![](/console.gif)
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c8a98346-6073-4789-bd98-b376750a1301/1/326130613a363034343a373830323a3a2f34382d3438203d3e20313939363832.roa
File: 326130613a363034343a373830323a3a2f34382d3438203d3e20313939363832.roa (raw, json)
Hash identifier: M3P/KjtsGwM0Jkg9v5C2j9bZxyRiexS0kTYfSjtrTek=
Subject key identifier: 79:B1:7E:5B:3D:76:D8:FC:7A:3A:4D:F6:88:0E:A1:D8:9F:F1:BE:D0
Certificate issuer: /CN=20F72F3CC9DF8FB0CAAB1063442537DE31C203A3
Certificate serial: 72D8051A2421A60F5984DD4E86E40AD2CB127AA2
Authority key identifier: 20:F7:2F:3C:C9:DF:8F:B0:CA:AB:10:63:44:25:37:DE:31:C2:03:A3
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/20F72F3CC9DF8FB0CAAB1063442537DE31C203A3.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c8a98346-6073-4789-bd98-b376750a1301/1/326130613a363034343a373830323a3a2f34382d3438203d3e20313939363832.roa
Signing time: Thu 01 Feb 2024 18:55:00 +0000
ROA not before: Thu 01 Feb 2024 18:50:00 +0000
ROA not after: Thu 30 Jan 2025 18:55:00 +0000
asID: 199682
IP address blocks: 2a0a:6044:7802::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:d8:05:1a:24:21:a6:0f:59:84:dd:4e:86:e4:0a:d2:cb:12:7a:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20F72F3CC9DF8FB0CAAB1063442537DE31C203A3
Validity
Not Before: Feb 1 18:50:00 2024 GMT
Not After : Jan 30 18:55:00 2025 GMT
Subject: CN=79B17E5B3D76D8FC7A3A4DF6880EA1D89FF1BED0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:fb:e2:7a:ec:15:89:d3:57:d9:2f:80:f8:
24:ed:fd:78:f5:b5:60:5b:41:1f:55:83:5b:5c:32:
c9:24:42:32:24:19:e0:42:be:ae:cd:d3:36:0c:ba:
c6:6b:14:c5:bf:6f:12:ee:93:66:e9:9e:fc:e3:b9:
bd:e5:5e:21:8c:e5:bc:b0:09:20:d4:0c:65:ca:86:
ec:fc:c2:05:02:34:a3:4b:67:ea:1a:33:af:8a:d7:
d6:1f:b7:20:1c:5d:df:03:fd:39:1d:67:41:0d:a2:
57:0c:38:5f:59:30:47:bd:4b:bd:df:08:6d:c4:80:
d2:fe:6d:50:39:93:37:be:29:2c:97:2b:c3:51:d7:
9b:28:3b:7f:b7:7d:28:61:e1:dd:4b:36:29:17:f8:
ea:cf:02:4d:bf:e7:1f:f5:95:6f:27:e4:09:15:88:
8d:72:b9:48:06:80:4c:ff:ef:b7:7e:8d:bb:8a:b0:
44:2c:84:97:a9:63:08:52:c2:f9:fc:b7:d7:c1:3f:
97:33:70:bb:32:31:9c:da:fd:42:f8:bc:1b:5a:fb:
fb:bd:60:fa:a7:b8:9f:2e:f0:17:ac:d5:71:bf:d4:
90:cd:c2:3c:3e:6f:86:bd:5b:cf:09:22:89:80:92:
05:31:6a:34:bb:ac:ee:f9:32:70:ec:1a:11:01:a6:
8d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B1:7E:5B:3D:76:D8:FC:7A:3A:4D:F6:88:0E:A1:D8:9F:F1:BE:D0
X509v3 Authority Key Identifier:
keyid:20:F7:2F:3C:C9:DF:8F:B0:CA:AB:10:63:44:25:37:DE:31:C2:03:A3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c8a98346-6073-4789-bd98-b376750a1301/1/20F72F3CC9DF8FB0CAAB1063442537DE31C203A3.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/20F72F3CC9DF8FB0CAAB1063442537DE31C203A3.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c8a98346-6073-4789-bd98-b376750a1301/1/326130613a363034343a373830323a3a2f34382d3438203d3e20313939363832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:7802::/48
