Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/65839fbd-327e-4fce-8a3e-53ff8f0c460e/0/326130613a363034343a373930323a3a2f34382d3438203d3e20323134333233.roa
File: 326130613a363034343a373930323a3a2f34382d3438203d3e20323134333233.roa (raw, json)
Hash identifier: eCWt3SCPjqPtIWnfQrBqY1uS71Bje+8mQu+d6g+6388=
Subject key identifier: 5F:C9:ED:8C:0A:F4:FC:23:35:B2:09:6D:6D:06:58:03:E9:C3:5C:BE
Certificate issuer: /CN=6B70A71E22E34DAB7DA361F2FED9F91A4849DE4A
Certificate serial: 5ECBF438457507ADC61B9536752D3135C07FEFA3
Authority key identifier: 6B:70:A7:1E:22:E3:4D:AB:7D:A3:61:F2:FE:D9:F9:1A:48:49:DE:4A
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/6B70A71E22E34DAB7DA361F2FED9F91A4849DE4A.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/65839fbd-327e-4fce-8a3e-53ff8f0c460e/0/326130613a363034343a373930323a3a2f34382d3438203d3e20323134333233.roa
Signing time: Fri 11 Oct 2024 14:34:35 +0000
ROA not before: Fri 11 Oct 2024 14:29:35 +0000
ROA not after: Fri 10 Oct 2025 14:34:35 +0000
asID: 214323
IP address blocks: 2a0a:6044:7902::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:cb:f4:38:45:75:07:ad:c6:1b:95:36:75:2d:31:35:c0:7f:ef:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6B70A71E22E34DAB7DA361F2FED9F91A4849DE4A
Validity
Not Before: Oct 11 14:29:35 2024 GMT
Not After : Oct 10 14:34:35 2025 GMT
Subject: CN=5FC9ED8C0AF4FC2335B2096D6D065803E9C35CBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:93:05:46:ce:be:88:d3:a5:27:2c:fa:2d:ef:
b7:9b:21:c6:a5:92:2f:1e:69:90:03:a8:be:13:75:
0c:20:1e:d6:3c:38:7d:c7:70:36:72:50:9a:d5:a3:
86:1e:2a:8b:77:32:d1:f9:8d:44:eb:75:f4:32:de:
cc:3b:2b:a9:ca:4d:20:74:de:ab:40:f8:fa:b6:14:
d4:8c:f8:40:50:42:bf:51:ba:af:ab:a2:94:4c:2c:
b8:1a:61:2c:54:6c:28:05:7c:20:4d:e7:65:fc:6f:
22:aa:f1:d0:d5:20:9d:81:1a:3c:f2:39:87:b3:d6:
91:b0:66:32:97:63:d1:0f:d2:04:00:d9:25:7e:19:
aa:3a:85:e3:20:f2:84:38:32:38:12:45:ae:aa:fa:
7c:bb:ce:87:e7:ee:17:d2:3a:c5:6a:4b:88:1c:02:
6e:67:5d:ef:f9:35:52:c0:d8:eb:8f:d7:3a:c8:9e:
59:e5:9c:de:14:94:d6:fa:46:51:47:cc:e8:c4:e6:
d5:80:73:54:fa:43:20:a7:b0:73:01:81:e7:d0:fa:
66:16:01:fb:58:db:9d:0b:5d:bd:aa:c0:a2:ba:0e:
c9:01:1d:fc:8a:ef:2e:21:cc:2c:46:08:10:9c:99:
80:95:cf:47:d0:31:aa:b0:b4:64:1c:24:f2:a6:e7:
ec:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:C9:ED:8C:0A:F4:FC:23:35:B2:09:6D:6D:06:58:03:E9:C3:5C:BE
X509v3 Authority Key Identifier:
keyid:6B:70:A7:1E:22:E3:4D:AB:7D:A3:61:F2:FE:D9:F9:1A:48:49:DE:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/65839fbd-327e-4fce-8a3e-53ff8f0c460e/0/6B70A71E22E34DAB7DA361F2FED9F91A4849DE4A.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/6B70A71E22E34DAB7DA361F2FED9F91A4849DE4A.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/65839fbd-327e-4fce-8a3e-53ff8f0c460e/0/326130613a363034343a373930323a3a2f34382d3438203d3e20323134333233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:7902::/48
