Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062613a3a2f34382d3438203d3e203437323732.roa
File: 326131313a323963303a393062613a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: HfKa26sY8JJ8quPG4txmHtChcHBOM0mSm+VgLTL53u0=
Subject key identifier: 63:28:AC:D1:E6:03:4A:05:B9:E6:15:0E:96:24:17:2C:AC:A5:18:69
Certificate issuer: /CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Certificate serial: 227B6C87A2B6BB992B9B828800833E3C6E050152
Authority key identifier: D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062613a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 10:57:29 +0000
ROA not before: Sun 26 Nov 2023 10:52:29 +0000
ROA not after: Sun 24 Nov 2024 10:57:29 +0000
asID: 47272
IP address blocks: 2a11:29c0:90ba::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:7b:6c:87:a2:b6:bb:99:2b:9b:82:88:00:83:3e:3c:6e:05:01:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Validity
Not Before: Nov 26 10:52:29 2023 GMT
Not After : Nov 24 10:57:29 2024 GMT
Subject: CN=6328ACD1E6034A05B9E6150E9624172CACA51869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:90:d2:be:bf:eb:60:28:aa:16:50:4e:ad:f3:
23:11:c6:9d:9b:76:b0:d9:b4:5c:ea:df:e2:13:80:
82:fd:71:2c:cb:bb:58:8e:77:82:61:2b:bc:a1:c1:
e8:19:47:61:5f:f5:78:8e:5e:81:9d:00:a9:10:b4:
65:9c:98:b4:96:2a:db:ba:12:3f:f4:34:27:e3:55:
5a:a5:66:37:a9:f5:3f:8f:2c:20:48:1f:3f:a2:c5:
e6:a1:9f:f9:0c:6c:17:30:53:c8:b0:1c:20:c6:12:
94:c2:50:8f:44:58:73:f8:36:5d:7b:89:db:c3:a2:
da:98:2f:09:ce:ca:6e:95:0b:5d:c4:b2:ca:61:10:
0b:36:ec:f5:10:29:fc:48:72:d2:ac:55:97:76:a7:
7b:51:65:85:9e:c5:7c:75:1c:e5:42:82:2a:9c:a2:
1a:e0:a9:71:ed:8b:d5:fe:da:ed:73:2c:e2:75:04:
62:f6:ba:04:46:31:f7:43:2b:54:cf:62:3b:f5:14:
4b:aa:be:2c:e0:a4:a0:c8:97:90:87:ed:b7:0b:2e:
34:8c:86:4e:71:d5:8a:eb:ea:7a:88:0f:88:bd:34:
3b:e7:68:99:49:e0:3e:90:f3:1c:80:01:51:18:e7:
03:ce:30:e9:c6:9e:ea:74:10:81:ab:d2:01:37:ae:
96:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:28:AC:D1:E6:03:4A:05:B9:E6:15:0E:96:24:17:2C:AC:A5:18:69
X509v3 Authority Key Identifier:
keyid:D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062613a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:90ba::/48
Signature Algorithm: sha256WithRSAEncryption
64:35:c1:08:e8:23:c8:9b:ee:b8:5d:44:63:43:a4:a0:36:96:
6e:14:97:71:74:e1:2a:83:42:6c:8f:bc:77:6e:3f:35:39:76:
41:40:ac:b7:1a:d9:dd:82:df:31:a8:75:fa:5b:14:11:04:c8:
6f:21:85:db:b7:1e:4c:09:3c:9a:3e:8a:44:9f:e0:94:d9:95:
fe:fa:34:64:4a:db:54:08:3c:e7:a8:d8:6d:20:59:b3:fd:a3:
2e:9d:46:91:db:1e:fc:bc:e4:00:6c:04:e2:5e:29:62:e5:77:
e6:8b:84:60:9f:21:e0:c7:58:e3:d2:4f:c8:ec:80:82:ca:cc:
4d:8e:00:53:60:34:2e:3b:d1:88:7a:28:7a:a9:af:ee:6a:13:
00:6b:cf:14:0f:d6:f5:ca:72:56:b1:49:da:d0:44:fb:4d:40:
5e:42:95:db:27:5b:33:51:2a:b9:3d:ba:bf:e6:2c:5c:0d:84:
ec:9c:86:af:92:85:ec:ff:7a:e0:61:cb:22:96:28:a2:91:6d:
64:97:da:fc:5f:04:c3:20:5f:5a:0d:b9:0e:80:60:42:a9:c6:
54:f7:f5:41:53:eb:b1:7a:d6:c6:e7:e4:eb:b1:70:31:66:87:
1e:21:e1:ee:6e:ab:e6:61:6b:af:31:39:8b:bb:40:9f:45:b7:
a7:9e:02:56
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUIntsh6K2u5krm4KIAIM+PG4FAVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZE
QUUxRTJFRDAeFw0yMzExMjYxMDUyMjlaFw0yNDExMjQxMDU3MjlaMDMxMTAvBgNV
BAMTKDYzMjhBQ0QxRTYwMzRBMDVCOUU2MTUwRTk2MjQxNzJDQUNBNTE4NjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfkNK+v+tgKKoWUE6t8yMRxp2b
drDZtFzq3+ITgIL9cSzLu1iOd4JhK7yhwegZR2Ff9XiOXoGdAKkQtGWcmLSWKtu6
Ej/0NCfjVVqlZjep9T+PLCBIHz+ixeahn/kMbBcwU8iwHCDGEpTCUI9EWHP4Nl17
idvDotqYLwnOym6VC13EssphEAs27PUQKfxIctKsVZd2p3tRZYWexXx1HOVCgiqc
ohrgqXHti9X+2u1zLOJ1BGL2ugRGMfdDK1TPYjv1FEuqvizgpKDIl5CH7bcLLjSM
hk5x1Yrr6nqID4i9NDvnaJlJ4D6Q8xyAAVEY5wPOMOnGnup0EIGr0gE3rpb7AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUYyis0eYDSgW55hUOliQXLKylGGkwHwYDVR0j
BBgwFoAU05hCm0l9ONvsfvFISLdO1trh4u0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzc2NThhZWMtMGQ0MC00OTBlLWJiNjMtMzQzZTQ2YzNh
MTdhLzIvRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZEQUUxRTJFRC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9EMzk4NDI5QjQ5N0QzOERCRUM3RUYxNDg0
OEI3NEVENkRBRTFFMkVELmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zNzY1OGFlYy0wZDQwLTQ5MGUtYmI2My0zNDNlNDZjM2ExN2EvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzA2MjYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoRKcCQujANBgkqhkiG9w0BAQsFAAOCAQEAZDXB
COgjyJvuuF1EY0OkoDaWbhSXcXThKoNCbI+8d24/NTl2QUCstxrZ3YLfMah1+lsU
EQTIbyGF27ceTAk8mj6KRJ/glNmV/vo0ZErbVAg856jYbSBZs/2jLp1Gkdse/Lzk
AGwE4l4pYuV35ouEYJ8h4MdY49JPyOyAgsrMTY4AU2A0LjvRiHooeqmv7moTAGvP
FA/W9cpyVrFJ2tBE+01AXkKV2ydbM1EquT26v+YsXA2E7JyGr5KF7P964GHLIpYo
opFtZJfa/F8EwyBfWg25DoBgQqnGVPf1QVPrsXrWxufk67FwMWaHHiHh7m6r5mFr
rzE5i7tAn0W3p54CVg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:59 2024 by rpki-client on console-ams.rpki-client.org