Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa
File: 326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa (raw, json)
Hash identifier: R+o6n+RjWkxiRu/ckQJHanWEp0DumqtvHG3oGP82QQ8=
Subject key identifier: 51:FA:3F:98:5C:7E:45:21:AA:04:A8:5A:EE:40:9E:4A:00:45:0A:33
Certificate issuer: /CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Certificate serial: 017A25C27137A9F3F5BAA4B3EDC0BC40DEE753FC
Authority key identifier: 20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa
Signing time: Sat 19 Oct 2024 08:31:42 +0000
ROA not before: Sat 19 Oct 2024 08:26:42 +0000
ROA not after: Sat 18 Oct 2025 08:31:42 +0000
asID: 48700
IP address blocks: 2a14:1ec7:c000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:7a:25:c2:71:37:a9:f3:f5:ba:a4:b3:ed:c0:bc:40:de:e7:53:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20F69C4C146138CB0121C4C4CBB39876F4ABDEC6
Validity
Not Before: Oct 19 08:26:42 2024 GMT
Not After : Oct 18 08:31:42 2025 GMT
Subject: CN=51FA3F985C7E4521AA04A85AEE409E4A00450A33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:fc:14:12:cf:dc:6d:28:c5:b1:8e:4e:23:3e:
99:d9:4f:c3:40:9f:22:2e:5a:ca:a3:59:9d:dd:ba:
3b:b8:10:59:bf:c9:71:55:14:3f:a2:d1:b0:69:82:
e7:39:05:cc:1f:a3:f1:9e:2a:f8:78:17:b5:91:6f:
36:62:97:e3:cd:7f:ad:6a:3d:93:7e:7f:66:99:58:
02:c9:8e:fa:61:60:8e:3c:ba:0c:6e:08:de:06:67:
c1:92:25:90:54:ff:87:17:64:2d:7c:ab:11:b6:4e:
b5:09:49:71:9d:57:09:4d:ff:41:81:68:9f:f5:ab:
28:68:f4:8d:9e:e3:55:3c:ef:e9:20:06:1c:b3:08:
d6:33:97:36:1f:87:07:02:f5:f9:28:9a:7c:e7:b5:
9b:e6:c1:80:98:4b:cf:78:65:ab:c4:55:38:a1:b4:
b7:03:d8:2e:7e:da:d9:2c:4a:56:9a:79:7b:4e:03:
d0:f2:65:43:71:40:cb:67:5f:0f:ca:58:5a:91:ef:
12:5f:1c:ff:99:1f:a4:67:6b:21:7d:0f:99:32:ed:
1e:63:2d:78:e6:85:7a:5e:1d:48:ca:67:e7:c8:76:
a7:24:e3:3f:be:6e:46:5d:b9:ac:60:ce:4d:99:63:
83:a7:d5:7a:4f:63:19:e9:7a:68:47:40:dd:03:50:
84:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:FA:3F:98:5C:7E:45:21:AA:04:A8:5A:EE:40:9E:4A:00:45:0A:33
X509v3 Authority Key Identifier:
keyid:20:F6:9C:4C:14:61:38:CB:01:21:C4:C4:CB:B3:98:76:F4:AB:DE:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/20F69C4C146138CB0121C4C4CBB39876F4ABDEC6.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/0/326131343a316563373a633030303a3a2f33362d3438203d3e203438373030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:c000::/36
Signature Algorithm: sha256WithRSAEncryption
04:9a:1a:ac:1a:e9:d9:12:88:b4:69:7c:cc:dc:2c:3d:6e:09:
