Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6be43d9e-e440-47ae-a7bc-19b7993ccf14/2/326131343a366634353a623030623a3a2f34382d3438203d3e20323134373537.roa
File: 326131343a366634353a623030623a3a2f34382d3438203d3e20323134373537.roa (raw, json)
Hash identifier: t1cRwTYq7eUC/NgS3JVL6aQkzgWYOlFVUcR/T01og2A=
Subject key identifier: 67:3D:95:20:02:19:68:CA:AD:02:08:B6:01:EE:38:F9:BE:B1:68:2C
Certificate issuer: /CN=849A6D8BFAC2BC81C0BB3ADB0F1BFC68BBBE063F
Certificate serial: 252730BF246CD9266FB9719D8191CD9857F6CFF1
Authority key identifier: 84:9A:6D:8B:FA:C2:BC:81:C0:BB:3A:DB:0F:1B:FC:68:BB:BE:06:3F
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/849A6D8BFAC2BC81C0BB3ADB0F1BFC68BBBE063F.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6be43d9e-e440-47ae-a7bc-19b7993ccf14/2/326131343a366634353a623030623a3a2f34382d3438203d3e20323134373537.roa
Signing time: Tue 01 Oct 2024 11:37:14 +0000
ROA not before: Tue 01 Oct 2024 11:32:14 +0000
ROA not after: Tue 30 Sep 2025 11:37:14 +0000
asID: 214757
IP address blocks: 2a14:6f45:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:27:30:bf:24:6c:d9:26:6f:b9:71:9d:81:91:cd:98:57:f6:cf:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=849A6D8BFAC2BC81C0BB3ADB0F1BFC68BBBE063F
Validity
Not Before: Oct 1 11:32:14 2024 GMT
Not After : Sep 30 11:37:14 2025 GMT
Subject: CN=673D9520021968CAAD0208B601EE38F9BEB1682C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:94:71:1b:39:ae:ab:60:ad:f1:1d:8f:04:3f:
4c:67:ce:f8:70:6c:89:ba:39:52:3c:c4:ac:9d:40:
e4:73:88:69:ef:cb:49:47:4c:49:64:2b:62:75:d5:
67:48:69:b9:e3:b8:9a:3a:f2:44:24:7e:75:8e:c5:
2a:cc:10:ac:27:bf:70:fb:a4:ff:11:4f:f3:6c:4c:
6a:ae:3b:89:88:9f:68:aa:64:fb:22:2c:b9:20:fd:
94:cc:48:6f:fa:4c:03:ec:de:5b:6c:67:c2:93:e4:
7f:1d:7c:40:ce:44:62:af:09:01:00:6e:0b:31:02:
d6:7f:83:8f:17:ae:1a:21:8d:00:85:6f:3a:25:ef:
3e:92:7f:8f:71:73:76:07:3d:41:d7:db:55:82:92:
cf:2f:27:54:a6:b3:cc:55:6b:ae:5a:bb:ba:41:81:
7a:5e:76:7b:4b:dd:10:b8:c7:08:a4:fc:e2:3a:5b:
d1:55:24:4e:d3:e8:5d:9d:be:1c:3d:58:76:7d:ff:
59:2a:4b:5e:79:b3:95:78:83:99:40:39:44:91:61:
cc:5e:e0:51:d0:d5:a4:00:fb:61:ee:8f:5b:d0:9c:
f1:14:b2:f9:f9:fb:bc:b1:fa:40:b5:d3:a2:d6:9c:
51:4b:6e:78:82:ed:4b:84:46:c4:16:0a:47:d5:04:
52:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:3D:95:20:02:19:68:CA:AD:02:08:B6:01:EE:38:F9:BE:B1:68:2C
X509v3 Authority Key Identifier:
keyid:84:9A:6D:8B:FA:C2:BC:81:C0:BB:3A:DB:0F:1B:FC:68:BB:BE:06:3F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6be43d9e-e440-47ae-a7bc-19b7993ccf14/2/849A6D8BFAC2BC81C0BB3ADB0F1BFC68BBBE063F.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ff7a989-ecdf-43d6-86e1-f6c3935b9b3d/4/849A6D8BFAC2BC81C0BB3ADB0F1BFC68BBBE063F.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6be43d9e-e440-47ae-a7bc-19b7993ccf14/2/326131343a366634353a623030623a3a2f34382d3438203d3e20323134373537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:6f45:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
