Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa
File: 326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa (raw, json)
Hash identifier: 8fwqZHGyIJyFYdJn0gwpv+qKZFLFFwexw2Z/QOknvfY=
Subject key identifier: CF:71:E2:1E:69:B2:5C:DC:1F:6F:25:88:EC:8D:F0:E5:14:98:FC:93
Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Certificate serial: 7BAD38094DB7540B8279184E5364CF82B7049E31
Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa
Signing time: Wed 26 Feb 2025 11:52:12 +0000
ROA not before: Wed 26 Feb 2025 11:47:12 +0000
ROA not after: Wed 25 Feb 2026 11:52:12 +0000
asID: 215223
IP address blocks: 2a14:7581:4820::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:ad:38:09:4d:b7:54:0b:82:79:18:4e:53:64:cf:82:b7:04:9e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Validity
Not Before: Feb 26 11:47:12 2025 GMT
Not After : Feb 25 11:52:12 2026 GMT
Subject: CN=CF71E21E69B25CDC1F6F2588EC8DF0E51498FC93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2d:4b:14:4d:4c:0d:f3:8d:9f:0e:24:a9:6a:
9a:9c:df:45:e6:21:42:a0:72:b5:15:14:9d:66:e2:
93:5e:d0:6d:f1:c0:41:c3:93:88:0c:b1:ca:83:fb:
a5:4f:e8:0f:fd:a8:80:07:54:b2:cd:40:7d:a9:6f:
11:17:ae:ab:db:e3:11:2f:8f:e6:17:83:55:44:14:
ca:a7:a6:78:a4:0d:20:eb:5f:2b:6d:95:65:c9:88:
36:f5:70:06:ef:2e:16:a0:2a:49:3c:bb:20:5c:3d:
a0:dd:8f:07:0e:1e:e2:f4:a2:73:07:3c:2b:93:e2:
f7:c6:19:1c:6d:ab:bc:ed:a1:be:fb:c2:fb:c5:cb:
2f:1f:ec:f9:2e:34:2f:ea:56:28:c6:13:72:66:9f:
70:c2:bc:ec:38:43:31:c1:a4:e4:73:05:95:ab:63:
e4:0c:b6:5e:fd:ac:9f:06:27:26:97:2e:f1:b8:da:
93:cd:e4:9b:8b:ae:16:e6:33:44:1f:30:87:2b:c3:
72:8c:43:2b:cf:9d:3b:c9:ab:a6:83:66:97:da:29:
cd:76:aa:27:de:c5:88:e4:8e:55:4e:53:b6:4a:30:
01:1a:08:2b:ee:53:4f:d1:42:ee:e7:1c:94:71:45:
c4:07:0c:54:c0:d0:c9:7b:04:59:e7:da:5f:44:38:
15:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:71:E2:1E:69:B2:5C:DC:1F:6F:25:88:EC:8D:F0:E5:14:98:FC:93
X509v3 Authority Key Identifier:
keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343832303a3a2f34342d3438203d3e20323135323233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:4820::/44
Signature Algorithm: sha256WithRSAEncryption
4a:f0:9b:83:fe:e5:40:0e:a7:81:ec:c0:a5:63:63:e9:cc:5e:
f2:58:b4:09:fa:af:51:9c:ba:76:4b:91:79:1c:45:4a:1f:8d:
8e:24:d3:b3:dd:0f:63:f1:ec:ef:ff:95:4c:bf:bb:fc:d0:b1:
81:f6:8c:69:e1:03:a5:6e:11:0e:4c:0c:ee:65:79:7f:f1:42:
53:4c:76:3a:77:71:a5:d0:e8:b5:52:22:e1:e2:06:25:fb:e9:
94:4c:21:8c:22:62:a7:4d:04:79:69:42:c6:19:cf:d6:46:42:
ad:ed:72:ce:d9:65:b3:ab:f9:95:f3:11:0f:b3:86:f0:1a:1b:
18:7f:00:2e:8d:f3:93:b7:fe:e9:63:68:84:4d:73:6c:52:9b:
96:6d:5c:de:49:1c:b3:23:b0:18:d2:65:bc:d7:85:73:70:25:
56:5c:a3:da:7e:f1:67:ac:d8:08:67:65:7c:f4:65:6f:d3:93:
97:ba:5f:52:24:e1:38:dc:65:32:6e:d9:ab:bb:38:58:81:98:
b8:43:d5:88:ac:b9:75:6f:98:45:57:e7:61:32:04:2d:b1:e1:
72:06:a7:d8:32:ba:59:5a:f6:ca:01:38:85:95:bc:90:56:7f:
ff:a5:ee:07:5a:28:99:ec:2d:a4:a3:79:9d:87:4c:c8:3d:10:
7f:9f:da:33
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUe604CU23VAuCeRhOU2TPgrcEnjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF
MEFGQjM4QzAeFw0yNTAyMjYxMTQ3MTJaFw0yNjAyMjUxMTUyMTJaMDMxMTAvBgNV
BAMTKENGNzFFMjFFNjlCMjVDREMxRjZGMjU4OEVDOERGMEU1MTQ5OEZDOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbLUsUTUwN842fDiSpapqc30Xm
IUKgcrUVFJ1m4pNe0G3xwEHDk4gMscqD+6VP6A/9qIAHVLLNQH2pbxEXrqvb4xEv
j+YXg1VEFMqnpnikDSDrXyttlWXJiDb1cAbvLhagKkk8uyBcPaDdjwcOHuL0onMH
PCuT4vfGGRxtq7ztob77wvvFyy8f7PkuNC/qVijGE3Jmn3DCvOw4QzHBpORzBZWr
Y+QMtl79rJ8GJyaXLvG42pPN5JuLrhbmM0QfMIcrw3KMQyvPnTvJq6aDZpfaKc12
qifexYjkjlVOU7ZKMAEaCCvuU0/RQu7nHJRxRcQHDFTA0Ml7BFnn2l9EOBVXAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUz3HiHmmyXNwfbyWI7I3w5RSY/JMwHwYDVR0j
BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4
NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE
QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM0MzgzMjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MTM1MzIzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gUggMA0GCSqGSIb3DQEBCwUAA4IBAQBK
8JuD/uVADqeB7MClY2PpzF7yWLQJ+q9RnLp2S5F5HEVKH42OJNOz3Q9j8ezv/5VM
v7v80LGB9oxp4QOlbhEOTAzuZXl/8UJTTHY6d3Gl0Oi1UiLh4gYl++mUTCGMImKn
TQR5aULGGc/WRkKt7XLO2WWzq/mV8xEPs4bwGhsYfwAujfOTt/7pY2iETXNsUpuW
bVzeSRyzI7AY0mW814VzcCVWXKPafvFnrNgIZ2V89GVv05OXul9SJOE43GUybtmr
uzhYgZi4Q9WIrLl1b5hFV+dhMgQtseFyBqfYMrpZWvbKATiFlbyQVn//pe4HWiiZ
7C2ko3mdh0zIPRB/n9oz
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:29:59 2025 by rpki-client