Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393031303a3a2f34342d3438203d3e20313430393135.roa
File: 326131343a373538313a393031303a3a2f34342d3438203d3e20313430393135.roa (raw, json)
Hash identifier: +u1GgR4ItR9W4eiEMw3maPQx96v0QxpGp/K8rZa1bfY=
Subject key identifier: DE:88:10:AF:3D:FC:DD:B3:DD:58:B5:F2:8D:EB:FD:CD:57:4A:8E:81
Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial: 303619DCC8A37636ECC5AFD9AEB29F7236F5EA99
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393031303a3a2f34342d3438203d3e20313430393135.roa
Signing time: Sun 12 Jan 2025 10:08:32 +0000
ROA not before: Sun 12 Jan 2025 10:03:32 +0000
ROA not after: Sun 11 Jan 2026 10:08:32 +0000
asID: 140915
IP address blocks: 2a14:7581:9010::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:36:19:dc:c8:a3:76:36:ec:c5:af:d9:ae:b2:9f:72:36:f5:ea:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Validity
Not Before: Jan 12 10:03:32 2025 GMT
Not After : Jan 11 10:08:32 2026 GMT
Subject: CN=DE8810AF3DFCDDB3DD58B5F28DEBFDCD574A8E81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:03:0d:12:f0:28:e8:89:5d:2b:12:bd:d3:c8:
ef:38:ae:ee:25:ce:a6:0d:96:b9:a6:d8:f0:ba:b8:
99:44:d9:ea:5f:54:a7:4e:6d:9d:99:74:bf:60:02:
a3:94:4f:05:10:c8:30:fa:29:6c:6e:7f:bd:1d:99:
8d:aa:ee:eb:23:1f:4b:72:30:db:d8:1b:f2:e9:84:
2a:ea:f0:13:0f:19:d6:e8:bc:70:c9:54:93:91:75:
86:82:50:ca:7a:c1:43:57:71:af:8e:a8:e9:43:9d:
45:0d:90:0f:29:53:bb:85:76:c2:f9:98:8e:09:2d:
ea:31:84:e3:b8:c9:57:43:58:17:d2:5a:04:f8:9c:
1e:4e:78:78:a6:77:a8:83:ca:6b:e3:91:5e:fd:2e:
2d:f6:24:86:fa:fd:f9:f0:f5:4a:59:c4:d1:ab:4f:
22:3d:47:18:c6:13:4c:f9:8f:fe:3b:b4:2c:4b:87:
44:72:37:76:43:c5:ee:45:1a:5c:94:4b:fb:5b:6f:
e1:00:8e:29:9b:08:aa:f1:4a:1e:68:b3:0f:c6:53:
bc:2b:72:f8:43:a4:bf:11:f4:d2:05:5e:00:b1:86:
0e:c9:23:b8:77:d9:a9:ed:a5:e6:8d:5f:99:b5:ec:
d5:64:34:19:fd:d3:d4:c2:2f:af:7a:0d:1b:a8:74:
46:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:88:10:AF:3D:FC:DD:B3:DD:58:B5:F2:8D:EB:FD:CD:57:4A:8E:81
X509v3 Authority Key Identifier:
keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393031303a3a2f34342d3438203d3e20313430393135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9010::/44
Signature Algorithm: sha256WithRSAEncryption
7e:ee:14:1a:9e:63:d5:16:d9:22:96:da:dd:0a:5a:98:16:45:
d4:2c:a6:76:8e:41:b2:a9:12:5d:82:3b:73:eb:ad:e4:21:45:
4d:b6:cb:6c:0f:f1:e2:ea:61:58:17:3c:75:10:02:d1:4e:5b:
34:32:4c:7c:e8:8b:56:32:6a:02:4f:37:7f:87:d3:02:8e:9a:
40:d9:b9:21:ac:6a:f6:72:ad:5e:13:4a:51:99:10:92:73:c1:
0a:11:c5:81:89:a9:fe:4c:9f:2a:58:07:f1:24:8e:62:f3:ae:
3a:63:f4:5c:4d:f5:25:cf:c3:2d:e7:34:11:7f:86:0b:3e:71:
b0:3e:97:45:12:d8:23:4f:47:5f:68:c1:29:93:c0:ae:33:9f:
eb:96:ce:2d:bb:b5:c4:ca:6b:6a:8f:ed:80:db:3b:6c:7b:90:
10:a9:d9:42:fe:dd:f5:44:30:fc:b1:39:5f:97:23:1c:4c:b9:
89:4d:9c:6b:4a:34:e8:70:8b:df:57:5b:87:ba:78:35:28:11:
44:f4:53:3c:b8:d9:cb:cb:a5:e1:f9:ef:7e:97:c8:ad:18:cb:
ce:aa:e5:e5:d4:7a:64:c6:57:dd:f3:74:f5:39:43:ea:b2:8d:
9a:98:a6:70:10:90:13:2e:4c:ec:44:be:44:1b:4e:c3:62:9d:
53:07:5c:37
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUMDYZ3Mijdjbsxa/ZrrKfcjb16pkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNTAxMTIxMDAzMzJaFw0yNjAxMTExMDA4MzJaMDMxMTAvBgNV
BAMTKERFODgxMEFGM0RGQ0REQjNERDU4QjVGMjhERUJGRENENTc0QThFODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+Aw0S8CjoiV0rEr3TyO84ru4l
zqYNlrmm2PC6uJlE2epfVKdObZ2ZdL9gAqOUTwUQyDD6KWxuf70dmY2q7usjH0ty
MNvYG/LphCrq8BMPGdbovHDJVJORdYaCUMp6wUNXca+OqOlDnUUNkA8pU7uFdsL5
mI4JLeoxhOO4yVdDWBfSWgT4nB5OeHimd6iDymvjkV79Li32JIb6/fnw9UpZxNGr
TyI9RxjGE0z5j/47tCxLh0RyN3ZDxe5FGlyUS/tbb+EAjimbCKrxSh5osw/GU7wr
cvhDpL8R9NIFXgCxhg7JI7h32antpeaNX5m17NVkNBn909TCL696DRuodEYHAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU3ogQrz383bPdWLXyjev9zVdKjoEwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzAzMTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEz
NDMwMzkzMTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gZAQMA0GCSqGSIb3DQEBCwUAA4IBAQB+
7hQanmPVFtkiltrdClqYFkXULKZ2jkGyqRJdgjtz663kIUVNtstsD/Hi6mFYFzx1
EALRTls0Mkx86ItWMmoCTzd/h9MCjppA2bkhrGr2cq1eE0pRmRCSc8EKEcWBian+
TJ8qWAfxJI5i8646Y/RcTfUlz8Mt5zQRf4YLPnGwPpdFEtgjT0dfaMEpk8CuM5/r
ls4tu7XEymtqj+2A2ztse5AQqdlC/t31RDD8sTlflyMcTLmJTZxrSjTocIvfV1uH
ung1KBFE9FM8uNnLy6Xh+e9+l8itGMvOquXl1Hpkxlfd83T1OUPqso2amKZwEJAT
LkzsRL5EG07DYp1TB1w3
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:49:08 2025 by rpki-client