Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/2/326130393a353463373a3a2f33322d3438203d3e20323134323233.roa
File: 326130393a353463373a3a2f33322d3438203d3e20323134323233.roa (raw, json)
Hash identifier: 6nKIGqrRA9QeygdYTAccqVF9ie08m49ukrjOWQ7UlyU=
Subject key identifier: 5C:61:06:F5:11:B3:76:84:7C:B9:36:B6:66:42:54:A2:3B:9A:0E:8B
Certificate issuer: /CN=4DE364B9A3AF541FAC1C0C0FA708FF7E8E8024B6
Certificate serial: 65A7D7AC02E803AC6E573C0B3218AA7DF005FAE0
Authority key identifier: 4D:E3:64:B9:A3:AF:54:1F:AC:1C:0C:0F:A7:08:FF:7E:8E:80:24:B6
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/4DE364B9A3AF541FAC1C0C0FA708FF7E8E8024B6.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/2/326130393a353463373a3a2f33322d3438203d3e20323134323233.roa
Signing time: Sun 02 Feb 2025 15:19:39 +0000
ROA not before: Sun 02 Feb 2025 15:14:39 +0000
ROA not after: Sun 01 Feb 2026 15:19:39 +0000
asID: 214223
IP address blocks: 2a09:54c7::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a7:d7:ac:02:e8:03:ac:6e:57:3c:0b:32:18:aa:7d:f0:05:fa:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4DE364B9A3AF541FAC1C0C0FA708FF7E8E8024B6
Validity
Not Before: Feb 2 15:14:39 2025 GMT
Not After : Feb 1 15:19:39 2026 GMT
Subject: CN=5C6106F511B376847CB936B6664254A23B9A0E8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:aa:ef:53:2a:10:d8:49:f8:d1:56:e8:ba:69:
d2:94:e3:44:ae:fc:ac:56:66:6d:a0:f5:54:9b:8f:
31:37:25:82:09:59:74:26:d2:a5:21:ab:94:03:e8:
e5:4a:c5:35:0a:ca:8b:1f:58:c3:40:d7:c1:73:fb:
09:f0:ed:06:97:84:4a:aa:6b:c1:fe:d3:0d:b1:68:
0c:d8:e2:45:80:86:68:38:1b:9b:c9:d9:26:54:bf:
85:49:43:bf:0f:c7:e7:d3:53:7b:ad:ab:c2:ac:81:
e0:e5:16:dc:e9:41:49:17:46:40:69:a8:a3:50:d1:
83:4d:14:b6:26:15:59:ce:1c:7e:52:0b:01:6c:20:
e3:9c:2c:9d:ee:60:b2:5b:88:4c:01:c7:2e:89:a3:
2e:96:c4:45:56:b1:bf:88:45:35:46:92:8d:0b:82:
2e:8e:69:f4:1d:1e:db:a2:ac:7b:e2:2c:bc:70:0e:
8d:03:ed:58:c5:6f:a5:aa:9f:dc:a0:c1:47:e8:79:
00:2a:76:98:04:07:7b:23:da:88:67:7b:41:92:dc:
46:7a:52:f0:79:7e:9b:6b:d8:0d:f1:71:da:d5:48:
3d:98:e3:6d:e2:03:5f:2d:04:46:7d:f1:94:08:a9:
17:7b:e2:7f:81:9f:8b:53:86:e7:62:fc:f2:3d:48:
7b:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:61:06:F5:11:B3:76:84:7C:B9:36:B6:66:42:54:A2:3B:9A:0E:8B
X509v3 Authority Key Identifier:
keyid:4D:E3:64:B9:A3:AF:54:1F:AC:1C:0C:0F:A7:08:FF:7E:8E:80:24:B6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/2/4DE364B9A3AF541FAC1C0C0FA708FF7E8E8024B6.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/4DE364B9A3AF541FAC1C0C0FA708FF7E8E8024B6.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2f0d4b4e-9f74-4df4-bf5e-0929096dbe04/2/326130393a353463373a3a2f33322d3438203d3e20323134323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:54c7::/32