17:c1:1f:bc:d1:30:2d:76:9e:46:68:ce:53:45:9b:ce:dc:6b:
0b:02:bd:c2:86:e2:eb:7d:de:f5:04:0d:6a:64:92:cf:92:22:
c4:4c:5f:df:b8:b1:be:f7:c9:b9:31:5f:2d:84:0f:b9:8d:88:
ba:0b:40:3e:43:7a:80:1e:10:5f:18:5c:e1:df:b2:66:3d:82:
9c:44:01:ed:df:94:59:b9:52:08:e8:a8:0f:71:63:82:ff:a5:
c5:08:24:48:d5:dc:f7:67:ff:40:50:8e:73:5f:b7:61:95:c6:
b9:37:40:86:60:3f:64:59:f6:f1:ce:55:af:4d:da:97:91:eb:
d6:d9:4b:9e:2a:4d:80:9c:f8:16:ee:e2:8d:34:d1:f4:a3:1b:
ca:8a:d5:fe:81:6b:42:df:39:dd:4c:43:87:04:d2:2c:d8:05:
aa:65:64:86:0d:ec:be:db:78:c9:07:57:b7:65:8e:d4:bf:2d:
3a:df:14:41:35:9c:46:21:bd:26:c7:f4:29:ec:e8:60:96:ec:
2b:48:fa:68:5f:28:0b:66:38:96:75:a2:d0:57:c2:ce:8e:ca:
a5:cb:3c:96:d9:d8:3b:ac:6c:f8:76:4d:eb:51:62:96:e9:2b:
c6:c0:3f:66:42:09:56:6b:91:f4:f5:fa:83:d9:c3:8f:19:5f:
4d:a1:58:28
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUJScwvyRs2SZvuXGdgZHNmFf2z/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODQ5QTZEOEJGQUMyQkM4MUMwQkIzQURCMEYxQkZDNjhC
QkJFMDYzRjAeFw0yNDEwMDExMTMyMTRaFw0yNTA5MzAxMTM3MTRaMDMxMTAvBgNV
BAMTKDY3M0Q5NTIwMDIxOTY4Q0FBRDAyMDhCNjAxRUUzOEY5QkVCMTY4MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTlHEbOa6rYK3xHY8EP0xnzvhw
bIm6OVI8xKydQORziGnvy0lHTElkK2J11WdIabnjuJo68kQkfnWOxSrMEKwnv3D7
pP8RT/NsTGquO4mIn2iqZPsiLLkg/ZTMSG/6TAPs3ltsZ8KT5H8dfEDORGKvCQEA
bgsxAtZ/g48XrhohjQCFbzol7z6Sf49xc3YHPUHX21WCks8vJ1Sms8xVa65au7pB
gXpedntL3RC4xwik/OI6W9FVJE7T6F2dvhw9WHZ9/1kqS155s5V4g5lAOUSRYcxe
4FHQ1aQA+2Huj1vQnPEUsvn5+7yx+kC106LWnFFLbniC7UuERsQWCkfVBFLFAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUZz2VIAIZaMqtAgi2Ae44+b6xaCwwHwYDVR0j
BBgwFoAUhJpti/rCvIHAuzrbDxv8aLu+Bj8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmJlNDNkOWUtZTQ0MC00N2FlLWE3YmMtMTliNzk5M2Nj
ZjE0LzIvODQ5QTZEOEJGQUMyQkM4MUMwQkIzQURCMEYxQkZDNjhCQkJFMDYzRi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS82ZmY3YTk4OS1lY2RmLTQz
ZDYtODZlMS1mNmMzOTM1YjliM2QvNC84NDlBNkQ4QkZBQzJCQzgxQzBCQjNBREIw
RjFCRkM2OEJCQkUwNjNGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82YmU0M2Q5ZS1lNDQwLTQ3YWUtYTdiYy0xOWI3OTkzY2NmMTQvMi8zMjYxMzEz
NDNhMzY2NjM0MzUzYTYyMzAzMDYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzczNTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhRvRbALMA0GCSqGSIb3DQEBCwUAA4IBAQAX
wR+80TAtdp5GaM5TRZvO3GsLAr3ChuLrfd71BA1qZJLPkiLETF/fuLG+98m5MV8t
hA+5jYi6C0A+Q3qAHhBfGFzh37JmPYKcRAHt35RZuVII6KgPcWOC/6XFCCRI1dz3
Z/9AUI5zX7dhlca5N0CGYD9kWfbxzlWvTdqXkevW2UueKk2AnPgW7uKNNNH0oxvK
itX+gWtC3zndTEOHBNIs2AWqZWSGDey+23jJB1e3ZY7Uvy063xRBNZxGIb0mx/Qp
7OhgluwrSPpoXygLZjiWdaLQV8LOjsqlyzyW2dg7rGz4dk3rUWKW6SvGwD9mQglW
a5H09fqD2cOPGV9NoVgo
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:50:57 2025 by rpki-client