Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/1/326130623a346530373a333030303a3a2f33362d3438203d3e20323134323233.roa
File: 326130623a346530373a333030303a3a2f33362d3438203d3e20323134323233.roa (raw, json)
Hash identifier: HU0luLFGqhHhoFLY+/ScUIZTgJz7rI8DtiUHtYVa9V8=
Subject key identifier: 20:FD:7D:5D:E4:3E:CE:F4:8C:D0:DA:F0:61:8A:A7:5B:67:6E:17:1B
Certificate issuer: /CN=E8C9690FAC27EA3A350216F536D777F5F3E6DC0F
Certificate serial: 298F1E1F907C3F550C2EA429A9CE81BFD6498547
Authority key identifier: E8:C9:69:0F:AC:27:EA:3A:35:02:16:F5:36:D7:77:F5:F3:E6:DC:0F
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/E8C9690FAC27EA3A350216F536D777F5F3E6DC0F.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/1/326130623a346530373a333030303a3a2f33362d3438203d3e20323134323233.roa
Signing time: Sun 02 Feb 2025 15:19:48 +0000
ROA not before: Sun 02 Feb 2025 15:14:48 +0000
ROA not after: Sun 01 Feb 2026 15:19:48 +0000
asID: 214223
IP address blocks: 2a0b:4e07:3000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:8f:1e:1f:90:7c:3f:55:0c:2e:a4:29:a9:ce:81:bf:d6:49:85:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E8C9690FAC27EA3A350216F536D777F5F3E6DC0F
Validity
Not Before: Feb 2 15:14:48 2025 GMT
Not After : Feb 1 15:19:48 2026 GMT
Subject: CN=20FD7D5DE43ECEF48CD0DAF0618AA75B676E171B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:71:90:96:a4:a5:85:9d:4f:1b:3b:6f:c3:e5:
1d:c0:e2:90:9d:33:e2:0a:fb:f0:10:41:91:ac:20:
d9:e9:0b:9d:a3:c5:d9:7e:bd:38:81:49:81:d4:34:
33:d5:9d:f5:64:04:4d:e2:8e:b5:49:73:c2:07:96:
a0:2b:0e:de:7d:f2:6d:96:d8:22:2b:1b:d2:c2:be:
21:c2:2f:90:ff:af:61:50:17:cf:46:91:bf:fb:1b:
f5:d1:dd:45:93:66:ef:d2:86:6a:2d:09:84:61:df:
5a:2c:9f:1d:c0:32:53:51:9b:46:40:6d:a4:79:4b:
10:77:fe:0b:5d:17:3d:6e:75:f3:13:c5:af:67:4a:
f3:e5:4b:01:f6:0e:ba:a3:da:81:33:84:2a:47:2d:
b1:2e:62:3e:f6:bd:0a:03:e3:6f:7e:cb:f2:4d:fe:
b5:8e:9c:de:15:4c:d7:61:be:8f:d3:60:12:53:12:
ac:bb:57:69:ae:cd:30:41:0c:7c:be:b3:22:bf:5b:
11:73:43:b0:1a:db:cf:7e:c1:0f:2f:f2:16:d3:db:
f4:18:74:bc:e3:27:da:1b:f2:87:af:44:85:95:73:
30:0f:69:cf:4e:74:35:79:34:39:97:46:d0:a3:87:
94:8e:05:9b:31:5a:8f:df:6c:c0:aa:5f:67:48:dd:
e4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FD:7D:5D:E4:3E:CE:F4:8C:D0:DA:F0:61:8A:A7:5B:67:6E:17:1B
X509v3 Authority Key Identifier:
keyid:E8:C9:69:0F:AC:27:EA:3A:35:02:16:F5:36:D7:77:F5:F3:E6:DC:0F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/1/E8C9690FAC27EA3A350216F536D777F5F3E6DC0F.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/E8C9690FAC27EA3A350216F536D777F5F3E6DC0F.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/1/326130623a346530373a333030303a3a2f33362d3438203d3e20323134323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:3000::/36