31:1b:6f:d8:2e:e8:1f:37:70:44:c0:57:e6:8f:22:20:88:e1:
a5:c8:1c:6f:f5:7b:bb:40:07:1c:83:a7:00:03:56:a1:db:01:
9b:b5:5c:a9:5f:20:94:f1:a0:0f:19:f6:a6:8a:17:6e:02:69:
66:8e:3d:3d:40:e4:dd:30:76:32:ec:1d:42:48:42:9c:5d:55:
ed:dc:a6:dd:1a:d1:6b:9c:64:dd:a9:7f:ec:f1:0d:f8:ba:94:
49:6e:9b:a4:a6:5e:85:5d:80:e3:1e:40:b5:7b:57:58:a3:20:
b7:71:7c:e2:dd:5c:ca:41:f8:a4:1e:f5:39:86:37:b3:fa:38:
26:c5:4b:3c:90:c0:f1:a2:b9:f5:d7:70:b1:eb:78:fa:56:a9:
15:12:4d:81:19:0d:64:bd:70:79:e8:a6:6d:9f:c4:08:fd:bf:
0b:80:a0:91:ab:f0:2c:16:1e:6c:bd:ad:22:b1:3d:19:81:d1:
45:e4:51:b2:a3:2f:f5:89:75:aa:bc:19:72:f3:c0:f8:9d:a4:
02:c7:60:a6:7b:85:f8:d7:a9:e9:a0:e8:51:a0:97:09:0e:46:
17:8f:51:e8:31:a3:53:ad:c4:86:26:fb:eb:23:c1:3e:0f:6f:
5e:bb:35:42
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUAXolwnE3qfP1uqSz7cC8QN7nU/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZG
NEFCREVDNjAeFw0yNDEwMTkwODI2NDJaFw0yNTEwMTgwODMxNDJaMDMxMTAvBgNV
BAMTKDUxRkEzRjk4NUM3RTQ1MjFBQTA0QTg1QUVFNDA5RTRBMDA0NTBBMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt/BQSz9xtKMWxjk4jPpnZT8NA
nyIuWsqjWZ3duju4EFm/yXFVFD+i0bBpguc5Bcwfo/GeKvh4F7WRbzZil+PNf61q
PZN+f2aZWALJjvphYI48ugxuCN4GZ8GSJZBU/4cXZC18qxG2TrUJSXGdVwlN/0GB
aJ/1qyho9I2e41U87+kgBhyzCNYzlzYfhwcC9fkomnzntZvmwYCYS894ZavEVTih
tLcD2C5+2tksSlaaeXtOA9DyZUNxQMtnXw/KWFqR7xJfHP+ZH6RnayF9D5ky7R5j
LXjmhXpeHUjKZ+fIdqck4z++bkZduaxgzk2ZY4On1XpPYxnpemhHQN0DUIRLAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUUfo/mFx+RSGqBKha7kCeSgBFCjMwHwYDVR0j
BBgwFoAUIPacTBRhOMsBIcTEy7OYdvSr3sYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzAvMjBGNjlDNEMxNDYxMzhDQjAxMjFDNEM0Q0JCMzk4NzZGNEFCREVDNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yMEY2OUM0QzE0NjEzOENCMDEyMUM0QzRD
QkIzOTg3NkY0QUJERUM2LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yYWY3M2E5Yy0yMDU4LTQzYmItOWFjNi01YWI0MmRmYmY0MDkvMC8zMjYxMzEz
NDNhMzE2NTYzMzczYTYzMzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzQz
ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUHsfAMA0GCSqGSIb3DQEBCwUAA4IBAQAEmhqs
GunZEoi0aXzM3Cw9bgkxG2/YLugfN3BEwFfmjyIgiOGlyBxv9Xu7QAccg6cAA1ah
2wGbtVypXyCU8aAPGfamihduAmlmjj09QOTdMHYy7B1CSEKcXVXt3KbdGtFrnGTd
qX/s8Q34upRJbpukpl6FXYDjHkC1e1dYoyC3cXzi3VzKQfikHvU5hjez+jgmxUs8
kMDxorn113Cx63j6VqkVEk2BGQ1kvXB56KZtn8QI/b8LgKCRq/AsFh5sva0isT0Z
gdFF5FGyoy/1iXWqvBly88D4naQCx2Cme4X416npoOhRoJcJDkYXj1HoMaNTrcSG
JvvrI8E+D29euzVC
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:30 2025 by rpki-client