Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b6746901-23d3-4301-b28d-8b0982b06c08/1/326131343a373538313a396661303a3a2f34342d3434203d3e20323133343330.roa
File: 326131343a373538313a396661303a3a2f34342d3434203d3e20323133343330.roa (raw, json)
Hash identifier: d3iHJMweVF6LgmzJW5tJ0HjZ2o8ZywN7DAOmyK8JVYg=
Subject key identifier: 53:EE:CF:CF:53:64:FA:3E:31:0E:B6:5B:B9:B8:7C:6F:6E:C5:9F:E8
Certificate issuer: /CN=15BCD75E02E085EB08A3D2F22C872972154D76C5
Certificate serial: 0A15BEECBDFE1BFB2189451AD12832E1E2C3C6DE
Authority key identifier: 15:BC:D7:5E:02:E0:85:EB:08:A3:D2:F2:2C:87:29:72:15:4D:76:C5
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/15BCD75E02E085EB08A3D2F22C872972154D76C5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b6746901-23d3-4301-b28d-8b0982b06c08/1/326131343a373538313a396661303a3a2f34342d3434203d3e20323133343330.roa
Signing time: Fri 07 Mar 2025 08:59:42 +0000
ROA not before: Fri 07 Mar 2025 08:54:42 +0000
ROA not after: Fri 06 Mar 2026 08:59:42 +0000
asID: 213430
IP address blocks: 2a14:7581:9fa0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:15:be:ec:bd:fe:1b:fb:21:89:45:1a:d1:28:32:e1:e2:c3:c6:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15BCD75E02E085EB08A3D2F22C872972154D76C5
Validity
Not Before: Mar 7 08:54:42 2025 GMT
Not After : Mar 6 08:59:42 2026 GMT
Subject: CN=53EECFCF5364FA3E310EB65BB9B87C6F6EC59FE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:47:e0:22:92:c0:9e:44:d8:da:df:f5:1a:9c:
15:ca:1d:88:51:0b:47:73:af:f9:9a:58:39:d3:eb:
63:35:01:e8:ce:57:3d:8e:22:eb:c1:72:f4:60:9d:
e6:04:32:0f:95:dd:97:d3:af:5f:dc:23:a0:64:06:
d3:09:01:5f:c9:57:ad:0b:da:03:6a:8f:ff:d1:f8:
5f:a7:50:3b:e0:a7:65:c8:99:ba:1d:ee:bd:bf:9b:
d5:12:72:21:b3:dc:84:3b:7b:42:bc:56:e0:ea:38:
d7:ba:73:e0:32:b9:9f:fc:60:01:aa:61:6b:3a:ad:
d9:e8:52:4e:4d:09:05:f0:6c:e4:66:56:15:ba:14:
53:4d:b8:92:d1:3d:b8:89:17:67:2b:bd:c4:61:76:
19:76:46:7e:34:48:ec:c2:ad:fb:c2:41:77:b5:cc:
88:61:5c:48:c6:80:2e:0f:bb:f6:90:5d:b0:c0:30:
33:6f:0f:eb:84:34:53:f8:42:ec:e0:a8:67:08:3f:
d1:89:04:17:d4:8f:02:9f:43:44:6e:e7:a4:f5:0e:
09:79:35:9e:76:93:a6:95:33:bd:cc:77:2a:de:f2:
a8:53:6b:dd:c0:5b:b2:0e:ab:3c:76:95:94:fd:1a:
00:b6:8f:b6:c2:5a:e2:cc:52:36:d2:77:2e:0d:34:
4f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:EE:CF:CF:53:64:FA:3E:31:0E:B6:5B:B9:B8:7C:6F:6E:C5:9F:E8
X509v3 Authority Key Identifier:
keyid:15:BC:D7:5E:02:E0:85:EB:08:A3:D2:F2:2C:87:29:72:15:4D:76:C5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b6746901-23d3-4301-b28d-8b0982b06c08/1/15BCD75E02E085EB08A3D2F22C872972154D76C5.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/15BCD75E02E085EB08A3D2F22C872972154D76C5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b6746901-23d3-4301-b28d-8b0982b06c08/1/326131343a373538313a396661303a3a2f34342d3434203d3e20323133343330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9fa0::/44
