Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623132313a3a2f34382d3438203d3e20323136333234.roa
File: 326131333a646638353a623132313a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: wAWPHSUOYQ+VC2KMbTEPUO75gFZus8/cbZtMsOPim04=
Subject key identifier: 45:E0:51:43:7F:D2:70:F8:E9:94:1F:84:90:8D:6E:C4:F0:0C:EF:65
Certificate issuer: /CN=40C5E16CC09D12B91FFDE58141213F2E82A6F498
Certificate serial: 3938E7B095329E5A451A64A5776C1700C726168B
Authority key identifier: 40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623132313a3a2f34382d3438203d3e20323136333234.roa
Signing time: Sat 16 Mar 2024 13:38:27 +0000
ROA not before: Sat 16 Mar 2024 13:33:27 +0000
ROA not after: Sat 15 Mar 2025 13:38:27 +0000
asID: 216324
IP address blocks: 2a13:df85:b121::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:38:e7:b0:95:32:9e:5a:45:1a:64:a5:77:6c:17:00:c7:26:16:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40C5E16CC09D12B91FFDE58141213F2E82A6F498
Validity
Not Before: Mar 16 13:33:27 2024 GMT
Not After : Mar 15 13:38:27 2025 GMT
Subject: CN=45E051437FD270F8E9941F84908D6EC4F00CEF65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0d:29:ff:31:f5:48:68:64:4c:6a:83:e4:8d:
8f:d6:43:6f:72:0d:41:d5:12:32:91:f8:c0:86:6b:
76:10:29:37:b5:6c:95:24:d7:c6:b6:f5:c6:9d:3a:
b5:92:0e:ec:22:f6:61:8a:c8:0f:83:0c:37:af:71:
ad:31:b7:0e:25:98:59:96:a7:20:29:d8:02:8d:30:
ab:3a:d0:78:f6:74:c7:64:99:c2:07:b2:b3:40:64:
a9:f9:24:4d:08:1e:31:a1:38:a7:39:27:da:0c:25:
a2:d2:a3:c6:66:04:97:d8:c5:ba:e0:63:b8:1b:45:
87:8d:fe:88:08:5f:fe:37:fd:4c:25:1d:80:ea:7a:
39:00:61:ff:39:75:98:ab:ab:49:c6:e6:cd:56:79:
2b:97:cd:d3:86:7f:06:27:32:54:32:d4:85:ec:04:
0d:09:52:6f:d8:1f:1b:ea:a2:5c:60:b7:f7:e0:cb:
b1:b9:1b:fe:cd:51:43:51:1b:b2:24:34:99:bc:e1:
3a:ca:b9:79:2b:f0:72:ab:e8:cf:de:63:69:33:5d:
d6:0b:e8:36:bd:a2:08:90:ec:60:52:79:57:f7:6d:
29:3d:f6:27:83:f8:6e:f5:dd:a4:ca:52:32:fd:bf:
83:b8:75:84:31:a9:53:b2:04:d9:48:0c:24:7a:c5:
e6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E0:51:43:7F:D2:70:F8:E9:94:1F:84:90:8D:6E:C4:F0:0C:EF:65
X509v3 Authority Key Identifier:
keyid:40:C5:E1:6C:C0:9D:12:B9:1F:FD:E5:81:41:21:3F:2E:82:A6:F4:98
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/40C5E16CC09D12B91FFDE58141213F2E82A6F498.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/40C5E16CC09D12B91FFDE58141213F2E82A6F498.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/3/326131333a646638353a623132313a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df85:b121::/48
Signature Algorithm: sha256WithRSAEncryption
