Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
File: 323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa (raw, json)
Hash identifier: qsZmRVCIb9xrptyGq4LMD66U0ZsMiSdaKtlFWDj+fOk=
Subject key identifier: 96:DA:B9:01:2A:04:00:8D:6E:26:B0:EC:DD:55:3D:35:3F:A6:BC:8D
Certificate issuer: /CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Certificate serial: 25025129C769BF971429058E1D80176FF64AB779
Authority key identifier: 1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
Signing time: Wed 25 Dec 2024 11:19:57 +0000
ROA not before: Wed 25 Dec 2024 11:14:57 +0000
ROA not after: Wed 24 Dec 2025 11:19:57 +0000
asID: 47272
IP address blocks: 2001:67c:d90::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:02:51:29:c7:69:bf:97:14:29:05:8e:1d:80:17:6f:f6:4a:b7:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ec805e37c5b53351c6a182763530a50d9308c7e
Validity
Not Before: Dec 25 11:14:57 2024 GMT
Not After : Dec 24 11:19:57 2025 GMT
Subject: CN=96DAB9012A04008D6E26B0ECDD553D353FA6BC8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:2a:68:46:53:6c:d5:5f:3d:5e:53:cd:39:
d8:0b:d3:ee:12:12:cc:c7:9a:a7:eb:61:8c:5a:10:
f2:83:16:6f:f1:c9:b3:ee:f9:1f:b0:06:ac:bb:63:
62:19:13:9d:d9:e4:68:2e:c9:dc:0d:09:a7:90:8d:
5c:ba:b7:6e:34:98:59:c6:4e:b2:cc:2d:ea:f0:9b:
48:4c:6b:79:d8:80:8f:37:da:df:40:2d:e9:14:b4:
a4:48:4b:eb:2a:54:1b:cc:9f:75:1f:40:26:86:e4:
c7:da:e3:6c:06:11:0a:a1:34:90:5e:a9:af:bf:ac:
bb:ea:ea:08:2a:ef:1d:5b:20:dc:d2:f9:a9:64:cf:
35:06:b1:58:63:34:c8:f3:5d:15:59:d6:7e:19:4f:
e3:17:fe:08:05:74:76:7c:77:fc:5c:42:c5:39:c5:
5c:39:1a:ac:5d:93:77:91:16:64:b2:71:77:87:b6:
1b:8c:6e:12:7d:71:42:46:3c:29:91:a7:76:88:32:
f3:be:40:c1:ac:fd:32:b3:94:b1:aa:5c:3a:14:b8:
9e:33:5b:57:d3:1d:4b:bf:9e:b3:ad:b2:b7:76:e9:
92:f4:5d:b9:54:4c:7c:f5:b5:57:a7:45:60:ba:1d:
0d:40:53:8b:18:a4:95:a7:3b:85:59:8b:e1:e5:29:
27:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DA:B9:01:2A:04:00:8D:6E:26:B0:EC:DD:55:3D:35:3F:A6:BC:8D
X509v3 Authority Key Identifier:
keyid:1E:C8:05:E3:7C:5B:53:35:1C:6A:18:27:63:53:0A:50:D9:30:8C:7E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/1EC805E37C5B53351C6A182763530A50D9308C7E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HsgF43xbUzUcahgnY1MKUNkwjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/3/323030313a3637633a6439303a3a2f34382d313238203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d90::/48
Signature Algorithm: sha256WithRSAEncryption
81:22:c5:10:97:74:be:69:6e:4b:af:6d:fb:9d:53:cf:fb:aa:
