Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/323630323a663966613a3a2f33362d3438203d3e203132383339.roa
File: 323630323a663966613a3a2f33362d3438203d3e203132383339.roa (raw, json)
Hash identifier: KB5IW4CbSuoOkgtd2rJCaS7SQDgxB1P+CSq45yfOs7s=
Subject key identifier: 57:E3:57:40:DB:FA:2C:D6:44:D3:0E:DA:66:DB:6A:9E:33:4D:0C:79
Certificate issuer: /CN=d90d8aba2a52e658722522ec42c626f029750e015dbdba418f
Certificate serial: 316FEE3513F35E252721E6B20985660C28B3342A
Authority key identifier: B7:3B:05:97:1A:1A:76:BD:F1:BC:61:A5:17:8B:00:B4:FF:71:BA:BB
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a52e658722522ec42c626f029750e015dbdba418f.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/323630323a663966613a3a2f33362d3438203d3e203132383339.roa
Signing time: Thu 20 Mar 2025 17:35:36 +0000
ROA not before: Thu 20 Mar 2025 17:30:36 +0000
ROA not after: Thu 19 Mar 2026 17:35:36 +0000
asID: 12839
IP address blocks: 2602:f9fa::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:6f:ee:35:13:f3:5e:25:27:21:e6:b2:09:85:66:0c:28:b3:34:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90d8aba2a52e658722522ec42c626f029750e015dbdba418f
Validity
Not Before: Mar 20 17:30:36 2025 GMT
Not After : Mar 19 17:35:36 2026 GMT
Subject: CN=57E35740DBFA2CD644D30EDA66DB6A9E334D0C79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:85:5d:85:43:16:0a:77:61:a0:ce:3b:ad:
b6:46:8c:46:84:98:03:e4:ae:30:1a:9a:a3:65:2a:
5c:3b:f8:fe:27:b5:7f:34:62:41:09:28:72:32:9f:
17:e4:5c:80:c1:2c:b4:36:db:de:a0:d8:df:9b:1b:
46:f3:ea:76:49:0a:9f:94:c8:2e:a9:e9:d4:7b:3e:
36:8a:4e:6e:ee:82:53:d2:55:a1:76:6a:a8:db:25:
c8:ed:ff:de:b1:09:be:51:14:db:6a:fe:53:cb:19:
6f:2f:2b:ab:3f:a4:e8:c1:55:b0:ac:bf:3a:4c:a5:
bd:c0:33:0c:51:8a:d0:86:fa:9b:7d:7a:21:99:f8:
b9:7d:00:ef:28:ea:3a:08:fc:55:9c:3e:0f:a3:b7:
27:ae:0f:c9:24:2b:f4:ed:eb:f6:d7:6b:0c:e0:21:
9d:4d:e9:14:72:67:ed:e2:a2:2b:24:b0:99:ba:65:
51:11:a8:00:ac:36:cc:87:8e:63:0f:18:96:94:82:
af:e5:dd:4f:e1:6b:53:19:8f:f5:b8:1d:ad:92:9d:
61:57:1a:63:56:4f:19:1e:df:a6:b3:9f:9e:aa:d7:
fd:6a:24:40:9b:d2:38:7e:e1:05:2f:51:cd:b2:ce:
c6:9d:5f:49:45:98:99:8d:01:e3:93:f4:2b:7e:07:
ad:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:E3:57:40:DB:FA:2C:D6:44:D3:0E:DA:66:DB:6A:9E:33:4D:0C:79
X509v3 Authority Key Identifier:
keyid:B7:3B:05:97:1A:1A:76:BD:F1:BC:61:A5:17:8B:00:B4:FF:71:BA:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/B73B05971A1A76BDF1BC61A5178B00B4FF71BABB.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/0ec17157-66de-4aab-85e7-28af4de430e2/d90d8aba2a52e658722522ec42c626f029750e015dbdba418f.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3b86cb77-69ac-43d9-9f6c-fc53066beb88/2/323630323a663966613a3a2f33362d3438203d3e203132383339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2602:f9fa::/36
Signature Algorithm: sha256WithRSAEncryption
6a:7b:d3:5b:7d:18:41:0a:62:69:2f:a0:1e:25:15:b8:f8:46:
a6:80:af:98:ca:6c:ea:17:5c:8e:bb:eb:6e:25:b8:15:4c:7d:
