Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
File: 326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa (raw, json)
Hash identifier: Ev3rOkqZsW7zdikCCUw3UiV18aO5+Lr8u68oqxdnuog=
Subject key identifier: 42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 21402E5265A2C853965BB936EF2C640AB0F7AF9B
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
Signing time: Mon 25 Mar 2024 11:47:41 +0000
ROA not before: Mon 25 Mar 2024 11:42:41 +0000
ROA not after: Mon 24 Mar 2025 11:47:41 +0000
asID: 203511
IP address blocks: 2a0f:85c1:7f0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:40:2e:52:65:a2:c8:53:96:5b:b9:36:ef:2c:64:0a:b0:f7:af:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Mar 25 11:42:41 2024 GMT
Not After : Mar 24 11:47:41 2025 GMT
Subject: CN=4278EEA8BEAFA0A8A165F03C59A54A1B5FB5B1E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:96:d5:23:b7:63:e1:03:c0:78:1d:1b:78:81:
60:d8:0a:2d:43:3c:7c:a3:2b:3a:ac:c3:f3:3a:65:
5e:ed:bf:34:b5:1c:2b:08:65:9f:6a:0a:00:ef:c2:
ba:b9:f5:0d:2e:70:98:c3:ed:31:71:f3:78:f3:36:
65:e5:2a:ab:3a:78:23:77:f7:da:2a:46:ec:a0:41:
7d:cb:34:f3:ae:8c:2b:c5:2b:ae:2f:0c:ca:e7:84:
16:17:01:06:80:e2:e0:12:fb:78:aa:18:8f:22:54:
0d:78:69:5c:96:c0:d6:29:1e:8e:6c:6a:5f:59:f5:
52:7a:a6:ea:29:59:94:c0:e2:07:15:85:a4:a6:6c:
17:9e:60:e9:bb:77:25:be:ce:99:6c:bc:88:f5:4c:
ce:8c:c8:2e:0f:5b:29:2d:11:d2:df:f6:49:71:50:
1e:0f:2a:04:ea:e7:b5:45:2b:03:03:e2:f8:57:03:
b5:56:0c:0c:77:1d:87:98:d4:37:0d:57:28:69:4d:
2f:41:b1:c9:1a:56:ad:62:27:34:f9:2d:1e:9e:3c:
53:ae:44:0d:4b:fb:db:af:79:79:58:4c:9d:7f:3e:
ac:fa:d9:55:82:4a:aa:a6:55:7e:c1:40:0d:03:80:
44:b0:43:32:80:1f:76:ab:12:6f:14:a9:67:bb:db:
2f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:78:EE:A8:BE:AF:A0:A8:A1:65:F0:3C:59:A5:4A:1B:5F:B5:B1:E7
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:7f0::/48
Signature Algorithm: sha256WithRSAEncryption
12:83:5f:c8:8a:e4:28:5e:53:91:49:92:e0:2b:8f:b1:9a:78:
61:d4:5a:5a:5d:e8:92:0c:0d:3f:bf:7b:2a:9e:b9:b9:27:d3:
64:cf:ba:35:ec:6c:af:ef:89:77:aa:6d:04:7f:98:f8:ad:ab:
cd:d5:c3:6b:57:54:8e:6b:cb:2a:b6:72:98:99:3c:5d:22:55:
07:ab:76:e2:69:0f:de:3e:40:8a:b6:60:75:38:00:0c:5d:d0:
32:e6:9f:9c:a6:35:a6:88:8f:0e:b2:34:37:37:ed:53:0e:d1:
f7:5e:71:51:3b:96:41:3e:96:cb:1b:35:28:bc:5a:2b:2e:1f:
df:9e:c0:82:29:0e:44:15:6c:68:07:a4:50:de:f9:8e:d1:2a:
eb:74:54:81:71:32:f0:ad:36:5e:d0:00:df:f5:da:3c:f9:d3:
8d:55:19:e8:fb:ac:e4:79:6a:ac:29:a5:a5:b8:01:cb:cc:c4:
db:6e:87:02:3e:0b:6a:44:b3:ec:8e:a0:1e:6e:1a:21:57:fc:
84:28:1c:a7:ac:f1:3e:c3:7e:46:a1:21:18:02:51:64:96:99:
38:94:2f:8b:cd:64:69:03:43:60:45:ef:40:59:91:5b:78:ee:
cf:83:0f:e9:09:e8:39:65:af:48:5b:27:44:0d:d3:59:5b:a7:
a5:ba:e5:69
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUIUAuUmWiyFOWW7k27yxkCrD3r5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNDAzMjUxMTQyNDFaFw0yNTAzMjQxMTQ3NDFaMDMxMTAvBgNV
BAMTKDQyNzhFRUE4QkVBRkEwQThBMTY1RjAzQzU5QTU0QTFCNUZCNUIxRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGltUjt2PhA8B4HRt4gWDYCi1D
PHyjKzqsw/M6ZV7tvzS1HCsIZZ9qCgDvwrq59Q0ucJjD7TFx83jzNmXlKqs6eCN3
99oqRuygQX3LNPOujCvFK64vDMrnhBYXAQaA4uAS+3iqGI8iVA14aVyWwNYpHo5s
al9Z9VJ6puopWZTA4gcVhaSmbBeeYOm7dyW+zplsvIj1TM6MyC4PWyktEdLf9klx
UB4PKgTq57VFKwMD4vhXA7VWDAx3HYeY1DcNVyhpTS9BsckaVq1iJzT5LR6ePFOu
RA1L+9uveXlYTJ1/Pqz62VWCSqqmVX7BQA0DgESwQzKAH3arEm8UqWe72y/xAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUQnjuqL6voKihZfA8WaVKG1+1secwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mYzIwYWRkMy1hODhlLTRi
YjItYTg0ZC01NWRhMjEyOGYxOTYvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz
MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8DANBgkqhkiG9w0BAQsFAAOCAQEAEoNf
yIrkKF5TkUmS4CuPsZp4YdRaWl3okgwNP797Kp65uSfTZM+6Nexsr++Jd6ptBH+Y
+K2rzdXDa1dUjmvLKrZymJk8XSJVB6t24mkP3j5AirZgdTgADF3QMuafnKY1poiP
DrI0NzftUw7R915xUTuWQT6Wyxs1KLxaKy4f357AgikORBVsaAekUN75jtEq63RU
gXEy8K02XtAA3/XaPPnTjVUZ6Pus5HlqrCmlpbgBy8zE226HAj4LakSz7I6gHm4a
IVf8hCgcp6zxPsN+RqEhGAJRZJaZOJQvi81kaQNDYEXvQFmRW3juz4MP6QnoOWWv
SFsnRA3TWVunpbrlaQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:54 2024 by rpki-client on console-fra.rpki-client.org