Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343030303a3a2f33362d3438203d3e203434383137.roa
File: 326131343a373538313a343030303a3a2f33362d3438203d3e203434383137.roa (raw, json)
Hash identifier: 06Oq8kkXsOv0rKoRYz/dx2UXUSYf9kyOjrjjxWn2c2o=
Subject key identifier: DF:70:F9:6E:21:87:EA:DD:E8:2D:5A:FE:F2:BF:0F:5E:DF:62:3F:59
Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Certificate serial: 34EBDC8313B5312909C8E1EB6A2D0D683D7FFD0A
Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343030303a3a2f33362d3438203d3e203434383137.roa
Signing time: Sat 22 Feb 2025 05:52:12 +0000
ROA not before: Sat 22 Feb 2025 05:47:12 +0000
ROA not after: Sat 21 Feb 2026 05:52:12 +0000
asID: 44817
IP address blocks: 2a14:7581:4000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:eb:dc:83:13:b5:31:29:09:c8:e1:eb:6a:2d:0d:68:3d:7f:fd:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Validity
Not Before: Feb 22 05:47:12 2025 GMT
Not After : Feb 21 05:52:12 2026 GMT
Subject: CN=DF70F96E2187EADDE82D5AFEF2BF0F5EDF623F59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:c4:f1:f9:d3:91:8e:9a:b3:85:d1:1f:d4:
d4:57:da:48:c8:f9:29:17:f3:36:e7:18:c7:ca:d3:
32:2d:57:a3:10:29:60:34:67:a8:5d:6c:4c:a7:61:
47:b5:70:a8:9b:e0:f2:57:92:c7:1d:3f:a2:c1:cb:
30:ca:96:2e:9b:7f:84:e2:cf:da:bc:d6:cf:f6:4b:
13:a1:b0:64:fc:a8:e1:05:70:ec:20:40:bf:e8:ba:
93:75:c5:9d:c6:99:c7:d6:32:43:2f:28:f9:56:a0:
9f:2e:06:4a:8d:34:82:a6:24:32:3f:e0:43:03:29:
cd:b4:a7:23:55:64:af:9b:10:6d:d0:e8:6e:f2:ea:
82:8a:57:6a:88:4e:29:be:6c:2d:3a:6e:60:90:13:
3e:0a:ec:00:31:89:52:cf:9b:49:e3:d1:e4:18:26:
38:f7:ae:93:52:25:8b:1b:1a:5b:38:91:77:ad:ab:
67:71:01:b4:7f:ec:d0:67:ca:98:a2:92:90:02:50:
f9:4d:9c:6c:e5:56:28:b0:2b:fa:7d:7b:00:e5:ac:
82:26:19:e3:2f:78:90:fc:72:47:4e:07:e4:3a:3d:
d7:1d:21:20:a4:ff:4a:3c:c7:e9:cc:31:8d:42:0f:
f4:38:7c:4f:39:06:1a:f6:44:e2:9c:ac:45:a5:44:
2e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:70:F9:6E:21:87:EA:DD:E8:2D:5A:FE:F2:BF:0F:5E:DF:62:3F:59
X509v3 Authority Key Identifier:
keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343030303a3a2f33362d3438203d3e203434383137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:4000::/36
Signature Algorithm: sha256WithRSAEncryption
a7:ca:b1:5f:ef:50:a6:6f:d6:72:90:a1:7f:0b:dd:dd:b4:b4:
2a:ae:52:e9:b6:c3:20:df:1a:dc:2e:87:28:bf:92:9a:39:f6:
c7:9f:e0:2c:7d:d9:a1:7c:ba:c0:d5:cb:6d:ab:79:9c:c4:a8:
e8:2e:bc:50:71:96:e6:09:25:81:39:83:73:b4:4d:1c:11:31:
d6:c1:b2:d8:04:ac:01:d4:da:3f:d9:56:b4:f2:dd:3d:95:cc:
c7:fe:53:dc:4c:f3:bd:a4:53:23:1e:ec:11:11:04:7e:62:8c:
df:dc:94:3c:6d:35:ad:a0:1d:c8:4b:22:91:f1:5c:0c:b8:54:
0a:37:7a:11:2e:93:d2:f5:ae:0f:92:d1:08:5b:96:19:d2:66:
40:54:51:f0:aa:45:c0:72:fa:19:dc:4d:61:d7:d8:5c:61:73:
35:b5:5f:46:f4:ea:64:d2:2a:b9:c1:2d:32:8c:26:89:f3:4a:
73:af:cf:06:fc:db:e0:0a:b5:69:cd:58:77:06:c1:3e:74:80:
48:33:c0:3a:71:7d:3a:e5:a0:c6:61:8b:7c:3b:ff:fa:40:40:
06:74:05:33:c9:06:96:58:bd:73:85:7a:59:47:7d:18:f0:bf:
c6:d1:0c:d0:77:de:09:6f:d8:57:9f:64:b8:8e:6b:b6:b1:59:
69:cf:a6:3d
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUNOvcgxO1MSkJyOHrai0NaD1//QowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF
MEFGQjM4QzAeFw0yNTAyMjIwNTQ3MTJaFw0yNjAyMjEwNTUyMTJaMDMxMTAvBgNV
BAMTKERGNzBGOTZFMjE4N0VBRERFODJENUFGRUYyQkYwRjVFREY2MjNGNTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9lcTx+dORjpqzhdEf1NRX2kjI
+SkX8zbnGMfK0zItV6MQKWA0Z6hdbEynYUe1cKib4PJXkscdP6LByzDKli6bf4Ti
z9q81s/2SxOhsGT8qOEFcOwgQL/oupN1xZ3GmcfWMkMvKPlWoJ8uBkqNNIKmJDI/
4EMDKc20pyNVZK+bEG3Q6G7y6oKKV2qITim+bC06bmCQEz4K7AAxiVLPm0nj0eQY
Jjj3rpNSJYsbGls4kXetq2dxAbR/7NBnypiikpACUPlNnGzlViiwK/p9ewDlrIIm
GeMveJD8ckdOB+Q6PdcdISCk/0o8x+nMMY1CD/Q4fE85Bhr2ROKcrEWlRC5fAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQU33D5biGH6t3oLVr+8r8PXt9iP1kwHwYDVR0j
BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4
NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE
QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM0MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzQz
NDM4MzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUdYFAMA0GCSqGSIb3DQEBCwUAA4IBAQCnyrFf
71Cmb9ZykKF/C93dtLQqrlLptsMg3xrcLocov5KaOfbHn+AsfdmhfLrA1cttq3mc
xKjoLrxQcZbmCSWBOYNztE0cETHWwbLYBKwB1No/2Va08t09lczH/lPcTPO9pFMj
HuwREQR+Yozf3JQ8bTWtoB3ISyKR8VwMuFQKN3oRLpPS9a4PktEIW5YZ0mZAVFHw
qkXAcvoZ3E1h19hcYXM1tV9G9Opk0iq5wS0yjCaJ80pzr88G/NvgCrVpzVh3BsE+
dIBIM8A6cX065aDGYYt8O//6QEAGdAUzyQaWWL1zhXpZR30Y8L/G0QzQd94Jb9hX
n2S4jmu2sVlpz6Y9
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:31 2025 by rpki-client