Signature Algorithm: sha256WithRSAEncryption
2f:b9:43:b3:00:eb:4a:ae:b6:92:5c:a5:97:7a:2e:d1:39:ca:
40:6f:fe:87:88:dd:ee:d4:9f:a3:31:ef:8c:8c:f5:db:ea:80:
c7:84:a2:bf:1e:f3:9a:b8:54:3f:f3:f4:43:10:c3:7e:8f:ae:
c1:8d:62:72:ef:a5:3e:50:6d:5a:34:55:e1:00:b4:a7:ac:fe:
a0:56:ff:eb:93:22:8b:f5:0d:f5:4e:76:0b:ff:89:0c:7f:c3:
f7:e6:cd:df:71:f4:63:1d:43:22:27:49:11:34:c9:c8:26:3f:
07:c4:28:74:b3:93:99:ff:6b:83:04:d7:f0:3c:1a:46:c9:78:
b7:5e:53:c1:66:02:ef:ae:ee:ee:ea:3a:b1:22:60:40:a7:aa:
1a:b7:4f:ec:b4:af:c3:ee:87:5b:75:d4:e4:14:22:4b:95:47:
9c:2a:9e:f8:71:b7:12:ae:58:e7:e4:7a:97:58:11:8b:2a:52:
6f:84:a9:2a:00:ff:d7:f6:f7:dc:af:55:d8:c6:43:6d:cc:ec:
5f:a8:45:e8:d7:8d:9b:32:bf:e7:5c:71:0f:23:3c:91:aa:cc:
6a:b9:00:f7:f4:f0:c3:e3:07:b5:50:da:21:3a:01:25:2d:df:
10:9d:99:d2:1e:ff:30:5f:50:0e:bc:ef:f4:d9:d8:f9:1f:3e:
6d:38:bb:c7
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUKY8eH5B8P1UMLqQpqc6Bv9ZJhUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRThDOTY5MEZBQzI3RUEzQTM1MDIxNkY1MzZENzc3RjVG
M0U2REMwRjAeFw0yNTAyMDIxNTE0NDhaFw0yNjAyMDExNTE5NDhaMDMxMTAvBgNV
BAMTKDIwRkQ3RDVERTQzRUNFRjQ4Q0QwREFGMDYxOEFBNzVCNjc2RTE3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvcZCWpKWFnU8bO2/D5R3A4pCd
M+IK+/AQQZGsINnpC52jxdl+vTiBSYHUNDPVnfVkBE3ijrVJc8IHlqArDt598m2W
2CIrG9LCviHCL5D/r2FQF89Gkb/7G/XR3UWTZu/ShmotCYRh31osnx3AMlNRm0ZA
baR5SxB3/gtdFz1udfMTxa9nSvPlSwH2Drqj2oEzhCpHLbEuYj72vQoD429+y/JN
/rWOnN4VTNdhvo/TYBJTEqy7V2muzTBBDHy+syK/WxFzQ7Aa289+wQ8v8hbT2/QY
dLzjJ9ob8oevRIWVczAPac9OdDV5NDmXRtCjh5SOBZsxWo/fbMCqX2dI3eRrAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUIP19XeQ+zvSM0NrwYYqnW2duFxswHwYDVR0j
BBgwFoAU6MlpD6wn6jo1Ahb1Ntd39fPm3A8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmYwZDRiNGUtOWY3NC00ZGY0LWJmNWUtMDkyOTA5NmRi
ZTA0LzEvRThDOTY5MEZBQzI3RUEzQTM1MDIxNkY1MzZENzc3RjVGM0U2REMwRi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRh
NmItOTQzNC1jYzgwZGNhMDkzZTYvMi9FOEM5NjkwRkFDMjdFQTNBMzUwMjE2RjUz
NkQ3NzdGNUYzRTZEQzBGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yZjBkNGI0ZS05Zjc0LTRkZjQtYmY1ZS0wOTI5MDk2ZGJlMDQvMS8zMjYxMzA2
MjNhMzQ2NTMwMzczYTMzMzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz
MTM0MzIzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKgtOBzAwDQYJKoZIhvcNAQELBQADggEBAC+5
Q7MA60qutpJcpZd6LtE5ykBv/oeI3e7Un6Mx74yM9dvqgMeEor8e85q4VD/z9EMQ
w36PrsGNYnLvpT5QbVo0VeEAtKes/qBW/+uTIov1DfVOdgv/iQx/w/fmzd9x9GMd
QyInSRE0ycgmPwfEKHSzk5n/a4ME1/A8GkbJeLdeU8FmAu+u7u7qOrEiYECnqhq3
T+y0r8Puh1t11OQUIkuVR5wqnvhxtxKuWOfkepdYEYsqUm+EqSoA/9f299yvVdjG
Q23M7F+oRejXjZsyv+dccQ8jPJGqzGq5APf08MPjB7VQ2iE6ASUt3xCdmdIe/zBf
UA687/TZ2PkfPm04u8c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:27:21 2025 by rpki-client