Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
File: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (raw, json)
Hash identifier: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=
Subject key identifier: C4:78:2A:2A:9D:87:15:98:07:44:DB:C2:84:EF:F1:A2:12:FF:3F:C3
Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Certificate serial: 3D517A2B5F086AA677B7385CF2C29CBDB824D70C
Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
Signing time: Thu 06 Mar 2025 23:02:11 +0000
ROA not before: Thu 06 Mar 2025 22:57:11 +0000
ROA not after: Thu 05 Mar 2026 23:02:11 +0000
asID: 213170
IP address blocks: 2a09:be40:2800::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:51:7a:2b:5f:08:6a:a6:77:b7:38:5c:f2:c2:9c:bd:b8:24:d7:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985
Validity
Not Before: Mar 6 22:57:11 2025 GMT
Not After : Mar 5 23:02:11 2026 GMT
Subject: CN=C4782A2A9D8715980744DBC284EFF1A212FF3FC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0f:d5:de:61:f4:59:da:08:4d:ec:e8:7f:6a:
5e:a9:71:b9:1c:e4:36:ea:b8:70:b6:64:c0:b1:1d:
b6:33:f5:4d:c2:00:57:d8:d7:f0:b6:c8:4f:7a:39:
94:19:75:4b:92:a1:c5:a3:34:a1:1d:d7:50:88:4b:
6b:d5:f6:dc:c9:00:47:7d:27:a9:b8:ee:50:62:27:
6f:5d:d9:55:a2:16:a4:17:23:e7:fb:47:37:54:ef:
19:80:c7:f7:b8:b0:c0:7f:09:ff:2f:a8:3f:dd:42:
24:21:75:95:43:ec:e5:1d:ac:2f:14:0c:cf:6b:97:
01:93:5a:bb:2e:cb:1a:1e:06:d8:96:10:6b:de:c1:
22:3f:7a:07:b8:2c:6a:77:11:cb:72:5a:a7:24:9b:
a1:f8:ca:9a:4c:de:4c:51:ca:d4:06:4a:6d:93:e6:
2d:54:5e:ba:0b:3a:6e:2c:8b:4e:f5:ec:82:df:5b:
c7:2c:9d:4a:56:e0:79:5c:f2:4f:e2:39:d7:c1:da:
c3:7c:82:36:71:08:09:db:5e:55:77:bc:a1:80:be:
99:fc:72:7c:9f:87:ee:40:74:1d:2a:05:c2:b0:a7:
7d:9e:11:6e:87:5f:56:47:9e:08:df:0d:9b:d4:66:
df:4d:5f:41:c8:ec:a9:b5:09:4b:92:71:dc:11:03:
67:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:78:2A:2A:9D:87:15:98:07:44:DB:C2:84:EF:F1:A2:12:FF:3F:C3
X509v3 Authority Key Identifier:
keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:2800::/40
Signature Algorithm: sha256WithRSAEncryption
05:c2:fd:2f:0f:d1:b5:7b:67:3c:36:68:96:2e:08:0b:12:e5:
86:7f:c8:12:de:15:97:86:58:db:6e:c8:7e:47:a1:84:b2:f7:
49:45:60:9b:eb:7d:3f:a4:2c:d7:11:f4:b5:3f:2a:ce:8e:a3:
10:ca:fd:dd:90:db:86:69:3a:98:0f:fe:66:63:15:28:34:d3:
40:57:9d:1f:13:73:e8:13:26:8d:af:b6:b0:f6:9a:a3:31:56:
a2:ce:08:e6:d4:ed:bb:6a:ab:2d:7f:c9:06:93:ab:0f:65:07:
f7:aa:03:4e:83:20:6d:68:fc:c9:b7:6a:fb:50:f4:8f:10:7d:
e4:c8:78:e6:8b:a5:0c:38:91:05:bf:f8:a1:e4:99:17:2f:c9:
88:07:24:fa:77:6a:ed:00:33:e9:50:ad:30:3f:d4:17:3b:05:
c4:ee:19:85:d9:29:b6:10:05:86:aa:f9:06:6e:5d:c7:c3:f1:
3e:f6:3d:e3:d9:6f:ac:9f:da:b6:bb:d9:3c:63:4a:48:4f:50:
ba:0a:8a:65:a9:bf:03:62:f0:e8:e8:f6:7a:3e:e5:21:90:24:
30:88:e5:bb:47:9d:79:3a:4b:f5:99:b4:20:20:73:fa:28:8e:
a4:1d:72:11:af:80:96:5c:6b:10:08:60:62:ce:ab:07:39:24:
fe:16:39:c7
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUPVF6K18IaqZ3tzhc8sKcvbgk1wwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw
OWVhMzk4NTAeFw0yNTAzMDYyMjU3MTFaFw0yNjAzMDUyMzAyMTFaMDMxMTAvBgNV
BAMTKEM0NzgyQTJBOUQ4NzE1OTgwNzQ0REJDMjg0RUZGMUEyMTJGRjNGQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8D9XeYfRZ2ghN7Oh/al6pcbkc
5DbquHC2ZMCxHbYz9U3CAFfY1/C2yE96OZQZdUuSocWjNKEd11CIS2vV9tzJAEd9
J6m47lBiJ29d2VWiFqQXI+f7RzdU7xmAx/e4sMB/Cf8vqD/dQiQhdZVD7OUdrC8U
DM9rlwGTWrsuyxoeBtiWEGvewSI/ege4LGp3EctyWqckm6H4yppM3kxRytQGSm2T
5i1UXroLOm4si0717ILfW8csnUpW4Hlc8k/iOdfB2sN8gjZxCAnbXlV3vKGAvpn8
cnyfh+5AdB0qBcKwp32eEW6HX1ZHngjfDZvUZt9NX0HI7Km1CUuScdwRA2eLAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUxHgqKp2HFZgHRNvChO/xohL/P8MwHwYDVR0j
BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1
YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu
cU9ZVS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmRmYjMwY2Et
ZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1YWYxLzAvMzI2MTMwMzkzYTYyNjUzNDMw
M2EzMjM4MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzMxMzczMC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGACoJvkAoMA0GCSqGSIb3DQEBCwUAA4IBAQAFwv0vD9G1e2c8NmiW
LggLEuWGf8gS3hWXhljbbsh+R6GEsvdJRWCb630/pCzXEfS1PyrOjqMQyv3dkNuG
aTqYD/5mYxUoNNNAV50fE3PoEyaNr7aw9pqjMVaizgjm1O27aqstf8kGk6sPZQf3
qgNOgyBtaPzJt2r7UPSPEH3kyHjmi6UMOJEFv/ih5JkXL8mIByT6d2rtADPpUK0w
P9QXOwXE7hmF2Sm2EAWGqvkGbl3Hw/E+9j3j2W+sn9q2u9k8Y0pIT1C6Coplqb8D
YvDo6PZ6PuUhkCQwiOW7R515Okv1mbQgIHP6KI6kHXIRr4CWXGsQCGBizqsHOST+
FjnH
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:50:48 2025 by rpki-client