d1:e1:3a:2e:70:51:53:2e:2e:36:17:43:b8:87:a7:
43:3a:06:eb:e4:c4:0c:03:e3:c4:01:83:58:ba:58:
b2:4d:5a:52:b7:ac:c1:6c:e3:f8:69:ab:df:f0:f7:
ed:a8:63:e9:62:7e:75:25:81:77:1a:3b:b4:1b:33:
e4:a5:d9:53:db:ee:fe:ad:4c:d6:20:f5:1a:6c:c9:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:68:9B:7B:08:52:07:C7:5D:ED:04:82:0A:D0:CA:98:B4:66:76:06
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130353a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:105::/48
Signature Algorithm: sha256WithRSAEncryption
12:7e:38:94:a6:27:d3:6c:ab:e1:e0:54:f3:e3:82:4e:23:27:
9f:8d:2f:85:d9:9a:61:99:c6:35:d1:b1:a0:64:78:7a:83:fd:
45:0f:0f:41:1c:26:03:13:8a:17:6f:ff:4d:69:cd:0c:38:3d:
45:16:d8:aa:08:16:45:23:a0:a4:d9:31:0f:82:3a:44:ea:50:
6a:12:af:0d:28:f3:b0:ed:67:b8:6f:d6:e6:30:85:04:5f:20:
54:33:a6:f6:1c:49:b0:9d:ae:13:14:65:c9:fe:b3:a0:b1:f9:
58:ac:9d:e2:d0:2d:90:44:cf:3d:68:4a:c0:b5:f8:0d:a6:f1:
03:fc:50:d9:48:c1:1e:51:4f:b7:29:84:b7:a2:86:49:52:38:
90:33:09:51:42:aa:8b:74:e6:d9:74:03:5a:c9:3a:86:b5:36:
65:b9:3f:db:f1:2d:ca:62:6b:cd:80:9e:51:b9:e2:0a:5e:73:
31:d3:41:a9:22:cd:1d:b3:62:65:ea:90:29:8e:e3:1a:5c:c7:
96:08:c1:4d:75:eb:90:ca:53:f8:aa:1a:1c:62:92:5a:96:99:
02:bd:cf:ab:7e:c2:3d:a5:0b:4b:a8:b0:d1:ad:fd:18:71:ba:
b7:bd:65:26:12:a8:37:0e:20:21:3b:0a:52:df:24:98:28:39:
0e:1b:f7:c6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUO0cOqDnhq7H8O1k3mUnYaY+DyXgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMjQwNjA0MDJaFw0yNjAzMjMwNjA5MDJaMDMxMTAvBgNV
BAMTKEFBNjg5QjdCMDg1MjA3Qzc1REVEMDQ4MjBBRDBDQTk4QjQ2Njc2MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWsGFnVnTktEa7GJ1cgyEtN3IU
dODLaA0/SfzbE8VD+sjnCaR0tyUodXdUzDsDs6ueUHynxWfiT+RfRlv7FuKPI/kp
rNkWpAl76hrb2XPl48fweXxIqXY0RrDtP1HwEQu7dL+i58GcvRfI2LcKvHGppOzl
mNH7vjW9UpFsogO8mByNDfoK3++J/ICjtbw3kzlKRVKDAYq30bVAWggnVUQROsfd
ErM4s/dHjn3fOn1ZnSrOXtHhOi5wUVMuLjYXQ7iHp0M6BuvkxAwD48QBg1i6WLJN
WlK3rMFs4/hpq9/w9+2oY+lifnUlgXcaO7QbM+Sl2VPb7v6tTNYg9RpsyfzFAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUqmibewhSB8dd7QSCCtDKmLRmdgYwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBBTANBgkqhkiG9w0BAQsFAAOCAQEAEn44
lKYn02yr4eBU8+OCTiMnn40vhdmaYZnGNdGxoGR4eoP9RQ8PQRwmAxOKF2//TWnN
DDg9RRbYqggWRSOgpNkxD4I6ROpQahKvDSjzsO1nuG/W5jCFBF8gVDOm9hxJsJ2u
ExRlyf6zoLH5WKyd4tAtkETPPWhKwLX4DabxA/xQ2UjBHlFPtymEt6KGSVI4kDMJ
UUKqi3Tm2XQDWsk6hrU2Zbk/2/EtymJrzYCeUbniCl5zMdNBqSLNHbNiZeqQKY7j
GlzHlgjBTXXrkMpT+KoaHGKSWpaZAr3Pq37CPaULS6iw0a39GHG6t71lJhKoNw4g
ITsKUt8kmCg5Dhv3xg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:55 2025 by rpki-client