Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20323135323438.roa
File: 326131343a333863303a3a2f32392d3239203d3e20323135323438.roa (raw, json)
Hash identifier: aQBGW4UwEpZw1viUGTiicR7R7bF3eHxKluau3FSxHVQ=
Subject key identifier: 1C:6C:20:EC:AF:16:7A:28:C3:F1:F3:E9:3A:6B:31:1F:56:EC:5E:3B
Certificate issuer: /CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Certificate serial: 3D58BDEEAE605AF602368F1181D1E436B66EFC88
Authority key identifier: 5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20323135323438.roa
Signing time: Sat 15 Feb 2025 22:15:10 +0000
ROA not before: Sat 15 Feb 2025 22:10:10 +0000
ROA not after: Sat 14 Feb 2026 22:15:10 +0000
asID: 215248
IP address blocks: 2a14:38c0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:58:bd:ee:ae:60:5a:f6:02:36:8f:11:81:d1:e4:36:b6:6e:fc:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cdc04bb23eaa4cecc791dfe04bb028b7e797b68
Validity
Not Before: Feb 15 22:10:10 2025 GMT
Not After : Feb 14 22:15:10 2026 GMT
Subject: CN=1C6C20ECAF167A28C3F1F3E93A6B311F56EC5E3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8b:e2:ef:3e:30:75:1a:de:85:1c:57:d8:f4:
43:fc:bd:62:8e:31:b6:80:4d:90:08:f3:4e:7f:9f:
d2:31:cb:72:8a:67:ce:76:43:c6:55:e1:ac:41:70:
7c:9b:17:f1:23:96:f1:96:99:a7:9b:82:3d:e8:86:
99:a0:32:40:a2:24:ed:23:fd:01:45:98:3c:33:2d:
ac:1f:64:67:1e:2e:72:61:88:1a:7c:a4:04:c9:20:
ee:71:b1:a4:ad:c7:2d:51:41:24:77:c6:c3:83:bd:
8c:e9:0d:83:86:b4:c2:51:2a:41:d9:65:4d:49:8a:
60:0f:d5:eb:e0:45:5a:26:a3:2e:00:de:59:34:ca:
84:80:27:6b:09:5d:9b:db:14:d6:60:87:82:40:19:
c6:0c:2e:f9:e4:8c:27:21:07:df:2b:e8:bd:55:66:
de:b3:05:26:51:ac:32:8b:dc:49:f0:f2:78:80:18:
a0:b2:a3:eb:98:96:9d:2d:af:72:1f:eb:5f:44:9e:
4a:07:30:8c:63:76:69:85:bd:f9:45:49:88:03:8d:
a1:77:d3:b7:0e:6c:a8:e6:17:28:38:97:3c:a8:cd:
ca:b7:c9:54:7b:e1:22:0e:27:ff:56:2c:3f:51:bf:
23:82:7c:c7:e7:0f:80:75:90:bd:19:c3:9b:10:6f:
58:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6C:20:EC:AF:16:7A:28:C3:F1:F3:E9:3A:6B:31:1F:56:EC:5E:3B
X509v3 Authority Key Identifier:
keyid:5C:DC:04:BB:23:EA:A4:CE:CC:79:1D:FE:04:BB:02:8B:7E:79:7B:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/5CDC04BB23EAA4CECC791DFE04BB028B7E797B68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XNwEuyPqpM7MeR3-BLsCi355e2g.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/cd19db20-4653-48d4-8fc4-580d1369b7c4/0/326131343a333863303a3a2f32392d3239203d3e20323135323438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:38c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:b3:e7:0d:1d:7f:fc:d6:76:cc:63:86:e9:55:bc:01:12:29:
