Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b59c106c-53b4-4e92-9fba-d60827b5bdb8/0/326131343a373538313a643030303a3a2f34302d3430203d3e203337393838.roa
File: 326131343a373538313a643030303a3a2f34302d3430203d3e203337393838.roa (raw, json)
Hash identifier: suIl/3chBmz4SE6S2JNws6yO1vlc1iZKVLvbUUyDaA0=
Subject key identifier: 68:FE:62:90:78:89:D2:11:BC:A0:DF:F1:99:BA:55:C5:D6:91:0E:E8
Certificate issuer: /CN=1F4C828276A9966865AB2B59533D1CB1BEC890BB
Certificate serial: 29862C2B8C750167C16DA7D44973143FAC1AB40B
Authority key identifier: 1F:4C:82:82:76:A9:96:68:65:AB:2B:59:53:3D:1C:B1:BE:C8:90:BB
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/1F4C828276A9966865AB2B59533D1CB1BEC890BB.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b59c106c-53b4-4e92-9fba-d60827b5bdb8/0/326131343a373538313a643030303a3a2f34302d3430203d3e203337393838.roa
Signing time: Tue 25 Jun 2024 12:33:56 +0000
ROA not before: Tue 25 Jun 2024 12:28:56 +0000
ROA not after: Tue 24 Jun 2025 12:33:56 +0000
asID: 37988
IP address blocks: 2a14:7581:d000::/40 maxlen: 40
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:86:2c:2b:8c:75:01:67:c1:6d:a7:d4:49:73:14:3f:ac:1a:b4:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1F4C828276A9966865AB2B59533D1CB1BEC890BB
Validity
Not Before: Jun 25 12:28:56 2024 GMT
Not After : Jun 24 12:33:56 2025 GMT
Subject: CN=68FE62907889D211BCA0DFF199BA55C5D6910EE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2a:69:0c:a4:78:a1:3e:5c:d7:b7:87:1f:76:
19:ca:b7:d5:f8:6e:aa:e1:c1:af:a6:0a:e3:a7:21:
d1:d8:f8:25:ef:72:7c:64:8f:ce:3b:90:77:78:b0:
2f:73:1f:46:a6:07:ce:ac:7f:29:f0:e9:9c:5a:58:
8d:e9:bc:d8:87:4a:6f:ee:ae:5e:69:8d:47:13:fe:
a7:63:03:cb:b5:0e:d9:74:0f:54:3d:4b:51:2b:58:
bc:0f:e8:77:d2:f2:08:05:d7:8f:9e:44:65:0b:73:
7a:49:7c:61:6c:4b:55:e8:8a:b2:f3:91:97:e5:da:
4c:26:da:88:b5:20:80:0e:81:72:ab:24:4f:12:de:
82:52:1a:fe:df:b0:03:6f:8b:d9:2f:40:b8:39:b7:
4c:ae:c8:41:5a:a4:3f:47:20:71:34:b1:bb:19:e7:
6d:7d:34:3f:95:50:36:d5:b1:f4:24:84:d7:66:23:
22:4c:4c:fa:8d:ad:47:24:13:4b:be:60:be:4e:ef:
98:ed:7e:25:fa:d6:cc:c9:63:d1:70:7f:31:23:5f:
4b:ec:0a:76:bb:50:7c:ef:19:42:5c:ed:3b:6a:8f:
94:07:1f:e8:25:ba:7c:4f:91:12:e1:0e:46:e4:83:
52:41:77:da:19:6e:11:42:a7:b2:01:d1:17:52:39:
51:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FE:62:90:78:89:D2:11:BC:A0:DF:F1:99:BA:55:C5:D6:91:0E:E8
X509v3 Authority Key Identifier:
keyid:1F:4C:82:82:76:A9:96:68:65:AB:2B:59:53:3D:1C:B1:BE:C8:90:BB
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b59c106c-53b4-4e92-9fba-d60827b5bdb8/0/1F4C828276A9966865AB2B59533D1CB1BEC890BB.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/1F4C828276A9966865AB2B59533D1CB1BEC890BB.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b59c106c-53b4-4e92-9fba-d60827b5bdb8/0/326131343a373538313a643030303a3a2f34302d3430203d3e203337393838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:d000::/40
