Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/326130373a353463313a633530303a3a2f34342d3434203d3e20323134373537.roa
File: 326130373a353463313a633530303a3a2f34342d3434203d3e20323134373537.roa (raw, json)
Hash identifier: OMd8Y0gsCpyZd+CqCpDRQ1qndFKgBUaSH/pEoBw5k9g=
Subject key identifier: 82:A5:4B:F8:D8:0C:BD:FB:FA:D9:95:0D:B5:E1:01:11:03:B6:7D:A5
Certificate issuer: /CN=41CF30FBDC220B6E4A6FA67792B3B248EECF6570
Certificate serial: 7672A18810B6E217030E571FB5F4FF4DD0899610
Authority key identifier: 41:CF:30:FB:DC:22:0B:6E:4A:6F:A6:77:92:B3:B2:48:EE:CF:65:70
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/326130373a353463313a633530303a3a2f34342d3434203d3e20323134373537.roa
Signing time: Sun 04 Aug 2024 17:52:13 +0000
ROA not before: Sun 04 Aug 2024 17:47:13 +0000
ROA not after: Sun 03 Aug 2025 17:52:13 +0000
asID: 214757
IP address blocks: 2a07:54c1:c500::/44 maxlen: 44
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:72:a1:88:10:b6:e2:17:03:0e:57:1f:b5:f4:ff:4d:d0:89:96:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41CF30FBDC220B6E4A6FA67792B3B248EECF6570
Validity
Not Before: Aug 4 17:47:13 2024 GMT
Not After : Aug 3 17:52:13 2025 GMT
Subject: CN=82A54BF8D80CBDFBFAD9950DB5E1011103B67DA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9d:9b:11:b3:a0:bf:0f:10:81:91:9a:b5:8f:
42:fc:22:7f:95:61:41:3a:20:4c:d3:41:00:e9:be:
66:25:b9:d5:7f:01:99:7b:2d:e1:e4:c7:01:1a:df:
6b:32:c3:1b:58:9d:af:45:1a:70:98:18:d8:0e:d5:
9d:b6:75:39:b5:a5:c8:b5:f5:61:7e:95:41:93:2f:
e7:5b:30:46:c9:48:18:df:cf:25:25:31:d8:39:14:
3f:0e:16:db:9a:eb:5a:17:d5:e9:7f:e1:77:6d:2e:
6d:41:a9:84:41:79:fd:d8:24:8c:b7:57:01:3d:4d:
8f:68:db:40:24:7a:9e:8b:e3:79:fc:8c:f0:89:aa:
db:7e:3b:ac:93:dd:4a:1b:84:45:b2:32:43:be:06:
52:ff:94:58:7a:15:c0:57:86:97:39:e1:7d:d9:dc:
1e:fc:62:da:8a:f6:67:c9:ca:4c:54:3d:ba:c2:18:
d7:ab:96:bf:c9:7a:ee:34:03:70:1c:3e:d5:67:20:
b1:49:f2:78:65:74:1f:60:fc:18:8a:b4:36:8f:18:
ea:fa:66:91:6a:38:4d:52:85:c5:7d:1e:72:f4:af:
17:54:6b:65:ea:75:ee:4c:f8:03:07:33:de:ae:11:
e2:8e:84:7a:41:da:28:69:55:9c:e9:85:da:b0:a9:
a4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A5:4B:F8:D8:0C:BD:FB:FA:D9:95:0D:B5:E1:01:11:03:B6:7D:A5
X509v3 Authority Key Identifier:
keyid:41:CF:30:FB:DC:22:0B:6E:4A:6F:A6:77:92:B3:B2:48:EE:CF:65:70
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41CF30FBDC220B6E4A6FA67792B3B248EECF6570.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7f5d2a1b-cacc-4e22-8af2-9f20a9329bcb/2/326130373a353463313a633530303a3a2f34342d3434203d3e20323134373537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:c500::/44
Signature Algorithm: sha256WithRSAEncryption
