Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330313a3a2f34382d3438203d3e20313531373034.roa
File: 326130623a346530373a316330313a3a2f34382d3438203d3e20313531373034.roa (raw, json)
Hash identifier: Nh5XT638Xw3szIHzPWQzM5n7CuKdiXjt2Xw+j5HN5b4=
Subject key identifier: D8:FE:50:8B:89:8D:7F:84:AB:38:CC:27:29:78:AE:36:AC:76:D9:79
Certificate issuer: /CN=2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297
Certificate serial: 0C5318BE1A8F1903E72E26407296857786B84190
Authority key identifier: 2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330313a3a2f34382d3438203d3e20313531373034.roa
Signing time: Sat 23 Nov 2024 15:55:37 +0000
ROA not before: Sat 23 Nov 2024 15:50:37 +0000
ROA not after: Sat 22 Nov 2025 15:55:37 +0000
asID: 151704
IP address blocks: 2a0b:4e07:1c01::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:53:18:be:1a:8f:19:03:e7:2e:26:40:72:96:85:77:86:b8:41:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297
Validity
Not Before: Nov 23 15:50:37 2024 GMT
Not After : Nov 22 15:55:37 2025 GMT
Subject: CN=D8FE508B898D7F84AB38CC272978AE36AC76D979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2a:bd:3d:ea:4e:b8:75:29:bb:c3:39:39:4c:
48:e7:dc:c1:14:7e:d4:c8:8b:e2:58:cf:3a:58:fc:
66:62:c9:1c:f7:bb:82:a1:be:19:8f:7d:50:5d:cb:
15:f4:1f:38:44:51:04:6b:2e:91:57:b7:8c:54:58:
9c:41:e8:6c:81:60:73:2d:28:59:6a:c3:56:33:9b:
bd:0e:74:97:a7:6d:79:42:00:39:f8:12:ae:d2:71:
4f:85:7c:4e:ee:81:57:28:1e:81:34:fa:69:d8:e0:
01:70:1b:9f:72:4f:1c:da:4e:ae:91:0e:90:26:1b:
c6:8a:19:5d:2a:6c:62:ff:47:dd:9c:6c:d3:f7:ce:
d3:b4:53:5a:68:13:31:65:b0:43:64:3a:59:ae:c8:
73:61:2e:e0:97:27:56:7c:cc:1a:5b:2b:ea:c1:1c:
8c:a6:33:e7:c0:bc:ff:36:a1:a7:6f:07:70:ce:af:
96:ab:ec:32:ba:fe:4b:a7:2e:09:e4:46:c5:f6:c7:
42:15:0e:50:b5:b0:61:9e:c3:fe:b6:9c:18:a1:b4:
43:f8:5f:f8:39:94:80:6d:ef:2f:84:61:cb:0d:55:
11:eb:9b:a1:5c:bb:98:d5:c4:dc:25:39:47:4c:a4:
91:94:0a:9c:c7:7d:17:b7:a4:bf:b1:82:64:c4:1d:
00:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:FE:50:8B:89:8D:7F:84:AB:38:CC:27:29:78:AE:36:AC:76:D9:79
X509v3 Authority Key Identifier:
keyid:2F:A9:A8:9E:E8:A4:D0:3C:0C:E0:DD:35:0E:B3:39:95:DD:DC:52:97
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/0c70401c-7f41-4a6b-9434-cc80dca093e6/2/2FA9A89EE8A4D03C0CE0DD350EB33995DDDC5297.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/531e9720-0b62-43a8-8e1f-230684eaf9af/1/326130623a346530373a316330313a3a2f34382d3438203d3e20313531373034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:4e07:1c01::/48
Signature Algorithm: sha256WithRSAEncryption
06:2b:32:3f:67:c7:24:f4:fe:db:9e:fd:b0:89:ee:28:2e:d4:
