Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330303a3a2f34382d3438203d3e20313531373034.roa
File: 326130623a346530373a316330303a3a2f34382d3438203d3e20313531373034.roa (raw, json)
Hash identifier: lmNISwXtJNWjiKcmw5GjTGP7+E6qXcw7mfSumJB2dso=
Subject key identifier: 39:97:11:88:DC:27:56:D9:63:E5:6C:47:BC:A5:BA:19:DF:AD:55:34
Certificate issuer: /CN=2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297
Certificate serial: 681F45C497C734313B600CC395752437F0762131
Authority key identifier: 2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330303a3a2f34382d3438203d3e20313531373034.roa
Signing time: Tue 08 Oct 2024 02:36:19 +0000
ROA not before: Tue 08 Oct 2024 02:31:19 +0000
ROA not after: Tue 07 Oct 2025 02:36:19 +0000
asID: 151704
IP address blocks: 2a0b:4e07:1c00::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:1f:45:c4:97:c7:34:31:3b:60:0c:c3:95:75:24:37:f0:76:21:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297
Validity
Not Before: Oct 8 02:31:19 2024 GMT
Not After : Oct 7 02:36:19 2025 GMT
Subject: CN=39971188DC2756D963E56C47BCA5BA19DFAD5534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:94:f3:03:af:d2:08:01:62:2b:86:9d:db:
a4:c0:cd:39:83:00:c6:57:76:8b:c6:3c:cf:a4:52:
c3:86:03:ef:63:fe:33:9f:03:c6:05:65:57:ca:cd:
91:93:a0:48:87:96:92:c6:d9:35:88:8e:15:78:0e:
72:08:af:ed:dc:4e:e2:b7:cb:c5:bd:00:12:ad:96:
b8:ad:60:e2:18:ea:2b:da:55:c4:4f:4e:b8:2c:2b:
4e:66:dd:2c:01:da:57:48:be:b7:fc:aa:f6:2b:9c:
48:ab:cb:a0:4d:89:75:c8:87:9c:94:81:71:6f:07:
69:b0:a9:07:76:6b:37:73:c6:1d:17:b6:46:4d:99:
72:fe:e3:2f:70:89:0b:7f:aa:7f:fe:af:88:ff:5b:
29:e0:c0:ba:4c:1c:b3:68:3a:77:52:ff:e6:0f:44:
cb:33:bd:66:00:25:70:7c:49:6a:a7:72:44:92:83:
ac:17:e6:d4:fc:a1:db:86:d0:39:87:4d:f0:c1:a6:
8c:04:6f:bb:1d:43:f9:e0:0a:93:41:41:7a:53:a2:
04:0e:ac:de:18:d3:85:68:ed:83:5c:26:2b:c0:b9:
6a:53:7d:d7:7a:09:44:91:44:25:09:d3:49:0a:11:
47:5d:b0:4c:ea:b3:82:34:34:f2:3a:04:45:29:7b:
b9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:97:11:88:DC:27:56:D9:63:E5:6C:47:BC:A5:BA:19:DF:AD:55:34
X509v3 Authority Key Identifier:
keyid:2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330303a3a2f34382d3438203d3e20313531373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:1c00::/48
Signature Algorithm: sha256WithRSAEncryption
a4:12:5b:78:b5:b1:d9:97:f1:24:f8:2c:7d:68:2b:43:d9:fe:
70:d4:61:54:f0:5c:3e:9c:26:db:3f:1d:bc:90:29:bb:4e:e0:
83:f9:98:a9:a4:67:fb:30:4f:67:61:ba:8e:ee:84:c2:0f:c1:
c5:07:d5:3c:52:31:30:fa:28:0d:28:d3:b3:4d:4b:ef:38:fb:
b1:f0:e2:17:8a:69:a1:bf:94:c5:86:d4:e5:eb:6b:a2:18:c0:
9e:bc:7e:fe:ba:b0:ca:f6:b0:2e:a3:18:f4:94:6b:83:28:5a:
77:d1:f9:1e:68:9d:17:3a:b4:be:ef:c4:66:d7:80:34:50:51:
53:3a:f9:cd:b2:65:c0:7d:b2:7b:31:48:2e:05:a2:58:35:85:
f7:46:a5:5c:31:6c:63:b1:6a:da:a5:27:cf:fe:c9:40:b1:6f:
3b:2f:a4:bd:c5:e1:a7:68:3a:e1:60:ce:4f:8a:ad:68:7f:c7:
9f:29:19:22:3a:30:a4:6d:48:3b:f7:ce:51:b2:46:d3:aa:bc:
df:67:42:0b:b3:62:86:38:8b:b8:25:c2:6d:0e:83:bf:37:85:
32:38:29:6a:e4:23:1c:6b:a7:ac:37:b2:08:53:1f:19:f8:e0:
10:30:94:0a:7f:f9:4e:d1:9c:51:0f:1f:f8:1b:85:6f:37:c9:
d7:eb:01:9f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUaB9FxJfHNDE7YAzDlXUkN/B2ITEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkZBOUE4OUVFOEE0RDAzQzBDRTBERDM1MEVCMzM5OTVE
RERDNTI5NzAeFw0yNDEwMDgwMjMxMTlaFw0yNTEwMDcwMjM2MTlaMDMxMTAvBgNV
BAMTKDM5OTcxMTg4REMyNzU2RDk2M0U1NkM0N0JDQTVCQTE5REZBRDU1MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnzpTzA6/SCAFiK4ad26TAzTmD
AMZXdovGPM+kUsOGA+9j/jOfA8YFZVfKzZGToEiHlpLG2TWIjhV4DnIIr+3cTuK3
y8W9ABKtlritYOIY6ivaVcRPTrgsK05m3SwB2ldIvrf8qvYrnEiry6BNiXXIh5yU
gXFvB2mwqQd2azdzxh0XtkZNmXL+4y9wiQt/qn/+r4j/WyngwLpMHLNoOndS/+YP
RMszvWYAJXB8SWqnckSSg6wX5tT8oduG0DmHTfDBpowEb7sdQ/ngCpNBQXpTogQO
rN4Y04Vo7YNcJivAuWpTfdd6CUSRRCUJ00kKEUddsEzqs4I0NPI6BEUpe7kRAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUOZcRiNwnVtlj5WxHvKW6Gd+tVTQwHwYDVR0j
BBgwFoAUL6monuik0DwM4N01DrM5ld3cUpcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTMxZTk3MjAtMGI2Mi00M2E4LThlMWYtMjMwNjg0ZWFm
OWFmLzEvMkZBOUE4OUVFOEE0RDAzQzBDRTBERDM1MEVCMzM5OTVERERDNTI5Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRh
NmItOTQzNC1jYzgwZGNhMDkzZTYvMi8yRkE5QTg5RUU4QTREMDNDMENFMEREMzUw
RUIzMzk5NUREREM1Mjk3LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS81MzFlOTcyMC0wYjYyLTQzYTgtOGUxZi0yMzA2ODRlYWY5YWYvMS8zMjYxMzA2
MjNhMzQ2NTMwMzczYTMxNjMzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
NTMxMzczMDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgtOBxwAMA0GCSqGSIb3DQEBCwUAA4IBAQCk
Elt4tbHZl/Ek+Cx9aCtD2f5w1GFU8Fw+nCbbPx28kCm7TuCD+ZippGf7ME9nYbqO
7oTCD8HFB9U8UjEw+igNKNOzTUvvOPux8OIXimmhv5TFhtTl62uiGMCevH7+urDK
9rAuoxj0lGuDKFp30fkeaJ0XOrS+78Rm14A0UFFTOvnNsmXAfbJ7MUguBaJYNYX3
RqVcMWxjsWrapSfP/slAsW87L6S9xeGnaDrhYM5Piq1of8efKRkiOjCkbUg7985R
skbTqrzfZ0ILs2KGOIu4JcJtDoO/N4UyOClq5CMca6esN7IIUx8Z+OAQMJQKf/lO
0ZxRDx/4G4VvN8nX6wGf
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:18:06 2025 by rpki-client