ef:14:68:db:94:8e:1e:1c:37:28:17:0a:1e:67:69:45:25:ea:
32:e4:f0:54:bf:66:cc:b4:56:76:e1:46:19:ec:8f:a3:28:11:
cb:18:79:17:61:6a:30:65:bc:25:55:a8:25:4c:28:09:22:35:
aa:7d:f0:ad:4e:ff:77:c0:74:18:7f:ed:ef:ce:23:0c:b2:e8:
2d:39:e4:8f:4f:ff:ae:81:24:51:a8:fd:68:d3:bb:82:b6:ef:
57:c4:bf:46:06:b2:ee:84:1c:09:60:56:b1:78:92:7b:e1:2d:
0a:78:d7:39:cd:e4:e6:e0:e0:81:82:02:75:8f:44:e3:7d:1a:
78:d5:2e:a9:a3:d4:06:72:67:bc:a3:1b:95:41:e0:3b:6b:d8:
15:1d:85:5c:24:54:cd:ed:58:55:3d:0f:13:3f:ba:0c:6c:b8:
cc:0f:e8:92:92:96:7b:68:78:b4:f2:d4:c7:46:85:be:6f:cc:
87:63:1c:e8:86:e6:eb:06:69:17:ee:7b:f9:89:1a:13:d4:5f:
f5:86:06:37:9f:7e:de:dc:dd:d8:b8:dc:81:a1:c8:ae:23:18:
8e:1c:9f:c0
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgIUMW/uNRPzXiUnIeayCYVmDCizNCowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZDkwZDhhYmEyYTUyZTY1ODcyMjUyMmVjNDJjNjI2ZjAy
OTc1MGUwMTVkYmRiYTQxOGYwHhcNMjUwMzIwMTczMDM2WhcNMjYwMzE5MTczNTM2
WjAzMTEwLwYDVQQDEyg1N0UzNTc0MERCRkEyQ0Q2NDREMzBFREE2NkRCNkE5RTMz
NEQwQzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto+FXYVDFgp3
YaDOO622RoxGhJgD5K4wGpqjZSpcO/j+J7V/NGJBCShyMp8X5FyAwSy0NtveoNjf
mxtG8+p2SQqflMguqenUez42ik5u7oJT0lWhdmqo2yXI7f/esQm+URTbav5Tyxlv
LyurP6TowVWwrL86TKW9wDMMUYrQhvqbfXohmfi5fQDvKOo6CPxVnD4Po7cnrg/J
JCv07ev212sM4CGdTekUcmft4qIrJLCZumVREagArDbMh45jDxiWlIKv5d1P4WtT
GY/1uB2tkp1hVxpjVk8ZHt+ms5+eqtf9aiRAm9I4fuEFL1HNss7GnV9JRZiZjQHj
k/QrfgetkwIDAQABo4ICzTCCAskwHQYDVR0OBBYEFFfjV0Db+izWRNMO2mbbap4z
TQx5MB8GA1UdIwQYMBaAFLc7BZcaGna98bxhpReLALT/cbq7MA4GA1UdDwEB/wQE
AwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3JzeW5jLnBhYXMu
cnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzNiODZjYjc3LTY5YWMtNDNkOS05ZjZj
LWZjNTMwNjZiZWI4OC8yL0I3M0IwNTk3MUExQTc2QkRGMUJDNjFBNTE3OEIwMEI0
RkY3MUJBQkIuY3JsMIHzBggrBgEFBQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNy
c3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0
YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2Et
NGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8wZWMxNzE1Ny02NmRlLTRhYWItODVlNy0y
OGFmNGRlNDMwZTIvZDkwZDhhYmEyYTUyZTY1ODcyMjUyMmVjNDJjNjI2ZjAyOTc1
MGUwMTVkYmRiYTQxOGYuY2VyMIGrBggrBgEFBQcBCwSBnjCBmzCBmAYIKwYBBQUH
MAuGgYtyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
LzNiODZjYjc3LTY5YWMtNDNkOS05ZjZjLWZjNTMwNjZiZWI4OC8yLzMyMzYzMDMy
M2E2NjM5NjY2MTNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMxMzIzODMzMzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQmAvn6ADANBgkqhkiG9w0BAQsFAAOCAQEAanvTW30YQQpiaS+gHiUV
uPhGpoCvmMps6hdcjrvrbiW4FUx97xRo25SOHhw3KBcKHmdpRSXqMuTwVL9mzLRW
duFGGeyPoygRyxh5F2FqMGW8JVWoJUwoCSI1qn3wrU7/d8B0GH/t784jDLLoLTnk
j0//roEkUaj9aNO7grbvV8S/Rgay7oQcCWBWsXiSe+EtCnjXOc3k5uDggYICdY9E
430aeNUuqaPUBnJnvKMblUHgO2vYFR2FXCRUze1YVT0PEz+6DGy4zA/okpKWe2h4
tPLUx0aFvm/Mh2Mc6Ibm6wZpF+57+YkaE9Rf9YYGN59+3tzd2LjcgaHIriMYjhyf
wA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:42 2025 by rpki-client