55:c2:ca:52:e0:ca:18:a3:9a:f4:df:e2:86:07:26:22:fb:8e:
f1:46:17:9d:36:15:08:bf:d6:e2:26:c6:04:d9:67:ea:14:3c:
3c:44:b7:fc:63:cf:77:f5:fc:0f:03:cf:b0:21:b8:d2:ab:45:
8a:2a:4d:de:32:96:07:fb:45:b5:48:43:a8:2e:98:70:1c:93:
03:0f:73:39:8f:6b:5b:0a:63:fc:e0:9d:92:7c:1b:8b:cb:1b:
1b:ee:5c:ef:e8:87:09:42:af:5a:9d:7e:a1:bb:f9:dc:e9:7e:
fa:59:e4:6f:c7:8d:5f:af:73:0b:3f:19:83:f5:1d:f0:e2:4a:
e7:33:36:30:02:09:39:1e:82:25:9d:70:5b:0e:7b:15:71:ea:
1e:10:84:c4:16:72:fd:14:a9:64:41:0c:b9:aa:2d:09:ce:a6:
df:03:7f:76:76:ee:e5:e2:8c:03:a3:99:e5:05:cc:06:9e:ac:
bd:f5:24:11:d1:cb:ca:c3:73:53:f5:fc:a5:bf:d2:0f:ee:14:
05:78:3e:cb:f0:82:11:7f:86:40:11:17:4e:be:a3:8b:47:8b:
bf:b5:a5:17:d1:b5:e7:a0:91:85:e6:c6:98:f0:a9:4f:d0:61:
44:16:a5:54
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUJQJRKcdpv5cUKQWOHYAXb/ZKt3kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMWVjODA1ZTM3YzViNTMzNTFjNmExODI3NjM1MzBhNTBk
OTMwOGM3ZTAeFw0yNDEyMjUxMTE0NTdaFw0yNTEyMjQxMTE5NTdaMDMxMTAvBgNV
BAMTKDk2REFCOTAxMkEwNDAwOEQ2RTI2QjBFQ0RENTUzRDM1M0ZBNkJDOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvjipoRlNs1V89XlPNOdgL0+4S
EszHmqfrYYxaEPKDFm/xybPu+R+wBqy7Y2IZE53Z5GguydwNCaeQjVy6t240mFnG
TrLMLerwm0hMa3nYgI832t9ALekUtKRIS+sqVBvMn3UfQCaG5Mfa42wGEQqhNJBe
qa+/rLvq6ggq7x1bINzS+alkzzUGsVhjNMjzXRVZ1n4ZT+MX/ggFdHZ8d/xcQsU5
xVw5Gqxdk3eRFmSycXeHthuMbhJ9cUJGPCmRp3aIMvO+QMGs/TKzlLGqXDoUuJ4z
W1fTHUu/nrOtsrd26ZL0XblUTHz1tVenRWC6HQ1AU4sYpJWnO4VZi+HlKSfRAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUltq5ASoEAI1uJrDs3VU9NT+mvI0wHwYDVR0j
BBgwFoAUHsgF43xbUzUcahgnY1MKUNkwjH4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzMvMUVDODA1RTM3QzVCNTMzNTFDNkExODI3NjM1MzBBNTBEOTMwOEM3RS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0hzZ0Y0M3hiVXpVY2FoZ25ZMU1LVU5r
d2pINC5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMt
ZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1YzdkLzMvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzOTMwM2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA2QMA0GCSqGSIb3DQEBCwUAA4IBAQCBIsUQl3S+aW5Lr237nVPP
+6pVwspS4MoYo5r03+KGByYi+47xRhedNhUIv9biJsYE2WfqFDw8RLf8Y8939fwP
A8+wIbjSq0WKKk3eMpYH+0W1SEOoLphwHJMDD3M5j2tbCmP84J2SfBuLyxsb7lzv
6IcJQq9anX6hu/nc6X76WeRvx41fr3MLPxmD9R3w4krnMzYwAgk5HoIlnXBbDnsV
ceoeEITEFnL9FKlkQQy5qi0JzqbfA392du7l4owDo5nlBcwGnqy99SQR0cvKw3NT
9fylv9IP7hQFeD7L8IIRf4ZAERdOvqOLR4u/taUX0bXnoJGF5saY8KlP0GFEFqVU
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:45:30 2025 by rpki-client