Signature Algorithm: sha256WithRSAEncryption
84:67:da:2d:46:ec:27:10:07:4f:0a:fc:28:59:3d:0f:f8:d8:
41:c3:c6:60:44:13:6f:eb:ae:fb:60:eb:e0:39:0b:ab:22:d3:
fb:63:d1:86:ed:6c:13:64:42:77:98:20:f6:d1:29:c7:18:52:
84:2a:21:6f:46:c5:b4:cf:bf:62:81:e4:33:67:1a:06:6b:9d:
8f:d4:f2:90:0b:ee:96:75:ce:ab:40:b8:21:0b:a9:8f:fc:77:
9c:86:0c:2f:58:67:9d:92:00:10:af:f7:63:d5:c8:f8:3f:ea:
7a:93:9f:0f:10:3c:ec:29:cb:fb:46:30:60:c8:9a:83:4d:cb:
6a:1e:b2:89:0f:f4:be:c3:85:97:17:36:9e:cd:97:7c:7e:85:
88:39:12:bb:1e:83:b2:8e:2e:21:ba:b8:9c:72:24:4c:79:21:
7c:04:2d:cb:c7:bf:37:f3:1f:c4:ae:50:26:f6:5e:e8:5a:23:
4f:ac:2a:aa:a0:32:1c:71:0f:e4:c5:30:b3:f1:14:91:11:e0:
fc:89:b2:2f:03:ed:8f:b7:28:2a:05:83:27:47:6b:23:51:d6:
03:5b:f6:7d:b8:e9:06:81:54:67:64:25:9c:27:10:09:31:2e:
8d:87:33:27:ac:8b:52:2b:f5:1e:61:be:b7:f3:4c:c6:e8:c9:
e1:d5:f9:9c
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUKYYsK4x1AWfBbafUSXMUP6watAswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY0QzgyODI3NkE5OTY2ODY1QUIyQjU5NTMzRDFDQjFC
RUM4OTBCQjAeFw0yNDA2MjUxMjI4NTZaFw0yNTA2MjQxMjMzNTZaMDMxMTAvBgNV
BAMTKDY4RkU2MjkwNzg4OUQyMTFCQ0EwREZGMTk5QkE1NUM1RDY5MTBFRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmKmkMpHihPlzXt4cfdhnKt9X4
bqrhwa+mCuOnIdHY+CXvcnxkj847kHd4sC9zH0amB86sfynw6ZxaWI3pvNiHSm/u
rl5pjUcT/qdjA8u1Dtl0D1Q9S1ErWLwP6HfS8ggF14+eRGULc3pJfGFsS1XoirLz
kZfl2kwm2oi1IIAOgXKrJE8S3oJSGv7fsANvi9kvQLg5t0yuyEFapD9HIHE0sbsZ
5219ND+VUDbVsfQkhNdmIyJMTPqNrUckE0u+YL5O75jtfiX61szJY9FwfzEjX0vs
Cna7UHzvGUJc7Ttqj5QHH+glunxPkRLhDkbkg1JBd9oZbhFCp7IB0RdSOVHlAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUaP5ikHiJ0hG8oN/xmbpVxdaRDugwHwYDVR0j
BBgwFoAUH0yCgnaplmhlqytZUz0csb7IkLswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjU5YzEwNmMtNTNiNC00ZTkyLTlmYmEtZDYwODI3YjVi
ZGI4LzAvMUY0QzgyODI3NkE5OTY2ODY1QUIyQjU5NTMzRDFDQjFCRUM4OTBCQi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8xRjRDODI4Mjc2QTk5NjY4NjVBQjJCNTk1
MzNEMUNCMUJFQzg5MEJCLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iNTljMTA2Yy01M2I0LTRlOTItOWZiYS1kNjA4MjdiNWJkYjgvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTY0MzAzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzMz
NzM5MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUdYHQMA0GCSqGSIb3DQEBCwUAA4IBAQCEZ9ot
RuwnEAdPCvwoWT0P+NhBw8ZgRBNv6677YOvgOQurItP7Y9GG7WwTZEJ3mCD20SnH
GFKEKiFvRsW0z79igeQzZxoGa52P1PKQC+6Wdc6rQLghC6mP/HechgwvWGedkgAQ
r/dj1cj4P+p6k58PEDzsKcv7RjBgyJqDTctqHrKJD/S+w4WXFzaezZd8foWIORK7
HoOyji4huricciRMeSF8BC3Lx7838x/ErlAm9l7oWiNPrCqqoDIccQ/kxTCz8RSR
EeD8ibIvA+2PtygqBYMnR2sjUdYDW/Z9uOkGgVRnZCWcJxAJMS6NhzMnrItSK/Ue
Yb6380zG6Mnh1fmc
-----END CERTIFICATE-----
Generated at Mon Sep 23 15:22:08 2024 by rpki-client on console-fra.rpki-client.org