7a:01:fd:d0:b8:89:a8:b5:e5:e5:8e:b0:6b:2d:7b:75:95:4f:
d1:02:35:f5:b9:a4:57:bb:e1:3b:97:d1:5b:5e:cf:a8:25:f0:
6c:af:54:0c:53:1f:c8:68:42:64:9f:27:e9:9f:24:aa:aa:2c:
70:68:06:2d:f7:8b:1f:fd:2a:da:94:b2:69:67:f0:49:51:a3:
a4:b6:78:19:53:b1:9d:85:8d:87:b3:7b:df:33:33:24:46:92:
88:e7:fd:ec:f3:31:d0:d8:75:16:5e:3b:dd:75:6f:eb:fe:6d:
36:61:57:8f:e1:40:19:3d:a0:1e:ed:30:f6:47:6d:d0:d8:17:
3b:d3:64:03:0a:07:88:5a:d2:02:a1:36:cf:72:70:32:7c:8d:
72:98:9a:bf:5d:40:c4:61:97:f4:fa:cc:a8:b6:0c:1e:31:a0:
36:dd:c1:a0:aa:42:d7:49:3f:66:69:a9:a5:67:c8:37:e6:00:
7c:31:a3:69:10:4a:d9:53:0a:ef:57:7f:b9:f5:30:2b:34:3e:
f3:61:1e:4a:4c:a6:ef:90:cc:05:27:70:18:e0:7a:1e:b5:9b:
6d:f6:8b:30:98:4a:46:ca:57:be:9f:a4:99:9f:7b:ae:32:8f:
1a:c9:1e:28:f3:89:10:15:08:f9:d3:02:7a:be:f9:2b:a7:64:
b2:03:64:d9
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUOTjnsJUynlpFGmSld2wXAMcmFoswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNUUxNkNDMDlEMTJCOTFGRkRFNTgxNDEyMTNGMkU4
MkE2RjQ5ODAeFw0yNDAzMTYxMzMzMjdaFw0yNTAzMTUxMzM4MjdaMDMxMTAvBgNV
BAMTKDQ1RTA1MTQzN0ZEMjcwRjhFOTk0MUY4NDkwOEQ2RUM0RjAwQ0VGNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCDSn/MfVIaGRMaoPkjY/WQ29y
DUHVEjKR+MCGa3YQKTe1bJUk18a29cadOrWSDuwi9mGKyA+DDDevca0xtw4lmFmW
pyAp2AKNMKs60Hj2dMdkmcIHsrNAZKn5JE0IHjGhOKc5J9oMJaLSo8ZmBJfYxbrg
Y7gbRYeN/ogIX/43/UwlHYDqejkAYf85dZirq0nG5s1WeSuXzdOGfwYnMlQy1IXs
BA0JUm/YHxvqolxgt/fgy7G5G/7NUUNRG7IkNJm84TrKuXkr8HKr6M/eY2kzXdYL
6Da9ogiQ7GBSeVf3bSk99ieD+G713aTKUjL9v4O4dYQxqVOyBNlIDCR6xeZdAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUReBRQ3/ScPjplB+EkI1uxPAM72UwHwYDVR0j
BBgwFoAUQMXhbMCdErkf/eWBQSE/LoKm9JgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzMvNDBDNUUxNkNDMDlEMTJCOTFGRkRFNTgxNDEyMTNGMkU4MkE2RjQ5OC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wNDAzMmM4Zi0xZDU3LTRj
M2ItOTA0My1hMGU3ZmViZjE2N2QvMC80MEM1RTE2Q0MwOUQxMkI5MUZGREU1ODE0
MTIxM0YyRTgyQTZGNDk4LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMy8zMjYxMzEz
MzNhNjQ2NjM4MzUzYTYyMzEzMjMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhPfhbEhMA0GCSqGSIb3DQEBCwUAA4IBAQB6
Af3QuImoteXljrBrLXt1lU/RAjX1uaRXu+E7l9FbXs+oJfBsr1QMUx/IaEJknyfp
nySqqixwaAYt94sf/SralLJpZ/BJUaOktngZU7GdhY2Hs3vfMzMkRpKI5/3s8zHQ
2HUWXjvddW/r/m02YVeP4UAZPaAe7TD2R23Q2Bc702QDCgeIWtICoTbPcnAyfI1y
mJq/XUDEYZf0+syotgweMaA23cGgqkLXST9maamlZ8g35gB8MaNpEErZUwrvV3+5
9TArND7zYR5KTKbvkMwFJ3AY4HoetZtt9oswmEpGyle+n6SZn3uuMo8ayR4o84kQ
FQj50wJ6vvkrp2SyA2TZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:57 2024 by rpki-client on console-ams.rpki-client.org