Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa
File: 326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa (raw, json)
Hash identifier: 2yQ0bEhC7Gkr/ukKqOai4xHLU4JxFvk3/3RqPzbvcuw=
Subject key identifier: 5A:16:B0:5D:16:79:8D:63:DC:18:E3:62:91:11:2F:84:C4:27:DD:50
Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial: 69821C3735DCFF763DFACF69D3229A763810A87D
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa
Signing time: Thu 12 Dec 2024 11:53:59 +0000
ROA not before: Thu 12 Dec 2024 11:48:59 +0000
ROA not after: Thu 11 Dec 2025 11:53:59 +0000
asID: 215364
IP address blocks: 2a14:7581:9000::/38 maxlen: 38
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:82:1c:37:35:dc:ff:76:3d:fa:cf:69:d3:22:9a:76:38:10:a8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Validity
Not Before: Dec 12 11:48:59 2024 GMT
Not After : Dec 11 11:53:59 2025 GMT
Subject: CN=5A16B05D16798D63DC18E36291112F84C427DD50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b4:3b:73:72:85:6f:a7:41:7e:8a:b7:0a:3c:
fe:6f:3e:7e:12:4b:9b:65:91:aa:83:c2:d9:f4:14:
d6:2e:b9:ca:56:6c:a7:fd:b5:38:0c:bf:10:b5:f1:
7c:be:3c:77:22:b7:62:f0:ef:3c:e5:35:51:42:3e:
53:02:fd:91:74:eb:91:a8:da:fc:41:40:10:c3:61:
a8:e3:23:80:7f:a4:8b:78:91:96:a6:df:72:c2:13:
9e:c7:17:ab:4a:b4:de:41:6f:b4:72:a6:2d:4c:cb:
b8:cd:f1:38:ce:d1:43:ea:25:a8:7f:72:84:73:08:
57:02:18:2a:3f:cc:e5:38:1c:3f:7c:e1:86:c7:d4:
d2:2d:02:75:a8:b7:2b:fc:52:97:83:e1:ca:1a:26:
58:58:72:00:cb:25:9f:e9:e5:10:79:41:56:57:f2:
0d:0f:fe:d6:66:2f:c4:a2:bc:d2:fc:d3:60:ac:c2:
5c:aa:7b:f9:6a:cf:e2:cc:71:cf:f4:50:42:61:e0:
40:9d:a3:95:f1:99:c6:7c:0f:04:1d:c1:2d:cd:d6:
7b:38:91:ba:38:37:4c:9d:6b:5e:07:ac:a7:31:32:
63:56:a0:b1:39:2a:64:01:de:14:08:7c:2e:e1:e3:
25:d5:59:bf:16:37:39:de:31:05:68:a7:f9:73:ff:
b6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:16:B0:5D:16:79:8D:63:DC:18:E3:62:91:11:2F:84:C4:27:DD:50
X509v3 Authority Key Identifier:
keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393030303a3a2f33382d3338203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9000::/38
Signature Algorithm: sha256WithRSAEncryption
83:fb:ae:29:2c:d7:c2:b5:39:22:a2:b5:69:2c:0f:b9:d4:be:
22:68:0f:44:d4:78:15:5f:6d:8b:49:d0:68:bd:0c:b1:93:9d:
aa:36:8a:b7:ee:fc:50:d9:a8:37:d5:12:a2:30:b2:90:fd:26:
fc:10:cb:81:e2:18:91:2e:6e:85:35:a7:92:c5:63:f4:b5:55:
c6:53:78:45:91:cc:47:e4:e8:ce:a8:9c:3f:c1:e7:5b:ec:f0:
12:59:67:af:36:86:23:51:0f:67:67:f1:3e:4e:cb:af:f1:57:
e1:46:f6:3f:af:e8:69:46:4e:7e:02:82:3c:85:8d:ca:98:d6:
eb:f3:2a:5c:fe:ca:54:24:29:65:47:eb:85:dc:ee:b1:72:02:
a4:91:70:c9:c8:49:9a:7a:3f:fc:72:55:fb:9d:cf:5c:27:b0:
a6:ad:30:01:da:81:22:76:d5:dc:14:86:48:e3:be:29:af:28:
2f:fa:71:39:9a:33:3f:26:ef:6f:dc:e0:9d:63:a0:4a:81:75:
3e:22:b2:f9:36:78:4e:8d:0b:bf:8c:70:90:c2:f1:ae:9f:c3:
7b:25:f9:97:95:3e:bf:52:5b:db:c1:c6:d9:06:35:1f:bb:29:
e9:ff:a4:2d:b8:fc:24:63:ee:48:37:53:a2:48:f3:f1:71:c7:
15:55:89:c7
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUaYIcNzXc/3Y9+s9p0yKadjgQqH0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNDEyMTIxMTQ4NTlaFw0yNTEyMTExMTUzNTlaMDMxMTAvBgNV
BAMTKDVBMTZCMDVEMTY3OThENjNEQzE4RTM2MjkxMTEyRjg0QzQyN0RENTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBtDtzcoVvp0F+ircKPP5vPn4S
S5tlkaqDwtn0FNYuucpWbKf9tTgMvxC18Xy+PHcit2Lw7zzlNVFCPlMC/ZF065Go
2vxBQBDDYajjI4B/pIt4kZam33LCE57HF6tKtN5Bb7Rypi1My7jN8TjO0UPqJah/
coRzCFcCGCo/zOU4HD984YbH1NItAnWotyv8UpeD4coaJlhYcgDLJZ/p5RB5QVZX
8g0P/tZmL8SivNL802Cswlyqe/lqz+LMcc/0UEJh4ECdo5XxmcZ8DwQdwS3N1ns4
kbo4N0yda14HrKcxMmNWoLE5KmQB3hQIfC7h4yXVWb8WNzneMQVop/lz/7bTAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUWhawXRZ5jWPcGONikREvhMQn3VAwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzAzMDMwM2EzYTJmMzMzODJkMzMzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYCKhR1gZAwDQYJKoZIhvcNAQELBQADggEBAIP7
riks18K1OSKitWksD7nUviJoD0TUeBVfbYtJ0Gi9DLGTnao2irfu/FDZqDfVEqIw
spD9JvwQy4HiGJEuboU1p5LFY/S1VcZTeEWRzEfk6M6onD/B51vs8BJZZ682hiNR
D2dn8T5Oy6/xV+FG9j+v6GlGTn4CgjyFjcqY1uvzKlz+ylQkKWVH64Xc7rFyAqSR
cMnISZp6P/xyVfudz1wnsKatMAHagSJ21dwUhkjjvimvKC/6cTmaMz8m72/c4J1j
oEqBdT4isvk2eE6NC7+McJDC8a6fw3sl+ZeVPr9SW9vBxtkGNR+7Ken/pC24/CRj
7kg3U6JI8/FxxxVVicc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:51:58 2025 by rpki-client