Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438633a3a2f34382d313238203d3e203437323732.roa
File: 323030313a3637633a6438633a3a2f34382d313238203d3e203437323732.roa (raw, json)
Hash identifier: dl0PTSDr5J0KB1na5PGRTf1dNkrbYDvNEMiS80IVTbk=
Subject key identifier: 7C:B6:17:A7:7B:42:61:C9:3C:7E:64:BB:CD:9A:24:1A:37:87:9A:2B
Certificate issuer: /CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Certificate serial: 3A439F83523EC4CDCE1306E9D694574F43CE7159
Authority key identifier: 1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438633a3a2f34382d313238203d3e203437323732.roa
Signing time: Wed 25 Dec 2024 11:19:57 +0000
ROA not before: Wed 25 Dec 2024 11:14:57 +0000
ROA not after: Wed 24 Dec 2025 11:19:57 +0000
asID: 47272
IP address blocks: 2001:67c:d8c::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:43:9f:83:52:3e:c4:cd:ce:13:06:e9:d6:94:57:4f:43:ce:71:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Validity
Not Before: Dec 25 11:14:57 2024 GMT
Not After : Dec 24 11:19:57 2025 GMT
Subject: CN=7CB617A77B4261C93C7E64BBCD9A241A37879A2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ba:8a:93:c7:53:b3:78:e1:e1:e9:eb:b6:df:
5d:38:3c:c7:52:dc:97:e0:94:b0:5b:c2:74:7a:41:
af:76:69:34:e9:be:b2:c1:eb:1d:4b:48:d6:40:3e:
6f:95:1b:34:5f:ab:64:8d:db:66:c1:6d:fa:61:19:
56:32:87:83:b6:be:57:34:0f:cc:44:8c:5d:6e:f0:
c2:e4:51:60:b0:7b:93:bb:df:a4:16:d4:7c:2a:9b:
9a:a6:fe:36:38:f7:22:b9:80:65:27:40:eb:89:66:
d5:8d:e0:d1:39:95:98:bf:5a:31:9c:a6:ef:b9:b3:
33:39:4f:5e:c1:75:d8:31:fe:6d:6c:23:0d:ce:b6:
db:85:eb:47:e7:b4:d5:4e:5c:ff:78:c8:29:f0:a0:
94:b3:ea:f9:28:32:07:f6:8d:91:f7:c5:2c:37:66:
c8:fd:1c:b5:83:a5:f5:5b:49:c9:19:0c:2d:29:aa:
0e:9f:0e:c3:45:53:57:a9:1b:60:ca:22:5b:72:8d:
67:81:d1:a4:64:39:66:68:05:f8:6c:9f:de:c1:a5:
12:87:de:c1:01:cc:e3:ab:a0:b2:25:66:b7:7c:3f:
43:5b:e9:70:55:7e:58:66:61:2e:f3:aa:89:b2:05:
bd:3d:dd:fc:7d:63:e5:9a:19:bd:61:9b:5d:21:3d:
cf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B6:17:A7:7B:42:61:C9:3C:7E:64:BB:CD:9A:24:1A:37:87:9A:2B
X509v3 Authority Key Identifier:
keyid:1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6438633a3a2f34382d313238203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d8c::/48
Signature Algorithm: sha256WithRSAEncryption
1e:1a:05:5e:20:15:df:ad:64:f5:29:bd:c8:49:ee:31:74:0e:
5a:a6:d5:c8:01:db:28:94:f0:58:81:b8:71:15:08:cb:80:89:
48:04:ee:37:77:12:ee:6d:cc:3f:23:fc:35:a4:6d:5e:ba:02:
6c:ba:73:7d:19:91:6f:82:be:8d:07:cf:14:c6:2f:24:02:6e:
14:08:1a:f9:af:34:5c:e8:bc:46:ff:f9:d8:29:3e:e1:b4:96:
f9:6c:2d:6c:4b:bb:8d:09:3c:9e:02:db:8b:ba:dd:57:e8:10:
5e:d1:8f:89:a7:7c:21:93:84:19:fb:63:4d:23:b7:0b:34:56:
5b:90:cb:56:ef:2a:81:fa:3a:10:fc:36:32:21:d0:c0:e1:42:
df:4c:dd:dc:12:6b:19:aa:59:16:4e:9b:14:f2:86:06:ff:d9:
8d:8b:72:b5:16:73:26:8b:53:ae:91:ad:65:5e:e9:14:cc:c0:
ce:8c:50:24:89:d4:39:a8:a6:ec:ce:d0:64:12:7b:47:dd:56:
2c:98:3c:cb:38:2e:cc:e6:02:aa:0d:f5:a9:4b:c4:4c:11:bc:
70:8d:88:d5:63:08:04:ab:5b:69:28:54:35:3b:58:6e:ae:15:
ac:9e:ac:5c:35:a4:88:17:37:ad:ef:7d:10:88:25:69:97:50:
d5:15:a8:d2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUOkOfg1I+xM3OEwbp1pRXT0POcVkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWVjODA1ZTM3YzViNTMzNTFjNmExODI3NjM1MzBhNTBk
OTMwOGM3ZTAeFw0yNDEyMjUxMTE0NTdaFw0yNTEyMjQxMTE5NTdaMDMxMTAvBgNV
BAMTKDdDQjYxN0E3N0I0MjYxQzkzQzdFNjRCQkNEOUEyNDFBMzc4NzlBMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJuoqTx1OzeOHh6eu23104PMdS
3JfglLBbwnR6Qa92aTTpvrLB6x1LSNZAPm+VGzRfq2SN22bBbfphGVYyh4O2vlc0
D8xEjF1u8MLkUWCwe5O736QW1Hwqm5qm/jY49yK5gGUnQOuJZtWN4NE5lZi/WjGc
pu+5szM5T17Bddgx/m1sIw3OttuF60fntNVOXP94yCnwoJSz6vkoMgf2jZH3xSw3
Zsj9HLWDpfVbSckZDC0pqg6fDsNFU1epG2DKIltyjWeB0aRkOWZoBfhsn97BpRKH
3sEBzOOroLIlZrd8P0Nb6XBVflhmYS7zqomyBb093fx9Y+WaGb1hm10hPc/RAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUfLYXp3tCYck8fmS7zZokGjeHmiswHwYDVR0j
BBgwFoAUHsgF43xbUzUcahgnY1MKUNkwjH4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzMvMUVDODA1RTM3QzVCNTMzNTFDNkExODI3NjM1MzBBNTBEOTMwOEM3RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0hzZ0Y0M3hiVXpVY2FoZ25ZMU1LVU5r
d2pINC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzODYzM2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA2MMA0GCSqGSIb3DQEBCwUAA4IBAQAeGgVeIBXfrWT1Kb3ISe4x
dA5aptXIAdsolPBYgbhxFQjLgIlIBO43dxLubcw/I/w1pG1eugJsunN9GZFvgr6N
B88Uxi8kAm4UCBr5rzRc6LxG//nYKT7htJb5bC1sS7uNCTyeAtuLut1X6BBe0Y+J
p3whk4QZ+2NNI7cLNFZbkMtW7yqB+joQ/DYyIdDA4ULfTN3cEmsZqlkWTpsU8oYG
/9mNi3K1FnMmi1Ouka1lXukUzMDOjFAkidQ5qKbsztBkEntH3VYsmDzLOC7M5gKq
DfWpS8RMEbxwjYjVYwgEq1tpKFQ1O1hurhWsnqxcNaSIFzet730QiCVpl1DVFajS
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:44:19 2025 by rpki-client