Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/1/326131343a373538313a366663303a3a2f34342d3438203d3e20323037333839.roa
File: 326131343a373538313a366663303a3a2f34342d3438203d3e20323037333839.roa (raw, json)
Hash identifier: Vs7Q5KU9koM9GeO4e0pzIZd/B9BJX1MGwWzBfnT0lFM=
Subject key identifier: 89:77:4A:B5:88:69:C0:3F:0D:25:03:38:77:2E:45:EA:9F:89:94:EF
Certificate issuer: /CN=893FD41BDE226C54F2AD2B3DDA19C1A0B8F1206B
Certificate serial: 2BE8A6A0287B80FA42CCF32E01A7429DE4EBF195
Authority key identifier: 89:3F:D4:1B:DE:22:6C:54:F2:AD:2B:3D:DA:19:C1:A0:B8:F1:20:6B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/893FD41BDE226C54F2AD2B3DDA19C1A0B8F1206B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/1/326131343a373538313a366663303a3a2f34342d3438203d3e20323037333839.roa
Signing time: Wed 04 Jun 2025 16:28:06 +0000
ROA not before: Wed 04 Jun 2025 16:23:06 +0000
ROA not after: Wed 03 Jun 2026 16:28:06 +0000
asID: 207389
IP address blocks: 2a14:7581:6fc0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:e8:a6:a0:28:7b:80:fa:42:cc:f3:2e:01:a7:42:9d:e4:eb:f1:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=893FD41BDE226C54F2AD2B3DDA19C1A0B8F1206B
Validity
Not Before: Jun 4 16:23:06 2025 GMT
Not After : Jun 3 16:28:06 2026 GMT
Subject: CN=89774AB58869C03F0D250338772E45EA9F8994EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:00:1c:71:86:10:42:38:d4:42:0c:bc:a6:
ad:ad:d4:0a:0d:8c:3d:cf:84:0e:89:f0:53:a6:65:
01:83:ca:46:a5:98:d8:4f:8d:15:65:e5:a7:52:d8:
2b:ed:58:54:d7:6f:66:71:a9:c0:bc:29:33:3e:88:
47:9d:ec:5b:c7:a6:cf:c2:4c:6d:29:62:d5:a6:2f:
93:f2:ab:e8:9f:d0:6c:1e:c6:45:dd:f8:69:3b:8a:
2c:86:a4:bf:70:b8:1c:6c:4e:92:d2:b7:34:c3:f3:
ed:ec:5d:f8:21:2e:98:c2:df:5d:86:20:8c:d1:c5:
de:01:14:2b:8f:85:db:3b:3c:52:1b:7d:8c:42:9e:
af:23:bd:af:0f:b8:d8:81:aa:0c:9b:84:e1:a4:4c:
47:7d:10:8a:06:4c:c9:f2:e0:07:6f:59:ed:b3:e5:
8a:0f:10:f5:57:9b:85:09:be:30:6a:d9:10:06:1a:
ac:ce:93:04:08:af:8c:76:03:e8:08:6d:69:d8:cd:
c3:12:58:9e:ea:6d:08:07:9c:f7:0f:bf:5d:bb:76:
ff:74:be:7c:bf:98:94:7f:11:5d:bd:6d:e7:d7:24:
3b:14:2d:75:b8:88:a4:8a:20:cb:96:60:8f:34:0c:
7e:c2:2a:01:ac:34:5e:8a:4a:fc:f1:e8:32:32:c3:
82:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:77:4A:B5:88:69:C0:3F:0D:25:03:38:77:2E:45:EA:9F:89:94:EF
X509v3 Authority Key Identifier:
keyid:89:3F:D4:1B:DE:22:6C:54:F2:AD:2B:3D:DA:19:C1:A0:B8:F1:20:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/1/893FD41BDE226C54F2AD2B3DDA19C1A0B8F1206B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/893FD41BDE226C54F2AD2B3DDA19C1A0B8F1206B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8acfa318-2a5c-4241-afbb-387d71e8c596/1/326131343a373538313a366663303a3a2f34342d3438203d3e20323037333839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:6fc0::/44
