Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa
File: 326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa (raw, json)
Hash identifier: gq6me54MBqnqosS7iLksDmqAJs8yyfHwMXcZfgP1ijQ=
Subject key identifier: 45:28:B6:66:25:A1:BD:09:98:05:FD:2F:C7:8D:48:7B:1F:05:E8:6A
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 04B61EB741CFF79C522AC160C16A62A6370DE15C
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa
Signing time: Sat 15 Mar 2025 22:56:44 +0000
ROA not before: Sat 15 Mar 2025 22:51:44 +0000
ROA not after: Sat 14 Mar 2026 22:56:44 +0000
asID: 215124
IP address blocks: 2a0f:85c1:7f1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:b6:1e:b7:41:cf:f7:9c:52:2a:c1:60:c1:6a:62:a6:37:0d:e1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Mar 15 22:51:44 2025 GMT
Not After : Mar 14 22:56:44 2026 GMT
Subject: CN=4528B66625A1BD099805FD2FC78D487B1F05E86A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:ac:f2:39:84:5d:7c:2a:ce:7b:00:71:20:
86:ee:9f:7e:55:df:74:2e:f8:22:6e:ba:73:1b:5c:
bf:bd:f7:a9:3a:79:fa:36:7d:4e:bf:04:9e:55:03:
f9:ed:43:f6:ed:fc:36:67:2c:6d:9e:84:b2:50:91:
3b:7e:96:d0:9f:3b:d8:de:a1:fd:03:57:f6:93:92:
96:0c:cd:6b:4b:12:4a:82:15:28:56:13:f6:44:74:
db:c0:47:8e:72:cc:e1:8e:7d:80:34:ce:c7:0d:9e:
bd:e4:a9:97:e5:30:6f:e3:8e:9f:0c:2c:12:9e:87:
89:0d:4e:3a:6a:30:5e:74:11:52:99:ee:15:38:56:
37:c4:73:fc:ce:5b:f0:6c:b4:94:d6:0d:8b:c3:4f:
6a:86:a2:14:a8:eb:30:6c:b0:0d:a8:00:c4:de:4b:
f1:b8:a0:e5:98:a1:bd:17:2d:01:ae:e2:73:3e:99:
4b:4b:6c:d9:e4:3a:c0:44:0e:e0:12:2f:c4:4f:47:
37:a0:c7:e3:d3:d2:81:33:14:bc:9e:0c:de:62:e0:
fa:26:eb:5c:27:c7:45:ed:4a:de:da:1b:5c:a4:c4:
d5:01:f9:14:ec:6d:f5:4d:09:79:ed:c9:0d:4c:75:
d9:52:6b:53:c8:c4:5b:ec:2a:10:31:b9:dd:fb:5a:
17:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:28:B6:66:25:A1:BD:09:98:05:FD:2F:C7:8D:48:7B:1F:05:E8:6A
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766313a3a2f34382d3438203d3e20323135313234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:7f1::/48
Signature Algorithm: sha256WithRSAEncryption
5a:7a:5e:c1:7d:53:eb:7b:e3:67:1c:d8:82:ce:20:a7:ed:49:
b7:49:3e:66:7d:dc:4c:fe:8c:90:6f:c3:6b:fb:b8:ed:98:2c:
4c:bb:00:3c:fe:cb:3d:2d:fd:11:a7:68:0b:cc:f4:ab:d4:16:
02:b6:09:d1:86:77:d5:e8:6c:e9:0f:ca:26:9e:16:a0:1e:96:
2f:f4:d6:c2:71:f7:da:ec:74:48:34:26:f1:40:fe:84:1e:90:
b5:75:64:23:20:8a:27:46:5c:a2:b7:e9:95:35:34:00:11:08:
2e:84:77:43:f9:a8:85:55:57:7b:70:a2:6a:ed:e6:44:6e:58:
ec:f5:f1:d7:49:8b:95:bb:d4:a1:ac:fb:08:cd:a2:fb:a3:23:
de:4a:c3:3a:4d:be:16:58:78:8e:26:ed:02:d9:b3:ef:e2:34:
f8:19:e8:89:de:71:bd:41:03:f3:99:c7:ca:f0:17:84:9a:f5:
8c:1c:6f:b6:12:52:f2:bf:d9:0c:a6:2a:40:0c:63:ef:5c:00:
7f:5b:6f:ef:e6:31:a2:db:45:fe:4b:a6:7d:58:c3:af:67:f5:
de:f0:05:e0:a0:31:0e:da:f0:4b:e8:a8:2d:38:30:7a:6d:2d:
30:03:fd:92:c5:f1:e0:a4:c1:e5:f4:0e:6a:23:5c:bc:69:91:
25:a9:24:27
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUBLYet0HP95xSKsFgwWpipjcN4VwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNTAzMTUyMjUxNDRaFw0yNjAzMTQyMjU2NDRaMDMxMTAvBgNV
BAMTKDQ1MjhCNjY2MjVBMUJEMDk5ODA1RkQyRkM3OEQ0ODdCMUYwNUU4NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3OqzyOYRdfCrOewBxIIbun35V
33Qu+CJuunMbXL+996k6efo2fU6/BJ5VA/ntQ/bt/DZnLG2ehLJQkTt+ltCfO9je
of0DV/aTkpYMzWtLEkqCFShWE/ZEdNvAR45yzOGOfYA0zscNnr3kqZflMG/jjp8M
LBKeh4kNTjpqMF50EVKZ7hU4VjfEc/zOW/BstJTWDYvDT2qGohSo6zBssA2oAMTe
S/G4oOWYob0XLQGu4nM+mUtLbNnkOsBEDuASL8RPRzegx+PT0oEzFLyeDN5i4Pom
61wnx0XtSt7aG1ykxNUB+RTsbfVNCXntyQ1MddlSa1PIxFvsKhAxud37Whe3AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQURSi2ZiWhvQmYBf0vx41Iex8F6GowHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3
MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTMxMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH8TANBgkqhkiG9w0BAQsFAAOCAQEAWnpe
wX1T63vjZxzYgs4gp+1Jt0k+Zn3cTP6MkG/Da/u47ZgsTLsAPP7LPS39EadoC8z0
q9QWArYJ0YZ31ehs6Q/KJp4WoB6WL/TWwnH32ux0SDQm8UD+hB6QtXVkIyCKJ0Zc
orfplTU0ABEILoR3Q/mohVVXe3Ciau3mRG5Y7PXx10mLlbvUoaz7CM2i+6Mj3krD
Ok2+Flh4jibtAtmz7+I0+Bnoid5xvUED85nHyvAXhJr1jBxvthJS8r/ZDKYqQAxj
71wAf1tv7+YxottF/kumfVjDr2f13vAF4KAxDtrwS+ioLTgwem0tMAP9ksXx4KTB
5fQOaiNcvGmRJakkJw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:29:16 2025 by rpki-client