Signature Algorithm: sha256WithRSAEncryption
6c:31:fc:4f:ce:c6:b5:7b:8e:d6:39:23:64:2d:16:7d:d1:0f:
be:03:46:04:8c:91:d5:19:39:56:d7:8c:e4:ec:af:ce:1a:e6:
af:ed:4c:71:cc:43:30:fa:18:07:95:26:da:9a:13:b9:d7:47:
75:c0:20:f4:4f:a6:eb:eb:ff:78:68:18:c7:7e:eb:d6:30:dd:
df:74:52:2a:3c:07:00:61:ed:81:46:c6:7d:03:0f:11:59:f5:
c8:b7:33:4b:91:32:f3:2b:f0:8f:15:e0:9b:16:b4:c9:03:40:
89:05:99:d6:e8:0a:7f:ae:6f:aa:b8:de:94:f6:26:c4:09:bd:
1c:f9:59:1d:0a:3b:7c:d2:9e:6c:28:3b:df:e2:e9:ba:0b:12:
1c:51:db:00:26:33:c9:79:a0:1a:fb:8c:86:41:97:49:18:d1:
5c:b2:c7:fe:ec:5d:28:ce:67:28:0a:a5:73:c3:84:8d:df:14:
7a:e7:a6:5e:5a:ce:c1:41:4a:76:5f:b0:a6:3f:33:38:99:7c:
44:74:f2:5a:31:6c:be:5a:9e:92:30:17:30:5d:a5:c0:fc:c9:
0f:aa:36:91:c7:63:69:23:1b:ab:cb:73:19:0a:ed:0d:60:a0:
92:b3:f3:6c:26:3f:69:a4:46:ba:c3:98:50:85:7a:d4:eb:8e:
6b:ec:34:26
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUChW+7L3+G/shiUUa0Sgy4eLDxt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTVCQ0Q3NUUwMkUwODVFQjA4QTNEMkYyMkM4NzI5NzIx
NTRENzZDNTAeFw0yNTAzMDcwODU0NDJaFw0yNjAzMDYwODU5NDJaMDMxMTAvBgNV
BAMTKDUzRUVDRkNGNTM2NEZBM0UzMTBFQjY1QkI5Qjg3QzZGNkVDNTlGRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkR+AiksCeRNja3/UanBXKHYhR
C0dzr/maWDnT62M1AejOVz2OIuvBcvRgneYEMg+V3ZfTr1/cI6BkBtMJAV/JV60L
2gNqj//R+F+nUDvgp2XImbod7r2/m9USciGz3IQ7e0K8VuDqONe6c+AyuZ/8YAGq
YWs6rdnoUk5NCQXwbORmVhW6FFNNuJLRPbiJF2crvcRhdhl2Rn40SOzCrfvCQXe1
zIhhXEjGgC4Pu/aQXbDAMDNvD+uENFP4QuzgqGcIP9GJBBfUjwKfQ0Ru56T1Dgl5
NZ52k6aVM73Mdyre8qhTa93AW7IOqzx2lZT9GgC2j7bCWuLMUjbSdy4NNE8BAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUU+7Pz1Nk+j4xDrZbubh8b27Fn+gwHwYDVR0j
BBgwFoAUFbzXXgLghesIo9LyLIcpchVNdsUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjY3NDY5MDEtMjNkMy00MzAxLWIyOGQtOGIwOTgyYjA2
YzA4LzEvMTVCQ0Q3NUUwMkUwODVFQjA4QTNEMkYyMkM4NzI5NzIxNTRENzZDNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8xNUJDRDc1RTAyRTA4NUVCMDhBM0QyRjIy
Qzg3Mjk3MjE1NEQ3NkM1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iNjc0NjkwMS0yM2QzLTQzMDEtYjI4ZC04YjA5ODJiMDZjMDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5NjY2MTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTMzMzQzMzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gZ+gMA0GCSqGSIb3DQEBCwUAA4IBAQBs
MfxPzsa1e47WOSNkLRZ90Q++A0YEjJHVGTlW14zk7K/OGuav7UxxzEMw+hgHlSba
mhO510d1wCD0T6br6/94aBjHfuvWMN3fdFIqPAcAYe2BRsZ9Aw8RWfXItzNLkTLz
K/CPFeCbFrTJA0CJBZnW6Ap/rm+quN6U9ibECb0c+VkdCjt80p5sKDvf4um6CxIc
UdsAJjPJeaAa+4yGQZdJGNFcssf+7F0ozmcoCqVzw4SN3xR656ZeWs7BQUp2X7Cm
PzM4mXxEdPJaMWy+Wp6SMBcwXaXA/MkPqjaRx2NpIxury3MZCu0NYKCSs/NsJj9p
pEa6w5hQhXrU645r7DQm
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:19:35 2025 by rpki-client