Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa
File: 326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa (raw, json)
Hash identifier: d6ms+CWZuDscVXHj6eNPGqO+N8MPtCRQHjxf1HtjfgA=
Subject key identifier: 42:72:FF:FB:C4:3E:88:B9:50:29:EA:CF:A4:3C:4F:96:E4:76:87:4B
Certificate issuer: /CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Certificate serial: 436ECFD5FF6F2AE4639DC1C72EBDFD96EBC1C894
Authority key identifier: 08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa
Signing time: Sat 08 Feb 2025 17:08:06 +0000
ROA not before: Sat 08 Feb 2025 17:03:06 +0000
ROA not after: Sat 07 Feb 2026 17:08:06 +0000
asID: 50385
IP address blocks: 2a14:7581:8000::/36 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:6e:cf:d5:ff:6f:2a:e4:63:9d:c1:c7:2e:bd:fd:96:eb:c1:c8:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0874801164DC95F0AB9CCD4BD304A3EF78E9F39B
Validity
Not Before: Feb 8 17:03:06 2025 GMT
Not After : Feb 7 17:08:06 2026 GMT
Subject: CN=4272FFFBC43E88B95029EACFA43C4F96E476874B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:a7:83:3c:16:2f:a2:f0:95:97:04:2e:60:68:
32:ca:73:fb:4c:96:b8:84:51:11:8d:72:58:12:b8:
6c:0c:23:cb:70:04:9a:53:17:a3:c3:9a:65:95:df:
72:77:af:e8:6d:3a:c1:71:bd:cb:42:a6:51:51:33:
8b:4a:b6:b3:ef:fd:50:10:41:10:20:88:63:9c:49:
45:f5:c9:12:5a:12:e0:6a:94:4f:2a:56:ce:bc:27:
30:aa:cf:07:5f:27:7d:eb:cb:69:f5:df:a9:1c:40:
28:5e:10:5d:0a:fb:19:41:da:c1:e4:39:ed:8e:6c:
6f:ab:dc:8a:be:95:8a:ad:dc:dd:17:b0:f0:82:2e:
5e:c8:88:eb:d6:aa:2d:33:61:6b:e2:34:b9:3e:3a:
3e:e5:c9:85:b0:6a:72:64:77:fa:d5:29:4e:a9:6d:
ee:b1:04:17:f1:ff:93:58:47:1f:48:d9:50:6a:1d:
0e:70:ac:0d:64:d0:4d:9e:41:54:a4:cc:d0:23:f7:
0b:1c:85:fd:13:9b:9e:e7:92:13:79:80:53:a7:42:
8e:76:46:d7:bb:c9:39:ac:34:12:af:59:a0:78:17:
5c:b0:78:57:93:0a:80:44:5a:91:fd:6e:c9:f4:12:
f2:d1:95:e6:ea:3c:c4:73:56:b1:1f:21:72:47:04:
33:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:72:FF:FB:C4:3E:88:B9:50:29:EA:CF:A4:3C:4F:96:E4:76:87:4B
X509v3 Authority Key Identifier:
keyid:08:74:80:11:64:DC:95:F0:AB:9C:CD:4B:D3:04:A3:EF:78:E9:F3:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/0874801164DC95F0AB9CCD4BD304A3EF78E9F39B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3c8e4e11-3aca-4305-acd4-f05e6c909115/1/326131343a373538313a383030303a3a2f33362d3430203d3e203530333835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:8000::/36
Signature Algorithm: sha256WithRSAEncryption
9b:57:3c:54:ca:50:e6:59:f7:5f:b4:51:7c:c2:08:2e:a1:2f:
83:1f:0b:06:4f:a2:b4:81:20:69:01:82:2a:e7:08:cf:7a:9d:
0e:0c:59:e2:02:e3:cd:15:c1:a6:51:bf:6d:98:cb:a8:96:5b:
65:33:01:51:18:02:4d:1d:89:f4:86:b3:2e:dd:0e:a8:16:ba:
71:ed:f2:10:b9:f9:17:1e:89:dd:29:b0:15:d1:95:a3:24:2e:
21:31:b2:1e:74:7e:dd:71:a0:6e:31:00:6d:fe:03:76:74:90:
0b:83:fd:5f:db:39:43:a5:52:05:a3:f5:34:48:7d:a6:b5:9d:
57:14:e7:c1:10:a3:da:6c:14:0d:a4:44:de:b5:cd:97:64:27:
aa:97:a1:31:43:e1:2e:f4:3f:b2:1a:dd:66:6d:c0:e7:5a:79:
7d:63:70:aa:f8:5f:de:25:85:4e:b0:cc:9c:11:bd:56:90:8e:
55:cc:8b:14:29:36:b8:87:f0:4c:53:5c:71:37:a0:7f:57:45:
9b:86:8f:7a:42:79:61:af:f6:1c:6f:84:bb:03:07:cf:c9:ac:
29:4e:dc:e0:9b:c6:55:31:00:ff:4b:a5:62:e5:15:f0:84:ad:
37:1a:b1:e3:40:6a:50:bd:fb:be:be:01:84:ad:8e:a6:1f:f3:
dc:c7:be:68
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUQ27P1f9vKuRjncHHLr39luvByJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3
OEU5RjM5QjAeFw0yNTAyMDgxNzAzMDZaFw0yNjAyMDcxNzA4MDZaMDMxMTAvBgNV
BAMTKDQyNzJGRkZCQzQzRTg4Qjk1MDI5RUFDRkE0M0M0Rjk2RTQ3Njg3NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxp4M8Fi+i8JWXBC5gaDLKc/tM
lriEURGNclgSuGwMI8twBJpTF6PDmmWV33J3r+htOsFxvctCplFRM4tKtrPv/VAQ
QRAgiGOcSUX1yRJaEuBqlE8qVs68JzCqzwdfJ33ry2n136kcQCheEF0K+xlB2sHk
Oe2ObG+r3Iq+lYqt3N0XsPCCLl7IiOvWqi0zYWviNLk+Oj7lyYWwanJkd/rVKU6p
be6xBBfx/5NYRx9I2VBqHQ5wrA1k0E2eQVSkzNAj9wschf0Tm57nkhN5gFOnQo52
Rte7yTmsNBKvWaB4F1yweFeTCoBEWpH9bsn0EvLRlebqPMRzVrEfIXJHBDNXAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUQnL/+8Q+iLlQKerPpDxPluR2h0swHwYDVR0j
BBgwFoAUCHSAEWTclfCrnM1L0wSj73jp85swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2M4ZTRlMTEtM2FjYS00MzA1LWFjZDQtZjA1ZTZjOTA5
MTE1LzEvMDg3NDgwMTE2NERDOTVGMEFCOUNDRDRCRDMwNEEzRUY3OEU5RjM5Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8wODc0ODAxMTY0REM5NUYwQUI5Q0NENEJE
MzA0QTNFRjc4RTlGMzlCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zYzhlNGUxMS0zYWNhLTQzMDUtYWNkNC1mMDVlNmM5MDkxMTUvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM4MzAzMDMwM2EzYTJmMzMzNjJkMzQzMDIwM2QzZTIwMzUz
MDMzMzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGBCoUdYGAMA0GCSqGSIb3DQEBCwUAA4IBAQCbVzxU
ylDmWfdftFF8wgguoS+DHwsGT6K0gSBpAYIq5wjPep0ODFniAuPNFcGmUb9tmMuo
lltlMwFRGAJNHYn0hrMu3Q6oFrpx7fIQufkXHondKbAV0ZWjJC4hMbIedH7dcaBu
MQBt/gN2dJALg/1f2zlDpVIFo/U0SH2mtZ1XFOfBEKPabBQNpETetc2XZCeql6Ex
Q+Eu9D+yGt1mbcDnWnl9Y3Cq+F/eJYVOsMycEb1WkI5VzIsUKTa4h/BMU1xxN6B/
V0Wbho96Qnlhr/Ycb4S7AwfPyawpTtzgm8ZVMQD/S6Vi5RXwhK03GrHjQGpQvfu+
vgGErY6mH/Pcx75o
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:55:04 2025 by rpki-client