Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa
File: 326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa (raw, json)
Hash identifier: /HAH9nC8dPQ7yd0oAcO7DOwkfVMv8S3IiLfZ728qwqU=
Subject key identifier: 45:E4:54:BE:C8:8D:C5:DF:BD:43:F8:CC:F2:99:37:F6:59:4A:69:BE
Certificate issuer: /CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Certificate serial: 3A60395C226C9350E4A0A0E2298761CD03E49662
Authority key identifier: 06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa
Signing time: Tue 30 Apr 2024 06:36:09 +0000
ROA not before: Tue 30 Apr 2024 06:31:09 +0000
ROA not after: Tue 29 Apr 2025 06:36:09 +0000
asID: 216324
IP address blocks: 2a0f:85c1:600::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:60:39:5c:22:6c:93:50:e4:a0:a0:e2:29:87:61:cd:03:e4:96:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=069FAF47FF48AEF4C98F5097074530A74C111AB9
Validity
Not Before: Apr 30 06:31:09 2024 GMT
Not After : Apr 29 06:36:09 2025 GMT
Subject: CN=45E454BEC88DC5DFBD43F8CCF29937F6594A69BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ac:39:24:e4:d3:13:31:77:9d:57:37:95:98:
6b:dc:28:e8:0b:06:49:58:33:d8:99:0e:5f:d5:7b:
45:e7:2e:90:c5:9c:8d:cb:b8:8d:26:4f:01:55:c6:
6d:dd:fa:bc:61:76:c1:af:71:c3:4e:9a:07:71:59:
c7:c9:f7:39:73:a8:b5:31:fc:df:99:7e:4c:d7:50:
18:33:94:3a:0b:1e:58:0a:c5:b6:7f:6b:5f:af:80:
76:ce:10:f0:8c:5d:73:2b:a7:65:c7:f9:68:40:12:
d0:25:5d:7a:b8:2d:c8:08:f4:15:60:65:f8:86:e2:
4e:01:ce:d1:e9:dc:eb:39:51:b7:b0:b2:71:28:54:
83:f5:01:20:48:20:e4:8b:e6:74:01:e2:34:9c:a9:
c5:b3:db:7a:fa:ff:7a:0e:31:fc:e0:76:f0:72:6f:
5e:ab:15:63:96:ec:fd:29:08:0d:58:c5:fe:18:ec:
d1:29:4e:ce:32:0a:6f:cc:35:dc:a9:a0:05:24:9b:
35:c9:1c:b7:9d:b6:c0:d2:98:c4:9e:27:18:ba:50:
0c:44:94:f6:98:64:e5:b8:d2:46:e4:75:d7:a8:46:
06:2a:d6:18:46:e1:36:0d:62:6d:d6:f7:f0:2f:ba:
c3:16:d4:a5:cf:9a:10:b5:9e:7c:d2:9a:2b:e6:b5:
9e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E4:54:BE:C8:8D:C5:DF:BD:43:F8:CC:F2:99:37:F6:59:4A:69:BE
X509v3 Authority Key Identifier:
keyid:06:9F:AF:47:FF:48:AE:F4:C9:8F:50:97:07:45:30:A7:4C:11:1A:B9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/069FAF47FF48AEF4C98F5097074530A74C111AB9.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/069FAF47FF48AEF4C98F5097074530A74C111AB9.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/2/326130663a383563313a3630303a3a2f34302d3430203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:600::/40
Signature Algorithm: sha256WithRSAEncryption
