Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830333a3a2f34382d3438203d3e203437323732.roa
File: 326130373a353463313a333830333a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: ULo14EkbmKIji5rS6ljJKYgOqkE2UBkCVqGPEuwXGxU=
Subject key identifier: D3:47:B6:03:50:9E:D1:B2:59:F3:23:63:E0:3E:E4:82:CF:FA:00:0D
Certificate issuer: /CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848
Certificate serial: 4BCC2909A7F49367AB48BF34F5FD29751EF273B3
Authority key identifier: CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830333a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 24 Sep 2023 09:54:07 +0000
ROA not before: Sun 24 Sep 2023 09:49:07 +0000
ROA not after: Sun 22 Sep 2024 09:54:07 +0000
asID: 47272
IP address blocks: 2a07:54c1:3803::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:cc:29:09:a7:f4:93:67:ab:48:bf:34:f5:fd:29:75:1e:f2:73:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CEE50F8654426B5A60EE8C52A9AE958F8D77B848
Validity
Not Before: Sep 24 09:49:07 2023 GMT
Not After : Sep 22 09:54:07 2024 GMT
Subject: CN=D347B603509ED1B259F32363E03EE482CFFA000D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3c:ed:91:b3:65:7d:27:79:3e:cd:41:87:df:
dc:a1:7d:0d:6d:44:36:26:83:8c:38:db:59:d4:90:
fb:0e:76:dc:7e:58:e6:af:49:17:b6:4f:5b:9d:ab:
39:01:88:02:64:6f:ff:1a:ae:6a:99:be:9e:af:75:
4f:40:33:d5:ef:2c:2d:eb:8a:15:8a:6e:71:06:3d:
d9:ba:0d:6f:94:89:4a:25:d4:05:35:1e:9b:a5:a7:
13:d0:d8:a9:c2:3f:a0:81:ce:69:a1:61:f1:f1:96:
5f:81:a4:68:a3:ed:d5:3d:db:0c:7d:fb:52:d0:6d:
65:59:24:54:50:a6:60:56:77:c3:ae:48:f8:ec:ef:
3a:bc:52:5f:88:7a:3a:4c:21:f5:ea:1f:78:a4:44:
4f:ad:ed:72:a6:23:30:15:03:00:c2:98:6d:8f:aa:
60:e9:44:4a:26:e0:84:8f:33:0a:f9:d8:d1:d8:dc:
f3:8b:bd:8e:8c:be:2b:d9:69:31:38:43:95:a5:e3:
3d:08:3c:7d:87:e3:26:cb:c0:6f:2a:47:e5:9a:0a:
e0:7b:af:8e:e5:cd:3b:eb:42:f0:87:22:59:be:34:
d8:8b:58:b5:4c:6e:3f:3c:90:d5:97:12:61:24:89:
6b:de:e7:ad:59:14:50:ff:f8:f4:65:e6:53:88:e7:
1d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:47:B6:03:50:9E:D1:B2:59:F3:23:63:E0:3E:E4:82:CF:FA:00:0D
X509v3 Authority Key Identifier:
keyid:CE:E5:0F:86:54:42:6B:5A:60:EE:8C:52:A9:AE:95:8F:8D:77:B8:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/CEE50F8654426B5A60EE8C52A9AE958F8D77B848.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/1/326130373a353463313a333830333a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:3803::/48
Signature Algorithm: sha256WithRSAEncryption
67:3e:8b:53:a9:82:cb:8a:c7:bb:2d:4c:a0:c4:36:50:81:f9:
21:2b:91:34:55:38:39:09:2c:c4:18:10:77:90:9a:08:69:3b:
99:6e:00:cb:d5:a5:b1:f0:a4:f8:59:34:1a:68:ac:18:aa:6d:
cf:89:b1:b8:ae:64:7f:6f:83:87:ab:58:cd:e1:c1:06:69:df:
3c:6c:78:8e:8a:28:8e:4d:de:9b:03:91:8f:97:4a:ed:e0:11:
6e:fc:81:ba:ae:51:e8:e2:a6:db:8a:17:97:0e:4f:82:c6:70:
62:da:8c:6c:d0:07:0d:49:d3:63:df:a0:74:9d:29:d0:6a:80:
06:b6:a0:48:bb:61:18:9d:61:bd:e8:cc:8f:7f:e2:84:6c:0d:
ca:9f:ac:77:2e:6d:8d:8d:ac:fa:b6:41:f6:e6:f5:66:ca:a2:
3c:52:d1:e0:fd:80:85:0c:ff:a6:cd:7b:13:82:fd:5b:42:42:
ab:54:00:ba:4f:2f:b7:77:e0:8a:56:0b:e1:54:4e:e7:75:e1:
51:fd:b9:5b:e8:de:b3:12:11:90:34:c1:5e:80:3a:5d:e3:2e:
dc:61:28:e6:16:18:93:ab:16:38:74:bd:62:4c:32:c8:ce:aa:
49:3d:f2:07:a6:8c:9b:92:4a:89:7f:04:15:4f:fd:80:06:a3:
2d:30:06:e9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUS8wpCaf0k2erSL809f0pdR7yc7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0VFNTBGODY1NDQyNkI1QTYwRUU4QzUyQTlBRTk1OEY4
RDc3Qjg0ODAeFw0yMzA5MjQwOTQ5MDdaFw0yNDA5MjIwOTU0MDdaMDMxMTAvBgNV
BAMTKEQzNDdCNjAzNTA5RUQxQjI1OUYzMjM2M0UwM0VFNDgyQ0ZGQTAwMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdPO2Rs2V9J3k+zUGH39yhfQ1t
RDYmg4w421nUkPsOdtx+WOavSRe2T1udqzkBiAJkb/8armqZvp6vdU9AM9XvLC3r
ihWKbnEGPdm6DW+UiUol1AU1HpulpxPQ2KnCP6CBzmmhYfHxll+BpGij7dU92wx9
+1LQbWVZJFRQpmBWd8OuSPjs7zq8Ul+IejpMIfXqH3ikRE+t7XKmIzAVAwDCmG2P
qmDpREom4ISPMwr52NHY3POLvY6MvivZaTE4Q5Wl4z0IPH2H4ybLwG8qR+WaCuB7
r47lzTvrQvCHIlm+NNiLWLVMbj88kNWXEmEkiWve561ZFFD/+PRl5lOI5x37AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU00e2A1Ce0bJZ8yNj4D7kgs/6AA0wHwYDVR0j
BBgwFoAUzuUPhlRCa1pg7oxSqa6Vj413uEgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmM5MGY0ZjYtZjJjNC00ODgyLTkxY2YtOWI4ZjBiMzhk
N2RhLzEvQ0VFNTBGODY1NDQyNkI1QTYwRUU4QzUyQTlBRTk1OEY4RDc3Qjg0OC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9DRUU1MEY4NjU0NDI2QjVBNjBFRThDNTJB
OUFFOTU4RjhENzdCODQ4LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iYzkwZjRmNi1mMmM0LTQ4ODItOTFjZi05YjhmMGIzOGQ3ZGEvMS8zMjYxMzAz
NzNhMzUzNDYzMzEzYTMzMzgzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoHVME4AzANBgkqhkiG9w0BAQsFAAOCAQEAZz6L
U6mCy4rHuy1MoMQ2UIH5ISuRNFU4OQksxBgQd5CaCGk7mW4Ay9WlsfCk+Fk0Gmis
GKptz4mxuK5kf2+Dh6tYzeHBBmnfPGx4jooojk3emwORj5dK7eARbvyBuq5R6OKm
24oXlw5PgsZwYtqMbNAHDUnTY9+gdJ0p0GqABragSLthGJ1hvejMj3/ihGwNyp+s
dy5tjY2s+rZB9ub1ZsqiPFLR4P2AhQz/ps17E4L9W0JCq1QAuk8vt3fgilYL4VRO
53XhUf25W+jesxIRkDTBXoA6XeMu3GEo5hYYk6sWOHS9YkwyyM6qST3yB6aMm5JK
iX8EFU/9gAajLTAG6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:17 2024 by rpki-client on console-fra.rpki-client.org