Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623130313a3a2f34382d3438203d3e20323136333234.roa
File: 326131333a646638353a623130313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: 1U6imjL5+2OdASqYGADE+aLIyLST7BmPNuRgxt2Kbf0=
Subject key identifier: 3F:84:95:3B:02:FE:F0:31:13:03:02:FA:AA:8A:9D:A0:7F:33:AD:2A
Certificate issuer: /CN=40C5E16CC09D12B91FFDE58141213F2E82A6F498
Certificate serial: 678390B408CB80A1387D5D0942041FD7F5CCD5A9
Authority key identifier: 40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623130313a3a2f34382d3438203d3e20323136333234.roa
Signing time: Sat 16 Mar 2024 13:34:52 +0000
ROA not before: Sat 16 Mar 2024 13:29:52 +0000
ROA not after: Sat 15 Mar 2025 13:34:52 +0000
asID: 216324
IP address blocks: 2a13:df85:b101::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:83:90:b4:08:cb:80:a1:38:7d:5d:09:42:04:1f:d7:f5:cc:d5:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40C5E16CC09D12B91FFDE58141213F2E82A6F498
Validity
Not Before: Mar 16 13:29:52 2024 GMT
Not After : Mar 15 13:34:52 2025 GMT
Subject: CN=3F84953B02FEF031130302FAAA8A9DA07F33AD2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b9:99:0b:1a:16:9d:e3:d4:d6:4b:4c:c4:7b:
cc:86:4e:ee:f0:e3:b0:52:8d:52:f0:5c:09:88:7a:
03:b4:0b:25:19:d0:a8:06:6a:6e:ab:83:85:3e:59:
46:8c:53:06:42:de:56:9e:8b:a3:ff:68:a5:c9:93:
ee:36:ea:9c:16:2e:5f:14:7e:40:f8:9e:10:3d:e1:
7d:36:ce:22:0d:de:98:cd:f8:d0:cd:f1:e5:75:bc:
3d:61:d7:2f:f6:83:6d:c4:1a:05:59:95:24:90:e6:
64:04:93:89:f8:91:be:9a:67:02:b0:d0:9f:50:5f:
85:42:37:d4:0a:0f:5e:a2:8c:8f:74:6e:81:ad:96:
fe:4e:e5:6d:83:09:53:fe:d1:2d:16:ef:59:53:de:
aa:2e:f6:1f:12:6d:4e:4c:43:af:90:ff:9b:a9:20:
3c:10:da:8c:07:ed:2b:9f:c7:6b:be:1a:a6:e5:07:
4e:9d:f8:de:b8:87:53:d4:c7:38:b8:06:2e:a2:43:
db:f6:38:66:e7:34:77:b8:4f:73:5a:ad:e7:87:6a:
8a:52:33:70:fa:04:85:6b:56:85:3b:b7:e6:3c:9f:
5e:fc:b8:ef:3a:7e:68:c4:f1:3a:9c:d3:e7:03:04:
1a:48:e3:04:d2:e5:85:dd:ff:f2:2a:d8:35:ac:1e:
2c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:84:95:3B:02:FE:F0:31:13:03:02:FA:AA:8A:9D:A0:7F:33:AD:2A
X509v3 Authority Key Identifier:
keyid:40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/40C5E16CC09D12B91FFDE58141213F2E82A6F498.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623130313a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:b101::/48
Signature Algorithm: sha256WithRSAEncryption
54:9a:bf:b1:3e:55:57:65:7b:a0:3d:9f:03:8b:e2:c2:a5:27:
12:86:ad:65:69:ec:a8:bb:4b:5a:3d:d0:5d:84:6e:31:e4:d3:
e0:62:1e:7c:79:a3:9a:e1:2b:f9:32:98:52:ca:f3:52:4c:8d:
3f:a7:e5:07:a6:ce:f4:bd:d0:9d:b3:84:1d:fe:e9:4c:3a:96:
bf:8d:42:36:4c:a3:13:66:cb:4f:08:c6:e0:34:62:35:04:98:
3e:90:c4:c8:ab:18:b2:ee:27:25:a0:fe:da:8e:78:87:ba:2c:
d0:bb:80:e8:be:25:11:32:ba:c3:37:aa:9d:b1:7d:bd:1e:dd:
68:c3:33:e1:c0:3c:96:e9:85:f6:26:16:f1:41:a6:23:ca:0a:
ba:74:2e:18:1c:a6:8e:78:9b:46:56:df:f1:54:d9:4b:d0:70:
f8:40:ad:d9:95:ca:49:a5:d5:0f:ec:2e:7c:6e:c9:47:90:7b:
f7:d9:87:17:5c:48:1c:8d:9e:80:71:83:ba:91:23:b3:91:06:
64:94:d5:92:6b:b2:9b:72:ee:40:62:50:a1:d9:28:b3:dd:8c:
14:1e:3f:f3:8c:8e:49:d8:1a:48:ba:9b:ff:2e:80:ed:04:36:
28:14:cf:07:a2:de:24:76:01:90:3f:72:90:51:04:09:d7:28:
1e:ca:78:07
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUZ4OQtAjLgKE4fV0JQgQf1/XM1akwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNUUxNkNDMDlEMTJCOTFGRkRFNTgxNDEyMTNGMkU4
MkE2RjQ5ODAeFw0yNDAzMTYxMzI5NTJaFw0yNTAzMTUxMzM0NTJaMDMxMTAvBgNV
BAMTKDNGODQ5NTNCMDJGRUYwMzExMzAzMDJGQUFBOEE5REEwN0YzM0FEMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCguZkLGhad49TWS0zEe8yGTu7w
47BSjVLwXAmIegO0CyUZ0KgGam6rg4U+WUaMUwZC3laei6P/aKXJk+426pwWLl8U
fkD4nhA94X02ziIN3pjN+NDN8eV1vD1h1y/2g23EGgVZlSSQ5mQEk4n4kb6aZwKw
0J9QX4VCN9QKD16ijI90boGtlv5O5W2DCVP+0S0W71lT3qou9h8SbU5MQ6+Q/5up
IDwQ2owH7Sufx2u+GqblB06d+N64h1PUxzi4Bi6iQ9v2OGbnNHe4T3NareeHaopS
M3D6BIVrVoU7t+Y8n178uO86fmjE8Tqc0+cDBBpI4wTS5YXd//Iq2DWsHizfAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUP4SVOwL+8DETAwL6qoqdoH8zrSowHwYDVR0j
BBgwFoAUQMXhbMCdErkf/eWBQSE/LoKm9JgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzMvNDBDNUUxNkNDMDlEMTJCOTFGRkRFNTgxNDEyMTNGMkU4MkE2RjQ5OC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC80MEM1RTE2Q0MwOUQxMkI5MUZGREU1ODE0
MTIxM0YyRTgyQTZGNDk4LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMy8zMjYxMzEz
MzNhNjQ2NjM4MzUzYTYyMzEzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhPfhbEBMA0GCSqGSIb3DQEBCwUAA4IBAQBU
mr+xPlVXZXugPZ8Di+LCpScShq1laeyou0taPdBdhG4x5NPgYh58eaOa4Sv5MphS
yvNSTI0/p+UHps70vdCds4Qd/ulMOpa/jUI2TKMTZstPCMbgNGI1BJg+kMTIqxiy
7icloP7ajniHuizQu4DoviURMrrDN6qdsX29Ht1owzPhwDyW6YX2JhbxQaYjygq6
dC4YHKaOeJtGVt/xVNlL0HD4QK3ZlcpJpdUP7C58bslHkHv32YcXXEgcjZ6AcYO6
kSOzkQZklNWSa7Kbcu5AYlCh2Siz3YwUHj/zjI5J2BpIupv/LoDtBDYoFM8Hot4k
dgGQP3KQUQQJ1ygeyngH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:10 2024 by rpki-client on console-fra.rpki-client.org