Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3335313a3a2f34382d3438203d3e20323135373239.roa
File: 326130663a383563313a3335313a3a2f34382d3438203d3e20323135373239.roa (raw, json)
Hash identifier: vb9xXREoRs+xO/QpI/IXxg73iwc4uf/4wgvPzNsJ2SM=
Subject key identifier: 9A:EC:F6:FF:B2:3F:76:7A:07:57:5E:D3:CD:E7:D5:FA:F5:99:36:E1
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 3649AAA1ED13002DB82593734E845EAA266C545B
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3335313a3a2f34382d3438203d3e20323135373239.roa
Signing time: Wed 06 Mar 2024 01:16:01 +0000
ROA not before: Wed 06 Mar 2024 01:11:01 +0000
ROA not after: Wed 05 Mar 2025 01:16:01 +0000
asID: 215729
IP address blocks: 2a0f:85c1:351::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:49:aa:a1:ed:13:00:2d:b8:25:93:73:4e:84:5e:aa:26:6c:54:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Mar 6 01:11:01 2024 GMT
Not After : Mar 5 01:16:01 2025 GMT
Subject: CN=9AECF6FFB23F767A07575ED3CDE7D5FAF59936E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:9c:f3:93:48:b0:bd:d7:1d:0c:ee:b6:c5:e5:
7b:a4:08:e5:37:2e:8b:c7:23:64:7a:95:f8:88:45:
a9:36:49:15:67:3e:1e:8d:73:2b:53:33:eb:0d:a5:
53:de:2d:04:33:84:ea:df:32:21:52:ec:d7:f2:ee:
97:12:76:80:f6:1e:d5:47:97:ed:f7:9c:1f:02:fd:
52:25:3e:86:d9:0c:36:ae:fa:e7:3b:53:3e:c3:68:
f2:55:8a:02:67:7e:6f:d3:1b:f2:be:70:5d:b3:e4:
74:ad:9b:ff:55:97:ec:fb:2e:8b:21:ba:32:5e:ac:
1f:24:e4:c7:b4:4a:47:eb:bc:8b:42:f1:a3:58:37:
f4:c8:ac:13:e9:91:b0:d9:49:c7:38:cc:6e:5b:d8:
dc:5b:a8:01:fe:29:40:ed:77:af:5f:76:e3:63:0e:
49:8e:04:9f:38:76:22:0d:c8:96:26:27:82:8a:0d:
01:6e:f7:07:a6:91:96:d7:a7:47:72:3a:a2:d4:fe:
5e:f4:11:e3:21:16:64:e8:38:f5:54:ca:53:b8:c7:
0a:09:75:eb:c8:c0:4c:ed:9b:a5:57:4a:0f:b0:d0:
24:e2:35:f6:2f:0f:38:c1:27:82:4f:a6:70:b0:18:
e0:fe:8c:51:35:8d:25:15:42:bd:79:38:43:33:d3:
ab:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:EC:F6:FF:B2:3F:76:7A:07:57:5E:D3:CD:E7:D5:FA:F5:99:36:E1
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3335313a3a2f34382d3438203d3e20323135373239.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:351::/48
Signature Algorithm: sha256WithRSAEncryption
64:a9:b2:da:16:14:02:2d:78:81:12:94:ba:aa:ea:10:42:fc:
a5:b6:28:01:29:ec:e6:bd:fb:6b:52:8f:79:3e:7a:f8:24:0c:
12:1a:1f:22:e8:11:50:01:94:fd:35:02:1e:b2:ab:00:40:e0:
ac:ed:60:d0:b8:2f:9f:e8:32:c7:6a:ec:09:28:c2:54:0b:86:
94:ea:ab:a3:19:f2:86:0e:39:4a:55:d2:a9:8b:08:8f:cd:92:
0c:b3:cb:35:72:f0:c6:8d:c9:dc:18:d3:bf:0c:9a:da:77:cd:
27:8d:7b:3d:55:9d:8e:b9:66:05:8a:d2:b9:77:05:83:48:02:
14:06:c5:b0:0c:34:a4:5f:b0:82:f8:76:77:48:bd:7b:5f:a5:
dc:e4:40:35:03:a1:ab:89:c1:37:46:44:27:d2:4e:12:b3:25:
0d:cf:14:c8:65:47:9b:90:4b:02:08:b4:fe:9c:4a:3e:4a:b7:
f3:8d:9a:84:67:d9:f5:55:74:26:af:26:1b:bc:0c:a7:aa:25:
a7:40:59:a6:00:cb:b2:f7:10:f6:dc:31:ce:4f:03:2d:e4:79:
ff:ec:55:ca:c4:5a:5f:e5:0a:b7:0f:72:1a:d7:c5:a1:ec:09:
d3:77:de:e2:cf:33:f1:81:e9:55:f5:79:37:80:fd:30:4c:0c:
69:a4:74:86
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUNkmqoe0TAC24JZNzToReqiZsVFswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDAzMDYwMTExMDFaFw0yNTAzMDUwMTE2MDFaMDMxMTAvBgNV
BAMTKDlBRUNGNkZGQjIzRjc2N0EwNzU3NUVEM0NERTdENUZBRjU5OTM2RTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDanPOTSLC91x0M7rbF5XukCOU3
LovHI2R6lfiIRak2SRVnPh6NcytTM+sNpVPeLQQzhOrfMiFS7Nfy7pcSdoD2HtVH
l+33nB8C/VIlPobZDDau+uc7Uz7DaPJVigJnfm/TG/K+cF2z5HStm/9Vl+z7Losh
ujJerB8k5Me0SkfrvItC8aNYN/TIrBPpkbDZScc4zG5b2NxbqAH+KUDtd69fduNj
DkmOBJ84diINyJYmJ4KKDQFu9wemkZbXp0dyOqLU/l70EeMhFmToOPVUylO4xwoJ
devIwEztm6VXSg+w0CTiNfYvDzjBJ4JPpnCwGOD+jFE1jSUVQr15OEMz06uJAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUmuz2/7I/dnoHV17TzefV+vWZNuEwHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTMzMzUzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM3MzIzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEDUTANBgkqhkiG9w0BAQsFAAOCAQEAZKmy
2hYUAi14gRKUuqrqEEL8pbYoASns5r37a1KPeT56+CQMEhofIugRUAGU/TUCHrKr
AEDgrO1g0Lgvn+gyx2rsCSjCVAuGlOqroxnyhg45SlXSqYsIj82SDLPLNXLwxo3J
3BjTvwya2nfNJ417PVWdjrlmBYrSuXcFg0gCFAbFsAw0pF+wgvh2d0i9e1+l3ORA
NQOhq4nBN0ZEJ9JOErMlDc8UyGVHm5BLAgi0/pxKPkq3842ahGfZ9VV0Jq8mG7wM
p6olp0BZpgDLsvcQ9twxzk8DLeR5/+xVysRaX+UKtw9yGtfFoewJ03fe4s8z8YHp
VfV5N4D9MEwMaaR0hg==
-----END CERTIFICATE-----
Generated at Sat Oct 12 19:35:32 2024 by rpki-client on console-fra.rpki-client.org