b5:22:98:f6:4e:78:7e:d1:1a:ca:84:9e:d7:2e:bb:8b:0e:c9:
91:62:4e:64:3a:ce:50:15:28:93:42:db:d0:92:69:a3:bd:d7:
03:34:c1:0f:27:fb:95:38:34:43:06:80:82:e1:cc:5a:56:f5:
db:bb:af:7d:db:af:db:53:11:26:63:37:d6:63:6e:94:43:c1:
bf:8e:e1:e5:07:31:93:4b:85:bb:e3:b1:b4:ca:d0:e2:e6:91:
5e:c0:e2:6b:41:9f:0f:2a:23:ca:32:9a:a1:80:ec:7f:a9:2e:
3c:99:28:91:53:cf:3f:a9:a5:9d:f4:0a:e8:83:ee:ac:fc:52:
06:e9:35:56:ea:97:f2:0f:0f:c9:ed:11:46:6e:41:64:59:53:
be:a9:1d:d8:ac:05:02:31:47:eb:0d:3c:b3:31:64:64:44:19:
b8:17:c9:85:9a:61:62:cb:5a:61:4e:30:3f:30:a4:49:a4:29:
ee:60:cc:c4:b9:54:5c:9c:6a:01:ae:0c:ac:2a:ac:c1:be:7e:
00:5d:b3:28:28:a7:f0:82:10:1d:90:d7:7c:36:21:93:b0:04:
ad:be:ff:1a:00:8e:26:46:80:38:3e:8a:29:72:13:c6:eb:cc:
94:ca:26:0c
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUPVi97q5gWvYCNo8RgdHkNrZu/IgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWNkYzA0YmIyM2VhYTRjZWNjNzkxZGZlMDRiYjAyOGI3
ZTc5N2I2ODAeFw0yNTAyMTUyMjEwMTBaFw0yNjAyMTQyMjE1MTBaMDMxMTAvBgNV
BAMTKDFDNkMyMEVDQUYxNjdBMjhDM0YxRjNFOTNBNkIzMTFGNTZFQzVFM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCki+LvPjB1Gt6FHFfY9EP8vWKO
MbaATZAI805/n9Ixy3KKZ852Q8ZV4axBcHybF/EjlvGWmaebgj3ohpmgMkCiJO0j
/QFFmDwzLawfZGceLnJhiBp8pATJIO5xsaStxy1RQSR3xsODvYzpDYOGtMJRKkHZ
ZU1JimAP1evgRVomoy4A3lk0yoSAJ2sJXZvbFNZgh4JAGcYMLvnkjCchB98r6L1V
Zt6zBSZRrDKL3Enw8niAGKCyo+uYlp0tr3If619EnkoHMIxjdmmFvflFSYgDjaF3
07cObKjmFyg4lzyozcq3yVR74SIOJ/9WLD9RvyOCfMfnD4B1kL0Zw5sQb1gfAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUHGwg7K8WeijD8fPpOmsxH1bsXjswHwYDVR0j
BBgwFoAUXNwEuyPqpM7MeR3+BLsCi355e2gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAtNDY1My00OGQ0LThmYzQtNTgwZDEzNjli
N2M0LzAvNUNEQzA0QkIyM0VBQTRDRUNDNzkxREZFMDRCQjAyOEI3RTc5N0I2OC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1hOd0V1eVBxcE03TWVSMy1CTHNDaTM1
NWUyZy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2QxOWRiMjAt
NDY1My00OGQ0LThmYzQtNTgwZDEzNjliN2M0LzAvMzI2MTMxMzQzYTMzMzg2MzMw
M2EzYTJmMzIzOTJkMzIzOTIwM2QzZTIwMzIzMTM1MzIzNDM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUD
KhQ4wDANBgkqhkiG9w0BAQsFAAOCAQEABbPnDR1//NZ2zGOG6VW8ARIptSKY9k54
ftEayoSe1y67iw7JkWJOZDrOUBUok0Lb0JJpo73XAzTBDyf7lTg0QwaAguHMWlb1
27uvfduv21MRJmM31mNulEPBv47h5Qcxk0uFu+OxtMrQ4uaRXsDia0GfDyojyjKa
oYDsf6kuPJkokVPPP6mlnfQK6IPurPxSBuk1VuqX8g8Pye0RRm5BZFlTvqkd2KwF
AjFH6w08szFkZEQZuBfJhZphYstaYU4wPzCkSaQp7mDMxLlUXJxqAa4MrCqswb5+
AF2zKCin8IIQHZDXfDYhk7AErb7/GgCOJkaAOD6KKXITxuvMlMomDA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:15:02 2025 by rpki-client