Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
File: 326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa (raw, json)
Hash identifier: F6VJOi3vW8ih7gU8rCzD7A7gIu39IHtVGsLlId1ILkM=
Subject key identifier: EA:BF:E5:E7:6B:62:17:A5:79:0E:F0:D2:A3:68:C5:5F:05:D4:A6:0E
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 4A7636E1289C6AC9CAFBFB6C72B0C2FCF46C0FD0
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
Signing time: Mon 24 Feb 2025 11:56:44 +0000
ROA not before: Mon 24 Feb 2025 11:51:44 +0000
ROA not after: Mon 23 Feb 2026 11:56:44 +0000
asID: 203511
IP address blocks: 2a0f:85c1:7f0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:76:36:e1:28:9c:6a:c9:ca:fb:fb:6c:72:b0:c2:fc:f4:6c:0f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Feb 24 11:51:44 2025 GMT
Not After : Feb 23 11:56:44 2026 GMT
Subject: CN=EABFE5E76B6217A5790EF0D2A368C55F05D4A60E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a5:01:f7:c0:3f:93:5c:7e:c7:e3:58:f9:fe:
e2:a7:da:76:1c:c8:65:9c:f4:bb:92:aa:95:c0:54:
6c:9f:2a:1b:78:fd:15:26:f3:3e:75:10:3d:01:e4:
cf:15:99:d4:7c:f3:88:10:1f:1f:67:c0:76:75:37:
9c:bb:18:f1:89:7c:00:9e:d8:5f:b3:cd:3b:da:57:
87:54:c6:4d:d7:69:d2:eb:26:37:69:1e:cc:ed:4b:
cb:8c:76:a3:42:0b:4e:bd:f3:60:ce:d0:f0:ea:b0:
9f:2e:41:c4:f7:cb:88:9d:7a:16:92:bd:87:bd:e8:
39:6a:81:36:d9:0a:d4:ea:c5:cd:bc:7f:63:1f:6b:
e7:dc:b6:61:a9:37:15:52:c0:4c:f2:56:25:13:e1:
e3:93:e2:49:23:9b:2d:f1:0f:f4:ad:f7:d1:1e:7e:
01:2c:8c:b1:d1:95:48:c9:19:fd:5b:8d:82:07:20:
45:af:57:9c:3d:0a:ac:ed:f1:09:dc:62:a8:34:21:
b1:f7:12:f6:85:e7:5e:d6:d0:25:f3:bb:fa:25:88:
e6:de:7e:90:a5:61:37:7b:6f:74:ff:79:0f:b4:3c:
21:fe:ca:08:7a:3d:15:54:d6:45:6a:78:2a:8d:04:
66:bb:f0:11:fc:4a:8c:f7:ce:81:b4:63:cb:08:a0:
ea:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:BF:E5:E7:6B:62:17:A5:79:0E:F0:D2:A3:68:C5:5F:05:D4:A6:0E
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766303a3a2f34382d3438203d3e20323033353131.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:7f0::/48
Signature Algorithm: sha256WithRSAEncryption
14:9b:6d:e2:75:d3:32:b2:d9:ea:1e:bb:bf:56:b0:f6:b0:98:
63:a6:ce:a3:b7:c4:ba:68:9f:a9:df:0e:d8:02:59:8a:10:26:
96:31:3d:e8:e0:fe:d4:79:52:d8:85:d2:9d:c3:86:d3:a6:1e:
cd:95:13:a5:73:56:11:08:af:53:5b:fa:22:c8:4a:40:73:3e:
d4:19:96:c6:fc:43:06:73:92:4a:14:83:d9:d7:8a:f1:78:49:
70:67:d4:97:1d:c7:7a:85:48:a6:3a:4b:79:c2:b7:d3:55:e2:
da:5f:8a:59:25:1a:5e:16:a2:d4:37:b4:d9:ad:19:89:de:3d:
d6:5a:bb:98:a4:fb:02:43:d6:1d:f3:9b:18:be:08:06:0c:ce:
cb:a5:67:d1:e0:8e:df:f8:28:55:42:5b:f5:a1:8e:82:a5:65:
58:4a:9a:9d:cf:c4:48:60:49:82:62:78:b0:f1:14:b3:3a:08:
07:97:92:af:0f:bb:c3:f9:95:a8:d4:e3:e9:67:a9:cc:aa:be:
de:ff:28:10:d4:76:55:29:66:61:5f:e4:16:6b:88:54:bc:48:
3b:32:71:dc:e4:14:6b:ae:50:7b:cd:89:5d:72:53:58:6e:8f:
a1:44:1d:3c:a8:66:41:86:bb:de:a6:1d:3a:e5:e9:4d:24:3f:
af:9e:38:bc
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUSnY24SicasnK+/tscrDC/PRsD9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNTAyMjQxMTUxNDRaFw0yNjAyMjMxMTU2NDRaMDMxMTAvBgNV
BAMTKEVBQkZFNUU3NkI2MjE3QTU3OTBFRjBEMkEzNjhDNTVGMDVENEE2MEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3pQH3wD+TXH7H41j5/uKn2nYc
yGWc9LuSqpXAVGyfKht4/RUm8z51ED0B5M8VmdR884gQHx9nwHZ1N5y7GPGJfACe
2F+zzTvaV4dUxk3XadLrJjdpHsztS8uMdqNCC06982DO0PDqsJ8uQcT3y4idehaS
vYe96DlqgTbZCtTqxc28f2Mfa+fctmGpNxVSwEzyViUT4eOT4kkjmy3xD/St99Ee
fgEsjLHRlUjJGf1bjYIHIEWvV5w9Cqzt8QncYqg0IbH3EvaF517W0CXzu/oliObe
fpClYTd7b3T/eQ+0PCH+ygh6PRVU1kVqeCqNBGa78BH8Soz3zoG0Y8sIoOqVAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQU6r/l52tiF6V5DvDSo2jFXwXUpg4wHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3
MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzAz
MzM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8DANBgkqhkiG9w0BAQsFAAOCAQEAFJtt
4nXTMrLZ6h67v1aw9rCYY6bOo7fEumifqd8O2AJZihAmljE96OD+1HlS2IXSncOG
06YezZUTpXNWEQivU1v6IshKQHM+1BmWxvxDBnOSShSD2deK8XhJcGfUlx3HeoVI
pjpLecK301Xi2l+KWSUaXhai1De02a0Zid491lq7mKT7AkPWHfObGL4IBgzOy6Vn
0eCO3/goVUJb9aGOgqVlWEqanc/ESGBJgmJ4sPEUszoIB5eSrw+7w/mVqNTj6Wep
zKq+3v8oENR2VSlmYV/kFmuIVLxIOzJx3OQUa65Qe82JXXJTWG6PoUQdPKhmQYa7
3qYdOuXpTSQ/r544vA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:59:41 2025 by rpki-client