Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438363a6664303a3a2f34342d3438203d3e20313938393233.roa
File: 326130373a323438363a6664303a3a2f34342d3438203d3e20313938393233.roa (raw, json)
Hash identifier: kkorToFhEET+0ZUe5GV5ZC40NiAugo+kFaHz0/99qtk=
Subject key identifier: B5:35:BA:93:D8:0E:F6:9E:D0:99:C8:03:89:9D:9A:C6:59:58:92:21
Certificate issuer: /CN=28FA507C2092BDD1BBD1B0816C9D71CD4681096C
Certificate serial: 71781A68AF46635E5F7919C72D284C0D8BCA609B
Authority key identifier: 28:FA:50:7C:20:92:BD:D1:BB:D1:B0:81:6C:9D:71:CD:46:81:09:6C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438363a6664303a3a2f34342d3438203d3e20313938393233.roa
Signing time: Sat 08 Jun 2024 18:57:55 +0000
ROA not before: Sat 08 Jun 2024 18:52:55 +0000
ROA not after: Sat 07 Jun 2025 18:57:55 +0000
asID: 198923
IP address blocks: 2a07:2486:fd0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:78:1a:68:af:46:63:5e:5f:79:19:c7:2d:28:4c:0d:8b:ca:60:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28FA507C2092BDD1BBD1B0816C9D71CD4681096C
Validity
Not Before: Jun 8 18:52:55 2024 GMT
Not After : Jun 7 18:57:55 2025 GMT
Subject: CN=B535BA93D80EF69ED099C803899D9AC659589221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a9:8f:ae:a7:1d:a7:9a:68:78:37:de:d4:cf:
4e:ca:34:29:46:c5:e2:62:63:40:6b:3c:c0:db:16:
ff:03:9c:2f:5e:81:e9:ad:12:ac:b3:87:6a:17:9a:
31:7a:b7:af:61:fe:04:9a:bf:ed:2a:e3:c8:68:c2:
4d:e6:6f:b1:ee:d9:dc:ae:3b:88:c3:cd:43:c7:d6:
32:be:dd:75:94:f3:c6:4d:8f:8c:fa:b5:96:20:81:
10:30:af:a9:dd:d2:fc:89:1d:e3:fd:1c:14:f4:78:
a3:75:c7:2f:03:95:14:54:da:e0:9a:e0:3d:a2:37:
bc:98:52:67:d5:55:c2:26:97:78:f5:32:ba:1a:52:
e4:3e:12:46:e7:a8:13:47:6e:b0:81:19:a2:8c:f1:
04:87:e1:ac:ae:b2:81:e7:55:cd:67:11:2e:ff:f9:
0d:ec:76:d9:a2:ee:05:46:5b:94:9c:f3:a2:4a:eb:
cf:e8:96:f2:93:f9:0d:15:28:8b:54:a4:0a:64:7f:
b2:74:a3:a3:4b:b9:e7:cc:3d:1e:9b:8f:f9:3b:e2:
d7:b2:6d:4c:ad:2f:5c:18:fe:7f:25:75:72:82:fe:
99:ca:b1:33:2a:14:99:1f:83:8f:ac:08:a9:58:94:
af:3d:d2:df:64:18:a2:e5:e3:3c:56:7c:ba:4b:81:
6f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:35:BA:93:D8:0E:F6:9E:D0:99:C8:03:89:9D:9A:C6:59:58:92:21
X509v3 Authority Key Identifier:
keyid:28:FA:50:7C:20:92:BD:D1:BB:D1:B0:81:6C:9D:71:CD:46:81:09:6C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/21a797f9-3c10-4536-aa64-09ca2d9545c8/0/28FA507C2092BDD1BBD1B0816C9D71CD4681096C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c0ed046-fa95-45c3-9146-971db8a9e8bb/5/326130373a323438363a6664303a3a2f34342d3438203d3e20313938393233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2486:fd0::/44
Signature Algorithm: sha256WithRSAEncryption