Signature Algorithm: sha256WithRSAEncryption
71:a3:17:e8:fc:5d:63:b6:17:db:ac:0b:44:59:7a:c6:3c:3d:
78:91:41:3e:0b:f3:27:3c:68:13:6e:bf:c0:72:23:64:92:96:
93:9b:80:ac:eb:b4:c8:54:de:ba:01:24:37:a0:c9:85:27:cf:
30:e9:a3:70:a8:72:41:ec:c4:c1:1a:55:d3:1e:7a:9c:f1:85:
d4:a0:c1:bc:cf:c0:59:36:08:4b:57:9e:d2:8c:7a:e2:9d:89:
c7:a5:bf:e5:94:0f:14:d7:1e:21:05:34:b3:f5:1a:d8:98:8a:
de:75:c6:60:83:56:23:e9:8b:63:e7:b9:4a:3d:8b:b4:f7:7f:
e5:5f:a6:39:c4:85:10:7f:85:37:f2:3a:cd:59:43:07:3f:62:
9a:f2:3f:ab:f1:20:38:de:0c:70:0a:63:42:cb:7a:bd:4d:b1:
0c:04:66:70:a2:2f:94:1c:97:39:c2:f3:9c:5f:81:2e:6d:78:
41:8c:1b:3b:1a:c1:3d:57:ba:a4:4e:1f:84:29:e8:47:cb:cc:
ca:ce:51:27:30:85:31:e8:1e:7b:4d:62:6d:c5:1c:36:1c:5d:
dd:d5:8e:77:a5:a2:73:68:0c:b2:bc:98:8c:65:38:8c:80:56:
8f:c4:25:9b:e0:24:a0:9b:5c:97:76:74:86:2a:a1:e0:14:bc:
d6:29:60:97
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUXsv0OEV1B63GG5U2dS0xNcB/76MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkI3MEE3MUUyMkUzNERBQjdEQTM2MUYyRkVEOUY5MUE0
ODQ5REU0QTAeFw0yNDEwMTExNDI5MzVaFw0yNTEwMTAxNDM0MzVaMDMxMTAvBgNV
BAMTKDVGQzlFRDhDMEFGNEZDMjMzNUIyMDk2RDZEMDY1ODAzRTlDMzVDQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtkwVGzr6I06UnLPot77ebIcal
ki8eaZADqL4TdQwgHtY8OH3HcDZyUJrVo4YeKot3MtH5jUTrdfQy3sw7K6nKTSB0
3qtA+Pq2FNSM+EBQQr9Ruq+ropRMLLgaYSxUbCgFfCBN52X8byKq8dDVIJ2BGjzy
OYez1pGwZjKXY9EP0gQA2SV+Gao6heMg8oQ4MjgSRa6q+ny7zofn7hfSOsVqS4gc
Am5nXe/5NVLA2OuP1zrInlnlnN4UlNb6RlFHzOjE5tWAc1T6QyCnsHMBgefQ+mYW
AftY250LXb2qwKK6DskBHfyK7y4hzCxGCBCcmYCVz0fQMaqwtGQcJPKm5+x9AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUX8ntjAr0/CM1sgltbQZYA+nDXL4wHwYDVR0j
BBgwFoAUa3CnHiLjTat9o2Hy/tn5GkhJ3kowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjU4MzlmYmQtMzI3ZS00ZmNlLThhM2UtNTNmZjhmMGM0
NjBlLzAvNkI3MEE3MUUyMkUzNERBQjdEQTM2MUYyRkVEOUY5MUE0ODQ5REU0QS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC82QjcwQTcxRTIyRTM0REFCN0RBMzYxRjJG
RUQ5RjkxQTQ4NDlERTRBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82NTgzOWZiZC0zMjdlLTRmY2UtOGEzZS01M2ZmOGYwYzQ2MGUvMC8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM3MzkzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzMzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRHkCMA0GCSqGSIb3DQEBCwUAA4IBAQBx
oxfo/F1jthfbrAtEWXrGPD14kUE+C/MnPGgTbr/AciNkkpaTm4Cs67TIVN66ASQ3
oMmFJ88w6aNwqHJB7MTBGlXTHnqc8YXUoMG8z8BZNghLV57SjHrinYnHpb/llA8U
1x4hBTSz9RrYmIredcZgg1Yj6Ytj57lKPYu093/lX6Y5xIUQf4U38jrNWUMHP2Ka
8j+r8SA43gxwCmNCy3q9TbEMBGZwoi+UHJc5wvOcX4EubXhBjBs7GsE9V7qkTh+E
KehHy8zKzlEnMIUx6B57TWJtxRw2HF3d1Y53paJzaAyyvJiMZTiMgFaPxCWb4CSg
m1yXdnSGKqHgFLzWKWCX
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:44:30 2025 by rpki-client