f9:77:3e:33:bf:72:91:a6:75:0f:46:51:1d:b7:c5:17:6d:aa:
07:5d:a3:9e:79:25:59:6c:1d:08:df:57:b8:8d:5b:44:33:be:
50:0d:28:ea:b2:8f:8d:c7:1d:12:ee:3b:ba:6c:71:8e:9a:e6:
af:be:3c:b2:80:03:b3:48:d4:97:f0:aa:d1:f6:8a:40:2d:52:
d7:6b:f0:35:d5:e8:4c:0b:21:b6:91:29:26:15:9b:67:31:2e:
af:04:49:bd:db:87:92:dd:29:58:63:c0:1a:5e:ab:de:cc:e7:
3b:a9:b1:c4:09:2a:fd:0c:7f:7a:a5:13:bf:c5:e2:0f:cc:4e:
d9:77:b6:1a:65:7f:02:dd:10:ce:d4:98:7c:b4:d8:1b:ad:45:
b5:ab:a2:de:04:3d:13:6a:65:86:56:da:bf:32:80:cc:a0:7c:
8e:86:83:51:24:ec:d0:2e:0c:10:c8:a3:43:2b:a1:d3:5e:24:
88:aa:9e:b7:51:0b:4e:70:8b:a5:7c:b3:79:24:c7:b5:66:d3:
99:f6:a1:5c:c0:fc:9d:18:5b:9b:24:64:f2:fb:70:51:33:f4:
7e:7c:08:c2:20:e1:a5:f4:ca:55:29:c4:37:07:57:bb:62:0c:
92:ad:14:a4
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUDFMYvhqPGQPnLiZAcpaFd4a4QZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkZBOUE4OUVFOEE0RDAzQzBDRTBERDM1MEVCMzM5OTVE
RERDNTI5NzAeFw0yNDExMjMxNTUwMzdaFw0yNTExMjIxNTU1MzdaMDMxMTAvBgNV
BAMTKEQ4RkU1MDhCODk4RDdGODRBQjM4Q0MyNzI5NzhBRTM2QUM3NkQ5NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVKr096k64dSm7wzk5TEjn3MEU
ftTIi+JYzzpY/GZiyRz3u4KhvhmPfVBdyxX0HzhEUQRrLpFXt4xUWJxB6GyBYHMt
KFlqw1Yzm70OdJenbXlCADn4Eq7ScU+FfE7ugVcoHoE0+mnY4AFwG59yTxzaTq6R
DpAmG8aKGV0qbGL/R92cbNP3ztO0U1poEzFlsENkOlmuyHNhLuCXJ1Z8zBpbK+rB
HIymM+fAvP82oadvB3DOr5ar7DK6/kunLgnkRsX2x0IVDlC1sGGew/62nBihtEP4
X/g5lIBt7y+EYcsNVRHrm6Fcu5jVxNwlOUdMpJGUCpzHfRe3pL+xgmTEHQDrAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU2P5Qi4mNf4SrOMwnKXiuNqx22XkwHwYDVR0j
BBgwFoAUL6monuik0DwM4N01DrM5ld3cUpcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTMxZTk3MjAtMGI2Mi00M2E4LThlMWYtMjMwNjg0ZWFm
OWFmLzEvMkZBOUE4OUVFOEE0RDAzQzBDRTBERDM1MEVCMzM5OTVERERDNTI5Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8wYzcwNDAxYy03ZjQxLTRh
NmItOTQzNC1jYzgwZGNhMDkzZTYvMi8yRkE5QTg5RUU4QTREMDNDMENFMEREMzUw
RUIzMzk5NUREREM1Mjk3LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS81MzFlOTcyMC0wYjYyLTQzYTgtOGUxZi0yMzA2ODRlYWY5YWYvMS8zMjYxMzA2
MjNhMzQ2NTMwMzczYTMxNjMzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
NTMxMzczMDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgtOBxwBMA0GCSqGSIb3DQEBCwUAA4IBAQAG
KzI/Z8ck9P7bnv2wie4oLtT5dz4zv3KRpnUPRlEdt8UXbaoHXaOeeSVZbB0I31e4
jVtEM75QDSjqso+Nxx0S7ju6bHGOmuavvjyygAOzSNSX8KrR9opALVLXa/A11ehM
CyG2kSkmFZtnMS6vBEm924eS3SlYY8AaXqvezOc7qbHECSr9DH96pRO/xeIPzE7Z
d7YaZX8C3RDO1Jh8tNgbrUW1q6LeBD0TamWGVtq/MoDMoHyOhoNRJOzQLgwQyKND
K6HTXiSIqp63UQtOcIulfLN5JMe1ZtOZ9qFcwPydGFubJGTy+3BRM/R+fAjCIOGl
9MpVKcQ3B1e7YgySrRSk
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:57:02 2025 by rpki-client