67:d5:0a:a8:3b:fc:b4:c7:a3:ca:33:60:a6:7e:8d:39:33:bd:
54:c6:a8:ba:14:b0:b2:e6:c0:4b:d1:df:32:bf:ca:ab:70:46:
50:13:05:fa:04:6d:50:db:f5:64:12:99:e4:36:d5:df:ee:7f:
da:dc:41:57:ce:a1:b5:d3:35:53:2d:b0:fa:98:28:85:ee:3e:
7f:06:ea:2e:12:e6:01:0f:7e:bc:dd:f7:5e:80:65:50:be:a3:
63:9c:d9:d5:ee:b2:5c:08:82:23:86:8a:53:d9:3b:e3:66:41:
60:c2:f3:14:aa:25:56:9b:fa:82:8b:04:da:7d:45:eb:d0:58:
d7:d0:af:8d:e7:05:c6:08:3b:59:ce:59:3c:e4:a6:db:02:c2:
6a:bf:33:87:22:1e:b9:8b:1b:86:bf:02:68:60:eb:0c:62:cc:
d5:24:3b:20:98:a1:18:61:87:de:e9:b8:1c:11:61:b0:2b:04:
80:55:fb:70:08:80:c4:77:b3:11:89:a6:ad:5f:1d:49:bb:28:
11:2b:33:f0:03:ad:23:f6:be:95:d7:9a:6b:b8:e8:7a:51:78:
aa:d5:bf:d9:04:7a:7e:66:b7:e5:7a:86:d2:c7:75:10:69:94:
aa:85:c9:1c:f6:1c:9f:3a:52:8e:42:bc:29:8c:18:7f:0a:dc:
dd:61:dc:86
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUdnKhiBC24hcDDlcftfT/TdCJlhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFDRjMwRkJEQzIyMEI2RTRBNkZBNjc3OTJCM0IyNDhF
RUNGNjU3MDAeFw0yNDA4MDQxNzQ3MTNaFw0yNTA4MDMxNzUyMTNaMDMxMTAvBgNV
BAMTKDgyQTU0QkY4RDgwQ0JERkJGQUQ5OTUwREI1RTEwMTExMDNCNjdEQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjnZsRs6C/DxCBkZq1j0L8In+V
YUE6IEzTQQDpvmYludV/AZl7LeHkxwEa32sywxtYna9FGnCYGNgO1Z22dTm1pci1
9WF+lUGTL+dbMEbJSBjfzyUlMdg5FD8OFtua61oX1el/4XdtLm1BqYRBef3YJIy3
VwE9TY9o20Akep6L43n8jPCJqtt+O6yT3UobhEWyMkO+BlL/lFh6FcBXhpc54X3Z
3B78YtqK9mfJykxUPbrCGNerlr/Jeu40A3AcPtVnILFJ8nhldB9g/BiKtDaPGOr6
ZpFqOE1ShcV9HnL0rxdUa2Xqde5M+AMHM96uEeKOhHpB2ihpVZzphdqwqaTtAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUgqVL+NgMvfv62ZUNteEBEQO2faUwHwYDVR0j
BBgwFoAUQc8w+9wiC25Kb6Z3krOySO7PZXAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Y1ZDJhMWItY2FjYy00ZTIyLThhZjItOWYyMGE5MzI5
YmNiLzIvNDFDRjMwRkJEQzIyMEI2RTRBNkZBNjc3OTJCM0IyNDhFRUNGNjU3MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC80MUNGMzBGQkRDMjIwQjZFNEE2RkE2Nzc5
MkIzQjI0OEVFQ0Y2NTcwLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS83ZjVkMmExYi1jYWNjLTRlMjItOGFmMi05ZjIwYTkzMjliY2IvMi8zMjYxMzAz
NzNhMzUzNDYzMzEzYTYzMzUzMDMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM0MzczNTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKgdUwcUAMA0GCSqGSIb3DQEBCwUAA4IBAQBn
1QqoO/y0x6PKM2Cmfo05M71Uxqi6FLCy5sBL0d8yv8qrcEZQEwX6BG1Q2/VkEpnk
NtXf7n/a3EFXzqG10zVTLbD6mCiF7j5/BuouEuYBD3683fdegGVQvqNjnNnV7rJc
CIIjhopT2TvjZkFgwvMUqiVWm/qCiwTafUXr0FjX0K+N5wXGCDtZzlk85KbbAsJq
vzOHIh65ixuGvwJoYOsMYszVJDsgmKEYYYfe6bgcEWGwKwSAVftwCIDEd7MRiaat
Xx1JuygRKzPwA60j9r6V15pruOh6UXiq1b/ZBHp+ZrfleobSx3UQaZSqhckc9hyf
OlKOQrwpjBh/CtzdYdyG
-----END CERTIFICATE-----
Generated at Mon Aug 5 23:00:12 2024 by rpki-client on console-fra.rpki-client.org