Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/2/326131313a323963303a393130303a3a2f34302d3438203d3e203437323732.roa
File: 326131313a323963303a393130303a3a2f34302d3438203d3e203437323732.roa (raw, json)
Hash identifier: h1h6Hb42Od2DBPr1qcbmGhl9F111BFOhdlbbHiMJlZw=
Subject key identifier: 6A:29:83:82:49:61:3C:FF:FC:3D:F7:C7:21:E9:EA:B5:7F:D1:24:26
Certificate issuer: /CN=04803608395707A6C4A762643198A52C49DF6017
Certificate serial: 64A2908642E51A564DB18B945AE36E4C2FF8FC1F
Authority key identifier: 04:80:36:08:39:57:07:A6:C4:A7:62:64:31:98:A5:2C:49:DF:60:17
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/04803608395707A6C4A762643198A52C49DF6017.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/2/326131313a323963303a393130303a3a2f34302d3438203d3e203437323732.roa
Signing time: Wed 04 Oct 2023 22:20:00 +0000
ROA not before: Wed 04 Oct 2023 22:15:00 +0000
ROA not after: Wed 02 Oct 2024 22:20:00 +0000
asID: 47272
IP address blocks: 2a11:29c0:9100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:a2:90:86:42:e5:1a:56:4d:b1:8b:94:5a:e3:6e:4c:2f:f8:fc:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04803608395707A6C4A762643198A52C49DF6017
Validity
Not Before: Oct 4 22:15:00 2023 GMT
Not After : Oct 2 22:20:00 2024 GMT
Subject: CN=6A29838249613CFFFC3DF7C721E9EAB57FD12426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:54:73:89:a5:69:f9:3a:47:f7:bf:6e:a4:7e:
5c:46:41:0d:3f:98:23:a5:88:1d:7e:76:7a:c2:a0:
8b:03:36:95:14:47:10:cb:24:af:ac:bc:54:46:4b:
66:da:81:84:c0:32:2a:3c:5d:53:2f:c2:1a:95:54:
7d:05:78:20:74:55:2e:82:35:e8:a9:b4:a6:6c:6f:
b7:6c:b5:a6:92:38:bc:fc:21:36:b6:d2:cd:4c:af:
e8:57:53:1d:d4:90:07:76:1f:f0:9a:fb:cc:ba:e3:
dd:09:87:3d:7f:65:fa:16:a2:ef:cc:7b:e7:b9:eb:
21:69:11:fa:ac:04:de:10:59:6c:d7:b5:03:17:51:
76:96:69:74:8b:c1:6a:f3:ef:a9:a4:a4:a9:f6:01:
8c:4e:18:2b:25:a1:2c:39:09:20:27:7a:b5:06:28:
1c:61:bc:45:c1:b1:b1:25:09:68:de:f2:71:62:67:
f8:90:1b:ef:a9:44:1d:5a:74:35:6c:70:e7:23:87:
50:ca:bb:9c:0a:79:40:e3:54:3b:db:61:24:18:91:
4c:9f:10:e1:24:f4:ac:73:e2:4d:d6:53:f7:a1:a8:
09:72:e0:01:ad:da:b4:40:df:1f:4a:e0:08:1f:43:
72:09:94:19:22:65:75:5a:39:3c:81:24:f5:13:c2:
2d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:29:83:82:49:61:3C:FF:FC:3D:F7:C7:21:E9:EA:B5:7F:D1:24:26
X509v3 Authority Key Identifier:
keyid:04:80:36:08:39:57:07:A6:C4:A7:62:64:31:98:A5:2C:49:DF:60:17
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/2/04803608395707A6C4A762643198A52C49DF6017.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/04803608395707A6C4A762643198A52C49DF6017.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/bc90f4f6-f2c4-4882-91cf-9b8f0b38d7da/2/326131313a323963303a393130303a3a2f34302d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:9100::/40