96:78:f6:97:64:7a:91:37:2f:54:68:ca:98:24:34:54:be:5f:
5d:46:d2:a0:82:58:2b:0a:22:5a:fd:21:43:2a:73:33:a6:54:
c8:e0:40:04:19:02:c6:51:40:21:21:69:c9:b5:8f:b9:86:cd:
fa:fa:cd:6a:f3:55:f4:30:a8:27:54:b1:f7:c4:bf:e7:fb:77:
39:f0:64:e5:6d:1a:a0:f5:5e:6f:5d:19:1d:19:87:42:ce:6f:
75:96:da:ed:b8:47:df:e6:d6:55:3d:43:8d:a9:ce:d6:29:8b:
7e:79:5e:07:3d:04:13:6a:ab:14:c0:d7:db:d8:47:d1:39:c3:
0e:06:98:74:2a:32:3a:9d:f7:9a:f8:dd:65:20:24:4c:4e:c0:
9e:03:1f:7a:93:5d:65:de:72:84:c4:fa:46:92:8e:93:f1:9a:
c7:ea:7e:1a:be:e5:6f:9c:a9:0c:66:f0:96:8d:e5:3f:8d:81:
e2:0c:0c:93:c8:9b:a3:74:1d:17:cd:9e:fd:42:48:d1:5c:7b:
55:57:96:61:48:9e:f2:07:36:7b:67:5c:8e:fb:a3:ec:ab:06:
24:5b:40:04:11:6d:a8:30:cb:e6:de:47:08:a2:1f:1b:42:79:
29:07:c1:fb:10:b5:0a:a8:5b:ca:0d:bc:03:e4:78:6c:cc:55:
07:a1:44:59
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUOmA5XCJsk1DkoKDiKYdhzQPklmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0
QzExMUFCOTAeFw0yNDA0MzAwNjMxMDlaFw0yNTA0MjkwNjM2MDlaMDMxMTAvBgNV
BAMTKDQ1RTQ1NEJFQzg4REM1REZCRDQzRjhDQ0YyOTkzN0Y2NTk0QTY5QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3rDkk5NMTMXedVzeVmGvcKOgL
BklYM9iZDl/Ve0XnLpDFnI3LuI0mTwFVxm3d+rxhdsGvccNOmgdxWcfJ9zlzqLUx
/N+ZfkzXUBgzlDoLHlgKxbZ/a1+vgHbOEPCMXXMrp2XH+WhAEtAlXXq4LcgI9BVg
ZfiG4k4BztHp3Os5UbewsnEoVIP1ASBIIOSL5nQB4jScqcWz23r6/3oOMfzgdvBy
b16rFWOW7P0pCA1Yxf4Y7NEpTs4yCm/MNdypoAUkmzXJHLedtsDSmMSeJxi6UAxE
lPaYZOW40kbkddeoRgYq1hhG4TYNYm3W9/AvusMW1KXPmhC1nnzSmivmtZ6JAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUReRUvsiNxd+9Q/jM8pk39llKab4wHwYDVR0j
BBgwFoAUBp+vR/9IrvTJj1CXB0Uwp0wRGrkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzIvMDY5RkFGNDdGRjQ4QUVGNEM5OEY1MDk3MDc0NTMwQTc0QzExMUFCOS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8wNjlGQUY0N0ZGNDhBRUY0Qzk4RjUwOTcw
NzQ1MzBBNzRDMTExQUI5LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMi8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM2MzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoPhcEGMA0GCSqGSIb3DQEBCwUAA4IBAQCWePaX
ZHqRNy9UaMqYJDRUvl9dRtKgglgrCiJa/SFDKnMzplTI4EAEGQLGUUAhIWnJtY+5
hs36+s1q81X0MKgnVLH3xL/n+3c58GTlbRqg9V5vXRkdGYdCzm91ltrtuEff5tZV
PUONqc7WKYt+eV4HPQQTaqsUwNfb2EfROcMOBph0KjI6nfea+N1lICRMTsCeAx96
k11l3nKExPpGko6T8ZrH6n4avuVvnKkMZvCWjeU/jYHiDAyTyJujdB0XzZ79QkjR
XHtVV5ZhSJ7yBzZ7Z1yO+6PsqwYkW0AEEW2oMMvm3kcIoh8bQnkpB8H7ELUKqFvK
DbwD5HhszFUHoURZ
-----END CERTIFICATE-----
Generated at Thu Sep 5 14:38:44 2024 by rpki-client on console-fra.rpki-client.org