Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830303a3a2f34382d3438203d3e203437323732.roa
File: 326130373a353463313a333830303a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: W1YBnVO+GvsP7K0R6J2d//goqpXY147g6C67uXu8dJU=
Subject key identifier: B8:60:88:FA:DB:C6:E8:59:29:0B:07:F1:1D:CD:98:C4:D8:30:FE:7B
Certificate issuer: /CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848
Certificate serial: 4E1F52825EEF118CA00A1DE2D086BA314081B6BA
Authority key identifier: CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830303a3a2f34382d3438203d3e203437323732.roa
Signing time: Sat 23 Sep 2023 19:25:27 +0000
ROA not before: Sat 23 Sep 2023 19:20:27 +0000
ROA not after: Sat 21 Sep 2024 19:25:27 +0000
asID: 47272
IP address blocks: 2a07:54c1:3800::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:1f:52:82:5e:ef:11:8c:a0:0a:1d:e2:d0:86:ba:31:40:81:b6:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848
Validity
Not Before: Sep 23 19:20:27 2023 GMT
Not After : Sep 21 19:25:27 2024 GMT
Subject: CN=B86088FADBC6E859290B07F11DCD98C4D830FE7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f3:4f:fb:24:54:aa:af:a7:8d:2b:68:fb:f9:
8b:15:85:50:72:1d:08:9b:53:43:9e:5f:c2:ed:9d:
53:66:28:83:fe:55:3a:65:06:8e:5d:7c:5d:ac:41:
19:bd:f5:52:83:ed:05:fc:f7:b2:5e:5a:e2:f4:c6:
a9:7e:3b:48:4e:db:61:ce:f4:24:2e:b7:a8:d3:d8:
fd:4f:d1:2c:20:2b:91:d4:74:31:01:1b:c0:d8:c1:
ee:94:e1:1a:c7:0d:6f:32:da:6e:2b:75:5d:a5:80:
1d:a5:9b:d8:d9:14:3d:00:59:84:f7:ea:86:81:c7:
fb:a8:3e:6e:27:82:c8:d0:a6:f0:31:b4:9f:e5:51:
93:bb:9e:e5:3b:02:d2:df:d9:f0:d1:2c:0b:60:13:
ee:97:e6:e8:95:d8:28:8e:fe:99:da:b4:1c:ef:86:
40:c3:db:29:95:1b:c4:b3:e7:7a:ea:62:1f:82:d6:
98:e7:b1:22:be:5e:2e:4a:44:ee:5c:93:16:c3:fc:
20:0d:c8:09:7d:f3:8f:9b:6e:82:63:03:3b:b6:f6:
a5:76:9d:96:bd:c4:c2:da:27:6e:b3:cb:b8:da:38:
6f:f2:01:02:c1:63:fb:55:52:27:8c:67:d0:56:8f:
ab:09:c3:99:b3:cb:22:f1:59:cf:ba:1a:20:f0:19:
5c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:60:88:FA:DB:C6:E8:59:29:0B:07:F1:1D:CD:98:C4:D8:30:FE:7B
X509v3 Authority Key Identifier:
keyid:CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830303a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:3800::/48
Signature Algorithm: sha256WithRSAEncryption
43:1c:52:6c:ca:b7:92:21:60:5e:02:e1:63:88:f8:2c:8d:47:
c6:9d:40:70:84:1c:cf:71:d5:c0:f2:35:84:e9:e1:85:1f:c9:
bf:c1:06:fd:c2:76:12:4f:65:93:5b:c1:ad:3c:05:03:88:a6:
b8:ff:e1:ee:09:f7:2a:d5:f4:0b:23:d2:3f:e7:0e:a5:54:ef:
1a:c6:ba:dd:97:a8:d3:2c:14:5c:1f:91:74:5e:a7:6b:2f:09:
3e:42:56:9b:c7:1d:1b:8c:df:a6:4f:3b:cb:b2:4e:24:56:02:
e9:aa:92:d6:b2:2d:de:87:41:42:0e:84:93:3d:d9:68:a4:98:
39:84:1a:d6:ca:18:ae:e7:7d:56:6c:9c:4c:5c:af:2d:85:0b:
72:cc:ce:6c:5c:f0:6a:90:96:49:27:07:da:21:96:91:c0:c4:
0e:4a:39:c3:f7:b8:02:82:27:0f:d6:8f:9c:3a:69:53:f1:b3:
47:84:0e:c0:02:46:51:82:5d:15:c8:03:a0:63:65:82:10:2f:
3d:79:f7:a4:d7:45:c1:31:66:d3:2c:70:8e:c0:63:1c:07:ab:
ab:44:4a:b8:4f:fb:69:9f:0a:ad:e2:9b:bb:c0:1a:d3:28:66:
fa:9c:70:ae:98:52:a0:d7:09:b0:48:17:d9:c0:ad:9a:f0:b1:
27:a8:6c:09
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUTh9Sgl7vEYygCh3i0Ia6MUCBtrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VFNTBGODY1NDQyNkI1QTYwRUU4QzUyQTlBRTk1OEY4
RDc3Qjg0ODAeFw0yMzA5MjMxOTIwMjdaFw0yNDA5MjExOTI1MjdaMDMxMTAvBgNV
BAMTKEI4NjA4OEZBREJDNkU4NTkyOTBCMDdGMTFEQ0Q5OEM0RDgzMEZFN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE80/7JFSqr6eNK2j7+YsVhVBy
HQibU0OeX8LtnVNmKIP+VTplBo5dfF2sQRm99VKD7QX897JeWuL0xql+O0hO22HO
9CQut6jT2P1P0SwgK5HUdDEBG8DYwe6U4RrHDW8y2m4rdV2lgB2lm9jZFD0AWYT3
6oaBx/uoPm4ngsjQpvAxtJ/lUZO7nuU7AtLf2fDRLAtgE+6X5uiV2CiO/pnatBzv
hkDD2ymVG8Sz53rqYh+C1pjnsSK+Xi5KRO5ckxbD/CANyAl984+bboJjAzu29qV2
nZa9xMLaJ26zy7jaOG/yAQLBY/tVUieMZ9BWj6sJw5mzyyLxWc+6GiDwGVzfAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUuGCI+tvG6FkpCwfxHc2YxNgw/nswHwYDVR0j
BBgwFoAUzuUPhlRCa1pg7oxSqa6Vj413uEgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmM5MGY0ZjYtZjJjNC00ODgyLTkxY2YtOWI4ZjBiMzhk
N2RhLzEvQ0VFNTBGODY1NDQyNkI1QTYwRUU4QzUyQTlBRTk1OEY4RDc3Qjg0OC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9DRUU1MEY4NjU0NDI2QjVBNjBFRThDNTJB
OUFFOTU4RjhENzdCODQ4LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iYzkwZjRmNi1mMmM0LTQ4ODItOTFjZi05YjhmMGIzOGQ3ZGEvMS8zMjYxMzAz
NzNhMzUzNDYzMzEzYTMzMzgzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoHVME4ADANBgkqhkiG9w0BAQsFAAOCAQEAQxxS
bMq3kiFgXgLhY4j4LI1Hxp1AcIQcz3HVwPI1hOnhhR/Jv8EG/cJ2Ek9lk1vBrTwF
A4imuP/h7gn3KtX0CyPSP+cOpVTvGsa63Zeo0ywUXB+RdF6nay8JPkJWm8cdG4zf
pk87y7JOJFYC6aqS1rIt3odBQg6Ekz3ZaKSYOYQa1soYrud9VmycTFyvLYULcszO
bFzwapCWSScH2iGWkcDEDko5w/e4AoInD9aPnDppU/GzR4QOwAJGUYJdFcgDoGNl
ghAvPXn3pNdFwTFm0yxwjsBjHAerq0RKuE/7aZ8KreKbu8Aa0yhm+pxwrphSoNcJ
sEgX2cCtmvCxJ6hsCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org