Signature Algorithm: sha256WithRSAEncryption
8b:15:9f:bf:8c:8e:ee:dc:fd:0a:30:f2:e2:95:7b:4d:4f:65:
25:69:83:29:88:9d:f7:7f:5b:03:ae:42:2e:74:1e:d5:33:ac:
c0:bd:e6:f6:1d:e8:45:75:f1:10:9d:96:ee:e2:80:60:b6:dc:
55:85:95:1d:71:f7:4e:4d:a0:e0:3b:fc:8b:4d:ae:ae:96:06:
b1:4f:e0:45:cb:87:18:bb:2c:f5:18:f4:21:42:ee:be:43:a2:
8a:f1:62:f6:40:d4:67:d7:21:5d:3e:36:69:8c:4f:e1:95:d3:
aa:1a:cf:89:a4:cd:3f:8c:0e:79:09:ad:b3:0a:32:6a:5d:a8:
49:ac:b0:c7:db:71:b1:90:41:ac:3b:ee:64:f4:39:e0:7e:4a:
6d:0d:05:e8:c1:8d:00:6b:45:38:13:0a:8c:ce:ee:15:1e:2d:
b6:3f:08:a5:67:36:de:90:76:99:e6:fb:85:10:45:a3:16:c7:
12:4a:89:98:3c:13:88:1a:f0:7a:8a:1e:bc:11:ac:69:62:4a:
56:49:22:85:70:ad:69:15:89:ae:7d:ee:aa:0f:57:ba:da:76:
8e:52:92:6c:c5:4a:0e:54:bc:6d:87:ed:01:67:9f:5b:dc:71:
aa:99:f4:99:ee:7f:2e:ee:b4:d8:c8:b4:00:71:a8:eb:49:66:
6e:b5:c2:16
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUZafXrALoA6xuVzwLMhiqffAF+uAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNERFMzY0QjlBM0FGNTQxRkFDMUMwQzBGQTcwOEZGN0U4
RTgwMjRCNjAeFw0yNTAyMDIxNTE0MzlaFw0yNjAyMDExNTE5MzlaMDMxMTAvBgNV
BAMTKDVDNjEwNkY1MTFCMzc2ODQ3Q0I5MzZCNjY2NDI1NEEyM0I5QTBFOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHqu9TKhDYSfjRVui6adKU40Su
/KxWZm2g9VSbjzE3JYIJWXQm0qUhq5QD6OVKxTUKyosfWMNA18Fz+wnw7QaXhEqq
a8H+0w2xaAzY4kWAhmg4G5vJ2SZUv4VJQ78Px+fTU3utq8KsgeDlFtzpQUkXRkBp
qKNQ0YNNFLYmFVnOHH5SCwFsIOOcLJ3uYLJbiEwBxy6Joy6WxEVWsb+IRTVGko0L
gi6OafQdHtuirHviLLxwDo0D7VjFb6Wqn9ygwUfoeQAqdpgEB3sj2ohne0GS3EZ6
UvB5fptr2A3xcdrVSD2Y423iA18tBEZ98ZQIqRd74n+Bn4tThudi/PI9SHtlAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUXGEG9RGzdoR8uTa2ZkJUojuaDoswHwYDVR0j
BBgwFoAUTeNkuaOvVB+sHAwPpwj/fo6AJLYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmYwZDRiNGUtOWY3NC00ZGY0LWJmNWUtMDkyOTA5NmRi
ZTA0LzIvNERFMzY0QjlBM0FGNTQxRkFDMUMwQzBGQTcwOEZGN0U4RTgwMjRCNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80REUzNjRCOUEzQUY1NDFGQUMxQzBDMEZB
NzA4RkY3RThFODAyNEI2LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUF
BzALhoGNcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yZjBkNGI0ZS05Zjc0LTRkZjQtYmY1ZS0wOTI5MDk2ZGJlMDQvMi8zMjYxMzAz
OTNhMzUzNDYzMzczYTNhMmYzMzMyMmQzNDM4MjAzZDNlMjAzMjMxMzQzMjMyMzMu
cm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAP
MA0EAgACMAcDBQAqCVTHMA0GCSqGSIb3DQEBCwUAA4IBAQCLFZ+/jI7u3P0KMPLi
lXtNT2UlaYMpiJ33f1sDrkIudB7VM6zAveb2HehFdfEQnZbu4oBgttxVhZUdcfdO
TaDgO/yLTa6ulgaxT+BFy4cYuyz1GPQhQu6+Q6KK8WL2QNRn1yFdPjZpjE/hldOq
Gs+JpM0/jA55Ca2zCjJqXahJrLDH23GxkEGsO+5k9DngfkptDQXowY0Aa0U4EwqM
zu4VHi22PwilZzbekHaZ5vuFEEWjFscSSomYPBOIGvB6ih68EaxpYkpWSSKFcK1p
FYmufe6qD1e62naOUpJsxUoOVLxth+0BZ59b3HGqmfSZ7n8u7rTYyLQAcajrSWZu
tcIW
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:21:49 2025 by rpki-client