24:c7:5c:9b:ad:77:ad:65:27:98:f8:9b:2b:9a:c1:a4:a2:24:
55:12:f8:99:10:6c:21:cb:a6:b8:33:f7:0e:4c:2c:98:b1:7c:
f5:c8:67:d1:33:d6:c0:64:cf:e0:ee:80:6e:03:6d:87:42:c0:
4b:5b:fb:ff:52:2d:60:18:9b:42:e5:bd:72:66:c4:f5:9f:85:
ce:40:b3:26:f8:ec:cf:cb:9f:a3:3e:c9:1f:a1:b1:20:64:fa:
d5:ae:5f:ac:44:32:03:13:51:04:c4:0d:c8:a4:ba:ad:d4:27:
74:4d:6f:ab:72:39:62:60:8c:5d:1c:28:eb:dd:6c:72:c9:bc:
b8:18:5a:2c:23:9b:82:69:a7:5d:91:c8:2f:a3:d2:07:25:41:
41:7f:09:2f:0e:00:f4:81:e3:e4:59:a0:3d:88:c9:54:18:81:
63:59:ff:f1:a0:ba:b2:e9:b0:f1:f6:20:f7:a3:0a:3d:a9:14:
4f:8c:8a:d9:24:f4:c5:f1:80:9e:64:95:39:97:d8:df:ee:41:
88:32:d1:5e:8d:38:dc:e1:58:38:91:ed:68:1c:8f:85:bd:11:
b7:ee:49:d9:e2:32:32:a5:f4:ea:95:7d:3d:dc:a8:4a:da:5c:
7d:bd:a3:8c:45:f7:4a:34:e9:72:11:e8:be:55:16:8a:57:ed:
32:77:bd:91
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUcXgaaK9GY15feRnHLShMDYvKYJswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjhGQTUwN0MyMDkyQkREMUJCRDFCMDgxNkM5RDcxQ0Q0
NjgxMDk2QzAeFw0yNDA2MDgxODUyNTVaFw0yNTA2MDcxODU3NTVaMDMxMTAvBgNV
BAMTKEI1MzVCQTkzRDgwRUY2OUVEMDk5QzgwMzg5OUQ5QUM2NTk1ODkyMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMqY+upx2nmmh4N97Uz07KNClG
xeJiY0BrPMDbFv8DnC9egemtEqyzh2oXmjF6t69h/gSav+0q48howk3mb7Hu2dyu
O4jDzUPH1jK+3XWU88ZNj4z6tZYggRAwr6nd0vyJHeP9HBT0eKN1xy8DlRRU2uCa
4D2iN7yYUmfVVcIml3j1MroaUuQ+EkbnqBNHbrCBGaKM8QSH4ayusoHnVc1nES7/
+Q3sdtmi7gVGW5Sc86JK68/olvKT+Q0VKItUpApkf7J0o6NLuefMPR6bj/k74tey
bUytL1wY/n8ldXKC/pnKsTMqFJkfg4+sCKlYlK890t9kGKLl4zxWfLpLgW9BAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUtTW6k9gO9p7QmcgDiZ2axllYkiEwHwYDVR0j
BBgwFoAUKPpQfCCSvdG70bCBbJ1xzUaBCWwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWMwZWQwNDYtZmE5NS00NWMzLTkxNDYtOTcxZGI4YTll
OGJiLzUvMjhGQTUwN0MyMDkyQkREMUJCRDFCMDgxNkM5RDcxQ0Q0NjgxMDk2Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yMWE3OTdmOS0zYzEwLTQ1
MzYtYWE2NC0wOWNhMmQ5NTQ1YzgvMC8yOEZBNTA3QzIwOTJCREQxQkJEMUIwODE2
QzlENzFDRDQ2ODEwOTZDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS85YzBlZDA0Ni1mYTk1LTQ1YzMtOTE0Ni05NzFkYjhhOWU4YmIvNS8zMjYxMzAz
NzNhMzIzNDM4MzYzYTY2NjQzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMxMzkz
ODM5MzIzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHBCoHJIYP0DANBgkqhkiG9w0BAQsFAAOCAQEAJMdc
m613rWUnmPibK5rBpKIkVRL4mRBsIcumuDP3DkwsmLF89chn0TPWwGTP4O6AbgNt
h0LAS1v7/1ItYBibQuW9cmbE9Z+FzkCzJvjsz8ufoz7JH6GxIGT61a5frEQyAxNR
BMQNyKS6rdQndE1vq3I5YmCMXRwo691scsm8uBhaLCObgmmnXZHIL6PSByVBQX8J
Lw4A9IHj5FmgPYjJVBiBY1n/8aC6sumw8fYg96MKPakUT4yK2ST0xfGAnmSVOZfY
3+5BiDLRXo043OFYOJHtaByPhb0Rt+5J2eIyMqX06pV9PdyoStpcfb2jjEX3SjTp
chHovlUWilftMne9kQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:43 2025 by rpki-client