Signature Algorithm: sha256WithRSAEncryption
33:f7:1e:67:0b:6b:88:3a:65:99:e3:66:dd:fa:85:fd:be:d1:
3d:0c:d9:58:59:3a:98:0a:99:19:2e:97:dd:07:26:90:b2:52:
7f:b6:45:21:56:76:3a:cf:55:70:23:db:1b:a0:7a:98:08:0c:
15:76:21:21:4f:32:8c:28:4f:a0:0e:92:4f:a2:ab:af:53:de:
49:43:53:51:73:d3:1d:45:26:a5:e3:4b:2b:2c:87:b9:6d:f4:
5d:e2:af:47:ee:8f:5c:bc:26:39:d6:4b:19:df:b3:13:c1:c7:
94:84:04:01:fc:0c:cd:b6:75:4a:a9:be:00:4c:28:51:df:97:
4c:e0:2f:f0:dd:d9:92:bf:49:a5:49:cd:98:c2:0e:cf:39:ac:
b2:92:7a:c3:8f:19:7e:06:74:64:a6:6a:d6:37:d9:d1:12:39:
24:74:e2:c6:ac:b2:f8:64:9a:1f:2a:6c:38:f6:6a:38:fd:c4:
77:23:2b:e1:6e:98:49:17:3e:ca:c3:3d:7b:e7:d6:6f:18:bd:
c1:09:5f:a3:fa:ae:89:0d:a5:b5:0c:92:52:01:21:fc:af:e2:
95:94:ea:2e:27:57:7f:e8:ec:23:fd:9c:ba:db:79:9c:94:77:
74:3d:be:94:d5:26:ef:e8:b1:64:bd:f8:7e:dc:a0:bb:24:84:
39:2e:d6:f9
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUctgFGiQhpg9ZhN1OhuQK0ssSeqIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjBGNzJGM0NDOURGOEZCMENBQUIxMDYzNDQyNTM3REUz
MUMyMDNBMzAeFw0yNDAyMDExODUwMDBaFw0yNTAxMzAxODU1MDBaMDMxMTAvBgNV
BAMTKDc5QjE3RTVCM0Q3NkQ4RkM3QTNBNERGNjg4MEVBMUQ4OUZGMUJFRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4CfvieuwVidNX2S+A+CTt/Xj1
tWBbQR9Vg1tcMskkQjIkGeBCvq7N0zYMusZrFMW/bxLuk2bpnvzjub3lXiGM5byw
CSDUDGXKhuz8wgUCNKNLZ+oaM6+K19YftyAcXd8D/TkdZ0ENolcMOF9ZMEe9S73f
CG3EgNL+bVA5kze+KSyXK8NR15soO3+3fShh4d1LNikX+OrPAk2/5x/1lW8n5AkV
iI1yuUgGgEz/77d+jbuKsEQshJepYwhSwvn8t9fBP5czcLsyMZza/UL4vBta+/u9
YPqnuJ8u8Bes1XG/1JDNwjw+b4a9W88JIomAkgUxajS7rO75MnDsGhEBpo1JAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUebF+Wz122Px6Ok32iA6h2J/xvtAwHwYDVR0j
BBgwFoAUIPcvPMnfj7DKqxBjRCU33jHCA6MwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzhhOTgzNDYtNjA3My00Nzg5LWJkOTgtYjM3Njc1MGEx
MzAxLzEvMjBGNzJGM0NDOURGOEZCMENBQUIxMDYzNDQyNTM3REUzMUMyMDNBMy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC8yMEY3MkYzQ0M5REY4RkIwQ0FBQjEwNjM0
NDI1MzdERTMxQzIwM0EzLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9jOGE5ODM0Ni02MDczLTQ3ODktYmQ5OC1iMzc2NzUwYTEzMDEvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM3MzgzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEz
OTM5MzYzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRHgCMA0GCSqGSIb3DQEBCwUAA4IBAQAz
9x5nC2uIOmWZ42bd+oX9vtE9DNlYWTqYCpkZLpfdByaQslJ/tkUhVnY6z1VwI9sb
oHqYCAwVdiEhTzKMKE+gDpJPoquvU95JQ1NRc9MdRSal40srLIe5bfRd4q9H7o9c
vCY51ksZ37MTwceUhAQB/AzNtnVKqb4ATChR35dM4C/w3dmSv0mlSc2Ywg7POayy
knrDjxl+BnRkpmrWN9nREjkkdOLGrLL4ZJofKmw49mo4/cR3IyvhbphJFz7Kwz17
59ZvGL3BCV+j+q6JDaW1DJJSASH8r+KVlOouJ1d/6Owj/Zy623mclHd0Pb6U1Sbv
6LFkvfh+3KC7JIQ5Ltb5
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:48:39 2025 by rpki-client