Signature Algorithm: sha256WithRSAEncryption
3a:9d:96:09:eb:ed:bc:b9:f3:39:9f:f3:88:ce:1f:e7:f4:55:
55:66:3e:b5:64:ed:5c:3e:45:6c:9a:fa:47:9b:a3:c2:c7:34:
ac:35:5c:a0:03:a2:72:78:02:61:3a:55:15:5c:b3:6c:09:9d:
84:77:a5:e9:a6:5f:3a:8c:01:ba:6d:a9:b2:fe:a7:15:54:7f:
38:dc:a8:9d:24:81:7a:d5:e0:ca:a9:21:80:29:e5:f7:f1:b6:
bf:af:48:ac:d6:14:a4:dd:04:a5:36:ee:1b:1a:b2:3f:da:c1:
76:df:0b:fe:cf:38:78:83:69:73:34:96:d3:54:26:00:3e:4b:
f2:2e:a8:f4:c5:a4:08:58:2e:37:c8:ac:c1:be:cf:7a:54:2f:
2c:d3:15:e8:e3:8f:3b:92:3c:3c:c7:fa:e8:7a:e5:e5:2c:e2:
a3:53:7e:4b:c8:fc:3c:09:be:a0:e7:a5:e7:9f:ef:4f:7e:a2:
a1:2b:b6:69:20:37:dd:b6:f0:63:d7:04:53:98:2d:55:a6:02:
0d:89:10:0a:58:fb:4d:96:5c:8e:ba:ca:71:05:c7:56:93:66:
14:75:64:1b:c8:58:4d:d7:19:e3:10:ba:72:94:c2:fa:e5:76:
3f:1e:48:31:08:d4:4f:50:74:3f:c0:2f:27:53:2f:bc:be:52:
dc:75:dd:c0
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUK+imoCh7gPpCzPMuAadCneTr8ZUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODkzRkQ0MUJERTIyNkM1NEYyQUQyQjNEREExOUMxQTBC
OEYxMjA2QjAeFw0yNTA2MDQxNjIzMDZaFw0yNjA2MDMxNjI4MDZaMDMxMTAvBgNV
BAMTKDg5Nzc0QUI1ODg2OUMwM0YwRDI1MDMzODc3MkU0NUVBOUY4OTk0RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVcgAccYYQQjjUQgy8pq2t1AoN
jD3PhA6J8FOmZQGDykalmNhPjRVl5adS2CvtWFTXb2ZxqcC8KTM+iEed7FvHps/C
TG0pYtWmL5Pyq+if0GwexkXd+Gk7iiyGpL9wuBxsTpLStzTD8+3sXfghLpjC312G
IIzRxd4BFCuPhds7PFIbfYxCnq8jva8PuNiBqgybhOGkTEd9EIoGTMny4AdvWe2z
5YoPEPVXm4UJvjBq2RAGGqzOkwQIr4x2A+gIbWnYzcMSWJ7qbQgHnPcPv127dv90
vny/mJR/EV29befXJDsULXW4iKSKIMuWYI80DH7CKgGsNF6KSvzx6DIyw4JXAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUiXdKtYhpwD8NJQM4dy5F6p+JlO8wHwYDVR0j
BBgwFoAUiT/UG94ibFTyrSs92hnBoLjxIGswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGFjZmEzMTgtMmE1Yy00MjQxLWFmYmItMzg3ZDcxZThj
NTk2LzEvODkzRkQ0MUJERTIyNkM1NEYyQUQyQjNEREExOUMxQTBCOEYxMjA2Qi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84OTNGRDQxQkRFMjI2QzU0RjJBRDJCM0RE
QTE5QzFBMEI4RjEyMDZCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84YWNmYTMxOC0yYTVjLTQyNDEtYWZiYi0zODdkNzFlOGM1OTYvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM2NjY2MzMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MDM3MzMzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gW/AMA0GCSqGSIb3DQEBCwUAA4IBAQA6
nZYJ6+28ufM5n/OIzh/n9FVVZj61ZO1cPkVsmvpHm6PCxzSsNVygA6JyeAJhOlUV
XLNsCZ2Ed6Xppl86jAG6bamy/qcVVH843KidJIF61eDKqSGAKeX38ba/r0is1hSk
3QSlNu4bGrI/2sF23wv+zzh4g2lzNJbTVCYAPkvyLqj0xaQIWC43yKzBvs96VC8s
0xXo4487kjw8x/roeuXlLOKjU35LyPw8Cb6g56Xnn+9PfqKhK7ZpIDfdtvBj1wRT
mC1VpgINiRAKWPtNllyOuspxBcdWk2YUdWQbyFhN1xnjELpylML65XY/HkgxCNRP
UHQ/wC8nUy+8vlLcdd3A
-----END CERTIFICATE-----
Generated at Mon Sep 8 17:00:19 2025 by rpki-client