Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393030353a3a2f34382d3438203d3e203437323732.roa
File: 326131313a323963303a393030353a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: LMuOZNed2WzLuww6OZQgdJR59kPdhPSMItpD7xJ1L8s=
Subject key identifier: 28:9E:11:43:D6:A1:16:8F:91:AA:1A:6B:63:F7:63:79:2A:3E:BC:8F
Certificate issuer: /CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Certificate serial: 66C602B9FAD589306C32CA7AF936F01E4A53633D
Authority key identifier: D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393030353a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 10:57:29 +0000
ROA not before: Sun 26 Nov 2023 10:52:29 +0000
ROA not after: Sun 24 Nov 2024 10:57:29 +0000
asID: 47272
IP address blocks: 2a11:29c0:9005::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:c6:02:b9:fa:d5:89:30:6c:32:ca:7a:f9:36:f0:1e:4a:53:63:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Validity
Not Before: Nov 26 10:52:29 2023 GMT
Not After : Nov 24 10:57:29 2024 GMT
Subject: CN=289E1143D6A1168F91AA1A6B63F763792A3EBC8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:32:81:5f:e3:9f:60:ac:e2:c8:76:d8:5c:ef:
89:8a:76:12:bb:cb:a6:08:7f:e9:6e:4b:54:67:2d:
06:32:08:ec:c5:17:8b:9a:ef:a5:3e:d8:ee:72:bb:
f3:d7:aa:34:53:2a:b9:b4:bd:38:bf:f6:4c:65:5d:
20:45:f9:c1:23:21:a6:55:1f:66:39:b6:11:46:82:
54:fa:b1:23:77:d1:f6:bf:bc:82:e4:cc:d5:14:98:
9a:b6:2d:0b:8f:9b:d5:c8:7b:e2:7f:ec:48:87:1d:
3e:51:d8:4e:fb:f8:ec:a9:a9:5e:c6:54:01:e1:9d:
39:d4:20:54:af:eb:a7:2c:8c:02:18:ac:14:0a:36:
eb:8b:62:3d:f7:ce:86:f4:6c:9e:da:8f:ea:c7:70:
63:d5:a4:02:f1:97:e9:71:8f:06:37:c0:77:68:55:
69:f6:d3:0f:68:27:9b:be:64:82:af:64:ac:3b:7c:
fd:25:03:df:a0:fe:1d:08:16:4c:0b:eb:82:61:9d:
1c:f9:08:91:6c:76:7c:ef:9f:1f:44:d1:ea:f7:2d:
4c:15:6c:d8:b6:c5:c1:9e:ec:95:70:a6:05:08:c3:
66:c1:c4:bb:5d:ea:05:ff:cd:1c:97:dc:8a:2c:83:
a3:1b:36:13:e6:b9:e8:4c:e1:24:92:9e:c8:37:0b:
8a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9E:11:43:D6:A1:16:8F:91:AA:1A:6B:63:F7:63:79:2A:3E:BC:8F
X509v3 Authority Key Identifier:
keyid:D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393030353a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9005::/48
Signature Algorithm: sha256WithRSAEncryption
5a:10:44:ce:48:75:27:af:54:b4:21:71:cd:25:b2:20:6f:a9:
63:ea:31:c6:8b:aa:66:ac:c5:13:04:56:ed:9a:9d:b1:2e:92:
7d:c9:0d:51:51:ad:e8:5a:08:f7:29:da:5e:e6:8b:ef:71:96:
61:83:dd:84:60:88:e8:ed:80:70:71:46:cf:b1:d0:e9:16:24:
50:c6:2d:b6:11:8e:e8:c1:f9:3d:8f:7b:14:09:59:5b:eb:e4:
6d:61:b7:17:9b:82:e9:e3:77:35:4f:b3:35:7d:1e:c0:e6:cb:
d8:3b:c0:45:11:b9:86:e2:c9:f3:6c:d8:58:cd:64:b2:66:95:
59:bb:66:1d:15:85:f5:36:be:8b:b0:f1:60:9d:4a:db:94:88:
1c:6c:29:82:96:bd:a8:78:af:16:18:0f:90:db:07:b2:ca:c2:
1c:47:0d:d8:c6:6f:90:c8:1f:42:29:56:e6:44:ba:37:29:4c:
06:89:ed:ac:d5:44:11:d4:1e:8b:e3:8a:bf:d7:d8:5d:c7:43:
3f:4f:7a:b0:c9:82:da:73:ae:93:ce:50:87:d3:55:48:22:db:
f1:65:5e:d8:44:3a:42:ac:10:89:09:e8:84:29:63:5a:29:28:
8c:2f:6c:32:31:43:ea:11:54:9d:46:1e:28:b3:48:ad:21:54:
a9:a8:38:fb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUZsYCufrViTBsMsp6+TbwHkpTYz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZE
QUUxRTJFRDAeFw0yMzExMjYxMDUyMjlaFw0yNDExMjQxMDU3MjlaMDMxMTAvBgNV
BAMTKDI4OUUxMTQzRDZBMTE2OEY5MUFBMUE2QjYzRjc2Mzc5MkEzRUJDOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3MoFf459grOLIdthc74mKdhK7
y6YIf+luS1RnLQYyCOzFF4ua76U+2O5yu/PXqjRTKrm0vTi/9kxlXSBF+cEjIaZV
H2Y5thFGglT6sSN30fa/vILkzNUUmJq2LQuPm9XIe+J/7EiHHT5R2E77+OypqV7G
VAHhnTnUIFSv66csjAIYrBQKNuuLYj33zob0bJ7aj+rHcGPVpALxl+lxjwY3wHdo
VWn20w9oJ5u+ZIKvZKw7fP0lA9+g/h0IFkwL64JhnRz5CJFsdnzvnx9E0er3LUwV
bNi2xcGe7JVwpgUIw2bBxLtd6gX/zRyX3Iosg6MbNhPmuehM4SSSnsg3C4o3AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUKJ4RQ9ahFo+RqhprY/djeSo+vI8wHwYDVR0j
BBgwFoAU05hCm0l9ONvsfvFISLdO1trh4u0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzc2NThhZWMtMGQ0MC00OTBlLWJiNjMtMzQzZTQ2YzNh
MTdhLzIvRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZEQUUxRTJFRC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9EMzk4NDI5QjQ5N0QzOERCRUM3RUYxNDg0
OEI3NEVENkRBRTFFMkVELmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zNzY1OGFlYy0wZDQwLTQ5MGUtYmI2My0zNDNlNDZjM2ExN2EvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzAzMDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoRKcCQBTANBgkqhkiG9w0BAQsFAAOCAQEAWhBE
zkh1J69UtCFxzSWyIG+pY+oxxouqZqzFEwRW7ZqdsS6SfckNUVGt6FoI9ynaXuaL
73GWYYPdhGCI6O2AcHFGz7HQ6RYkUMYtthGO6MH5PY97FAlZW+vkbWG3F5uC6eN3
NU+zNX0ewObL2DvARRG5huLJ82zYWM1ksmaVWbtmHRWF9Ta+i7DxYJ1K25SIHGwp
gpa9qHivFhgPkNsHssrCHEcN2MZvkMgfQilW5kS6NylMBontrNVEEdQei+OKv9fY
XcdDP096sMmC2nOuk85Qh9NVSCLb8WVe2EQ6QqwQiQnohCljWikojC9sMjFD6hFU
nUYeKLNIrSFUqag4+w==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:34:12 2025 by rpki-client