Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a633131333a3a2f34382d3438203d3e20323135313437.roa
File: 326130363a313238333a633131333a3a2f34382d3438203d3e20323135313437.roa (raw, json)
Hash identifier: WO/ozCBOPATcVdzMebLNNDmOtMpXA9uAimwQnlh5pKo=
Subject key identifier: EC:E4:0A:49:46:65:2E:C9:4E:20:05:5E:F0:D9:C7:85:FE:CD:C0:75
Certificate issuer: /CN=B6366F3DD14AC5399103961C30642E6779892C6C
Certificate serial: 5C8CD30BCB7980AA635D0F976E037D11C4AD3454
Authority key identifier: B6:36:6F:3D:D1:4A:C5:39:91:03:96:1C:30:64:2E:67:79:89:2C:6C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/B6366F3DD14AC5399103961C30642E6779892C6C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a633131333a3a2f34382d3438203d3e20323135313437.roa
Signing time: Mon 14 Oct 2024 08:59:40 +0000
ROA not before: Mon 14 Oct 2024 08:54:40 +0000
ROA not after: Mon 13 Oct 2025 08:59:40 +0000
asID: 215147
IP address blocks: 2a06:1283:c113::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:8c:d3:0b:cb:79:80:aa:63:5d:0f:97:6e:03:7d:11:c4:ad:34:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B6366F3DD14AC5399103961C30642E6779892C6C
Validity
Not Before: Oct 14 08:54:40 2024 GMT
Not After : Oct 13 08:59:40 2025 GMT
Subject: CN=ECE40A4946652EC94E20055EF0D9C785FECDC075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:df:12:b7:f9:9a:1c:f3:35:c8:9f:f0:63:a2:
40:f9:d3:7e:9b:5a:2b:d7:6d:10:8a:76:2c:b5:ef:
aa:da:aa:dc:af:20:a2:50:ec:1b:9d:78:47:4a:70:
c3:0a:70:84:87:4e:85:8e:91:41:0d:a5:9c:12:a5:
a1:c4:20:fa:d5:01:c8:9f:80:8e:50:90:72:e1:14:
bb:58:2f:4a:9f:1f:14:07:38:a8:1d:4e:52:23:5e:
48:e9:3a:88:c2:1b:23:27:4e:59:ab:36:96:95:40:
9e:e1:f9:b1:85:42:d7:07:1c:53:7c:d2:36:e6:d6:
28:1c:3a:61:fe:ea:dc:0e:8c:eb:96:b8:2b:34:8f:
fb:7c:48:d6:5a:58:03:62:84:8a:ff:30:58:31:8a:
83:d1:eb:8e:d8:4f:b7:13:7e:2a:36:aa:e8:a8:41:
6e:43:34:92:7d:b5:70:87:02:c1:6f:9a:b5:c2:c2:
03:8d:07:76:b7:ef:50:c5:b7:a5:f8:0f:9b:7e:4c:
2b:08:65:66:88:12:81:7c:65:78:4f:e9:42:56:1c:
3f:dd:7d:fe:36:24:c7:5d:96:c1:77:c6:68:02:79:
e5:63:07:a1:2b:38:ed:65:23:08:c0:82:87:2e:21:
c1:8d:49:82:97:21:29:52:79:e0:8e:bc:b3:80:58:
22:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E4:0A:49:46:65:2E:C9:4E:20:05:5E:F0:D9:C7:85:FE:CD:C0:75
X509v3 Authority Key Identifier:
keyid:B6:36:6F:3D:D1:4A:C5:39:91:03:96:1C:30:64:2E:67:79:89:2C:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/B6366F3DD14AC5399103961C30642E6779892C6C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/B6366F3DD14AC5399103961C30642E6779892C6C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/68ababbb-f048-4de1-9206-8d40f071808b/2/326130363a313238333a633131333a3a2f34382d3438203d3e20323135313437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1283:c113::/48