Signature Algorithm: sha256WithRSAEncryption
85:f3:96:56:da:2d:8d:c1:bb:cb:d5:22:0e:7a:16:d8:eb:4f:
3d:6a:4c:50:fc:25:9a:71:7c:4d:82:7e:bd:b5:6a:3b:79:0d:
08:62:a5:c4:27:cf:72:df:ba:88:70:e2:35:fd:74:56:7c:40:
e8:f9:a6:f8:40:aa:a9:35:26:df:d2:1c:c5:65:91:55:82:8d:
aa:d1:6a:ac:e3:4d:51:cc:84:84:1e:70:e9:fe:28:8d:99:7d:
a7:2b:82:d3:98:1c:3f:e6:e7:c1:b9:10:1e:8c:12:5a:9e:13:
7b:49:5e:bc:d3:e6:a5:95:38:4f:0d:00:22:3c:5a:43:96:4d:
41:ac:6d:c3:6c:60:1b:3f:bd:5b:97:fa:62:96:97:bf:77:cd:
14:ea:4c:7e:2c:6d:da:fb:9e:07:67:44:f3:d8:25:62:f4:7b:
4f:7f:b8:01:e6:1a:7c:a9:4d:6b:ea:70:d7:89:7b:5c:e3:6d:
a4:f9:e0:7d:d3:ab:17:6e:f2:80:58:d9:72:34:28:c3:50:c1:
a9:03:f7:5a:9f:3a:0a:32:b8:7e:aa:a0:3a:bf:cd:d7:80:39:
fe:f9:37:25:34:7b:16:cc:cc:1a:ef:79:f4:70:9f:df:07:76:
76:db:23:8b:32:83:d8:df:fb:c9:68:9f:f6:5e:4c:bf:2a:28:
23:87:75:eb
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUZKKQhkLlGlZNsYuUWuNuTC/4/B8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDQ4MDM2MDgzOTU3MDdBNkM0QTc2MjY0MzE5OEE1MkM0
OURGNjAxNzAeFw0yMzEwMDQyMjE1MDBaFw0yNDEwMDIyMjIwMDBaMDMxMTAvBgNV
BAMTKDZBMjk4MzgyNDk2MTNDRkZGQzNERjdDNzIxRTlFQUI1N0ZEMTI0MjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuVHOJpWn5Okf3v26kflxGQQ0/
mCOliB1+dnrCoIsDNpUURxDLJK+svFRGS2bagYTAMio8XVMvwhqVVH0FeCB0VS6C
NeiptKZsb7dstaaSOLz8ITa20s1Mr+hXUx3UkAd2H/Ca+8y6490Jhz1/ZfoWou/M
e+e56yFpEfqsBN4QWWzXtQMXUXaWaXSLwWrz76mkpKn2AYxOGCsloSw5CSAnerUG
KBxhvEXBsbElCWje8nFiZ/iQG++pRB1adDVscOcjh1DKu5wKeUDjVDvbYSQYkUyf
EOEk9Kxz4k3WU/ehqAly4AGt2rRA3x9K4AgfQ3IJlBkiZXVaOTyBJPUTwi3vAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQUaimDgklhPP/8PffHIenqtX/RJCYwHwYDVR0j
BBgwFoAUBIA2CDlXB6bEp2JkMZilLEnfYBcwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYmM5MGY0ZjYtZjJjNC00ODgyLTkxY2YtOWI4ZjBiMzhk
N2RhLzIvMDQ4MDM2MDgzOTU3MDdBNkM0QTc2MjY0MzE5OEE1MkM0OURGNjAxNy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC8wNDgwMzYwODM5NTcwN0E2QzRBNzYyNjQz
MTk4QTUyQzQ5REY2MDE3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9iYzkwZjRmNi1mMmM0LTQ4ODItOTFjZi05YjhmMGIzOGQ3ZGEvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzEzMDMwM2EzYTJmMzQzMDJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoRKcCRMA0GCSqGSIb3DQEBCwUAA4IBAQCF85ZW
2i2NwbvL1SIOehbY6089akxQ/CWacXxNgn69tWo7eQ0IYqXEJ89y37qIcOI1/XRW
fEDo+ab4QKqpNSbf0hzFZZFVgo2q0Wqs401RzISEHnDp/iiNmX2nK4LTmBw/5ufB
uRAejBJanhN7SV680+allThPDQAiPFpDlk1BrG3DbGAbP71bl/pilpe/d80U6kx+
LG3a+54HZ0Tz2CVi9HtPf7gB5hp8qU1r6nDXiXtc422k+eB906sXbvKAWNlyNCjD
UMGpA/danzoKMrh+qqA6v83XgDn++TclNHsWzMwa73n0cJ/fB3Z22yOLMoPY3/vJ
aJ/2Xky/Kigjh3Xr
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:47:05 2025 by rpki-client