Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa
File: 326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa (raw, json)
Hash identifier: CFN97R35TUA0q9T8HLJHqRflaLyXUQ+FQ2g6IwbOaNQ=
Subject key identifier: 0C:01:88:97:32:DE:22:ED:B1:3B:FF:C9:EF:5F:A4:BF:2A:BC:E9:77
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 1BDDF9FF2606B342A7E90D1641B4BBCA27B0E552
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa
Signing time: Mon 25 Mar 2024 04:55:51 +0000
ROA not before: Mon 25 Mar 2024 04:50:51 +0000
ROA not after: Mon 24 Mar 2025 04:55:51 +0000
asID: 203511
IP address blocks: 2a0f:85c1:701::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:dd:f9:ff:26:06:b3:42:a7:e9:0d:16:41:b4:bb:ca:27:b0:e5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Mar 25 04:50:51 2024 GMT
Not After : Mar 24 04:55:51 2025 GMT
Subject: CN=0C01889732DE22EDB13BFFC9EF5FA4BF2ABCE977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:28:60:bb:f0:8e:c1:60:b4:bf:4a:7b:3b:b7:
fc:74:fc:63:7d:69:f4:ee:29:cc:3b:97:20:1f:97:
6e:7b:34:18:f6:38:68:4d:6c:d6:d6:e8:05:96:79:
90:ed:74:92:a7:8d:36:3b:0c:18:b5:0d:5b:17:26:
f6:1a:4a:01:86:c3:cf:b5:97:07:e4:20:45:0a:1b:
db:61:0f:2a:22:2d:37:95:d2:63:0b:b7:89:bc:b1:
e0:3f:54:6d:ac:18:34:b2:bd:d8:bf:74:7c:b5:c6:
17:cb:a7:a6:a8:f5:56:0e:fc:7a:79:5c:ab:a4:85:
22:40:0b:d0:e3:01:6d:a8:0d:13:e8:a8:ac:95:22:
fc:a4:de:13:94:0e:a1:2e:4b:92:99:a4:91:24:41:
3e:f7:a5:58:21:4d:b6:8a:55:48:aa:40:6b:e2:52:
a0:84:c5:cc:dc:ab:66:96:ad:83:ce:96:0c:30:26:
2b:ec:f6:c1:36:f2:cd:25:be:77:28:0b:42:73:51:
78:73:be:ab:39:39:07:82:24:6d:c1:39:d4:58:18:
e5:a5:6e:ae:fd:78:72:03:25:40:b9:2a:28:3c:18:
20:26:6a:b4:47:a5:51:77:fb:12:4f:0f:c3:25:49:
60:8e:8a:01:01:c9:5b:b5:8d:94:5a:26:26:a3:73:
00:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:01:88:97:32:DE:22:ED:B1:3B:FF:C9:EF:5F:A4:BF:2A:BC:E9:77
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3730313a3a2f34382d3438203d3e20323033353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:701::/48
Signature Algorithm: sha256WithRSAEncryption
51:13:ad:8f:b0:17:bc:fe:e4:f6:d9:fa:dc:4f:47:44:ad:2d:
9f:00:8f:e5:fb:48:22:f4:2c:4d:36:d9:a7:97:7f:5c:f8:a0:
18:e7:0c:70:ff:cf:81:89:24:99:89:8b:0f:d5:e7:43:04:0e:
a1:13:26:37:63:cb:1f:ee:e3:c5:59:c9:b3:a4:af:e5:ff:bb:
fb:80:d7:c9:f6:97:3f:5b:8d:6d:c7:67:2d:8c:6f:09:2f:17:
62:49:23:02:6b:74:dc:62:d0:e2:a6:b6:56:ba:57:e7:31:7d:
39:17:7b:ef:cd:b1:f2:5d:81:71:ae:d4:c1:66:5c:fc:b5:58:
40:ec:bf:41:5d:64:29:f9:a0:78:93:c7:93:0d:fd:c0:ee:82:
73:66:72:01:28:9e:2d:be:a1:2b:5e:b8:ca:0f:f8:b8:52:26:
d9:d5:e7:86:a6:f7:e1:c3:be:73:c7:56:66:4a:d0:59:14:21:
58:ab:c3:ef:37:1f:df:65:9c:06:26:fa:dc:7f:1b:61:59:f4:
99:ac:40:cd:5f:74:6e:9d:64:15:46:a1:b7:80:98:a2:0a:42:
40:17:60:63:16:54:fd:80:f4:65:ab:bf:52:ba:5c:fb:2a:13:
ac:bd:b4:5c:d7:35:62:4a:56:60:a9:8b:ef:80:f0:25:9e:f9:
85:60:18:00
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUG935/yYGs0Kn6Q0WQbS7yiew5VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNDAzMjUwNDUwNTFaFw0yNTAzMjQwNDU1NTFaMDMxMTAvBgNV
BAMTKDBDMDE4ODk3MzJERTIyRURCMTNCRkZDOUVGNUZBNEJGMkFCQ0U5NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaKGC78I7BYLS/Sns7t/x0/GN9
afTuKcw7lyAfl257NBj2OGhNbNbW6AWWeZDtdJKnjTY7DBi1DVsXJvYaSgGGw8+1
lwfkIEUKG9thDyoiLTeV0mMLt4m8seA/VG2sGDSyvdi/dHy1xhfLp6ao9VYO/Hp5
XKukhSJAC9DjAW2oDRPoqKyVIvyk3hOUDqEuS5KZpJEkQT73pVghTbaKVUiqQGvi
UqCExczcq2aWrYPOlgwwJivs9sE28s0lvncoC0JzUXhzvqs5OQeCJG3BOdRYGOWl
bq79eHIDJUC5Kig8GCAmarRHpVF3+xJPD8MlSWCOigEByVu1jZRaJiajcwCfAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUDAGIlzLeIu2xO//J71+kvyq86XcwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3MzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz
MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEHATANBgkqhkiG9w0BAQsFAAOCAQEAUROt
j7AXvP7k9tn63E9HRK0tnwCP5ftIIvQsTTbZp5d/XPigGOcMcP/PgYkkmYmLD9Xn
QwQOoRMmN2PLH+7jxVnJs6Sv5f+7+4DXyfaXP1uNbcdnLYxvCS8XYkkjAmt03GLQ
4qa2VrpX5zF9ORd7782x8l2Bca7UwWZc/LVYQOy/QV1kKfmgeJPHkw39wO6Cc2Zy
ASieLb6hK164yg/4uFIm2dXnhqb34cO+c8dWZkrQWRQhWKvD7zcf32WcBib63H8b
YVn0maxAzV90bp1kFUaht4CYogpCQBdgYxZU/YD0Zau/Urpc+yoTrL20XNc1YkpW
YKmL74DwJZ75hWAYAA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 12:18:37 2024 by rpki-client on console-ams.rpki-client.org