Signature Algorithm: sha256WithRSAEncryption
42:86:eb:fa:bb:8c:09:6a:80:27:b5:7b:ab:de:02:14:59:e8:
1b:c1:8b:33:1d:c9:4b:38:4c:34:f1:f4:78:0f:19:5c:b0:27:
9c:13:37:fa:9a:1a:d6:28:91:c3:3e:f0:a8:00:0a:a5:c1:76:
de:bc:74:1a:45:54:a4:94:0c:31:be:7c:80:6e:1d:25:9b:ae:
93:9e:23:1a:3b:cc:b8:41:98:68:61:49:c2:83:7f:c1:44:11:
36:7a:1c:ca:68:e6:af:e0:be:ab:16:2f:50:98:6c:cb:ee:14:
eb:75:2a:3c:e3:a1:1d:de:15:a8:55:ce:f8:3a:54:d7:be:57:
4a:91:e4:39:89:b2:64:f5:17:36:13:c2:3f:81:89:6e:17:f3:
71:2b:cb:1e:cd:bb:84:ec:81:01:1c:22:39:c7:37:0e:6a:23:
a3:41:ed:6b:63:c7:73:ff:07:90:81:d9:4e:cc:38:8e:e2:72:
e6:5b:3c:c3:18:47:a8:7f:34:89:cb:94:d7:8c:1e:a3:ae:0b:
29:5f:66:d2:f7:53:a6:77:6a:37:c7:a5:02:25:64:27:aa:e2:
ac:6d:cc:54:ca:2d:83:9b:3d:ec:97:b2:b0:1f:c1:02:37:33:
24:94:0b:0e:bf:b5:21:63:f3:21:69:07:4b:4c:70:f4:e5:02:
d2:27:57:7d
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUXIzTC8t5gKpjXQ+XbgN9EcStNFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjYzNjZGM0REMTRBQzUzOTkxMDM5NjFDMzA2NDJFNjc3
OTg5MkM2QzAeFw0yNDEwMTQwODU0NDBaFw0yNTEwMTMwODU5NDBaMDMxMTAvBgNV
BAMTKEVDRTQwQTQ5NDY2NTJFQzk0RTIwMDU1RUYwRDlDNzg1RkVDREMwNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR3xK3+Zoc8zXIn/BjokD5036b
WivXbRCKdiy176raqtyvIKJQ7BudeEdKcMMKcISHToWOkUENpZwSpaHEIPrVAcif
gI5QkHLhFLtYL0qfHxQHOKgdTlIjXkjpOojCGyMnTlmrNpaVQJ7h+bGFQtcHHFN8
0jbm1igcOmH+6twOjOuWuCs0j/t8SNZaWANihIr/MFgxioPR647YT7cTfio2quio
QW5DNJJ9tXCHAsFvmrXCwgONB3a371DFt6X4D5t+TCsIZWaIEoF8ZXhP6UJWHD/d
ff42JMddlsF3xmgCeeVjB6ErOO1lIwjAgocuIcGNSYKXISlSeeCOvLOAWCJhAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU7OQKSUZlLslOIAVe8NnHhf7NwHUwHwYDVR0j
BBgwFoAUtjZvPdFKxTmRA5YcMGQuZ3mJLGwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjhhYmFiYmItZjA0OC00ZGUxLTkyMDYtOGQ0MGYwNzE4
MDhiLzIvQjYzNjZGM0REMTRBQzUzOTkxMDM5NjFDMzA2NDJFNjc3OTg5MkM2Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yYWY3M2E5Yy0yMDU4LTQz
YmItOWFjNi01YWI0MmRmYmY0MDkvMS9CNjM2NkYzREQxNEFDNTM5OTEwMzk2MUMz
MDY0MkU2Nzc5ODkyQzZDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82OGFiYWJiYi1mMDQ4LTRkZTEtOTIwNi04ZDQwZjA3MTgwOGIvMi8zMjYxMzAz
NjNhMzEzMjM4MzMzYTYzMzEzMTMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgYSg8ETMA0GCSqGSIb3DQEBCwUAA4IBAQBC
huv6u4wJaoAntXur3gIUWegbwYszHclLOEw08fR4DxlcsCecEzf6mhrWKJHDPvCo
AAqlwXbevHQaRVSklAwxvnyAbh0lm66TniMaO8y4QZhoYUnCg3/BRBE2ehzKaOav
4L6rFi9QmGzL7hTrdSo846Ed3hWoVc74OlTXvldKkeQ5ibJk9Rc2E8I/gYluF/Nx
K8sezbuE7IEBHCI5xzcOaiOjQe1rY8dz/weQgdlOzDiO4nLmWzzDGEeofzSJy5TX
jB6jrgspX2bS91Omd2o3x6UCJWQnquKsbcxUyi2Dmz3sl7KwH8ECNzMklAsOv7Uh
Y/MhaQdLTHD05QLSJ1d9
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:36 2025 by rpki-client