Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766383a3a2f34382d3438203d3e20323135323432.roa
File: 326130663a383563313a3766383a3a2f34382d3438203d3e20323135323432.roa (raw, json)
Hash identifier: 7RQ0gXCWkNwXJyLVMAjMT4ifOZKJ140AG/jnIia+kz4=
Subject key identifier: CE:8D:D9:1B:2C:3F:B8:1A:43:D1:03:9A:47:6D:AA:C9:D7:55:2D:00
Certificate issuer: /CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Certificate serial: 311A7EEA680C61DEB06218137ECAB8407A78F301
Authority key identifier: 1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766383a3a2f34382d3438203d3e20323135323432.roa
Signing time: Fri 07 Feb 2025 21:21:14 +0000
ROA not before: Fri 07 Feb 2025 21:16:14 +0000
ROA not after: Fri 06 Feb 2026 21:21:14 +0000
asID: 215242
IP address blocks: 2a0f:85c1:7f8::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:1a:7e:ea:68:0c:61:de:b0:62:18:13:7e:ca:b8:40:7a:78:f3:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1A90A6AE1542A353CCA74977EB2BFE2A49C18377
Validity
Not Before: Feb 7 21:16:14 2025 GMT
Not After : Feb 6 21:21:14 2026 GMT
Subject: CN=CE8DD91B2C3FB81A43D1039A476DAAC9D7552D00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d2:63:3c:41:6d:93:0f:cf:44:d4:a0:33:91:
c3:82:bd:ed:e3:9e:fe:74:07:c1:1d:e3:10:3b:78:
34:5c:b3:b5:e4:4b:01:3e:fe:9e:73:9e:b5:ef:eb:
a1:4e:c0:c1:94:04:6e:b8:fc:48:b4:1c:7d:b5:e7:
b7:e7:8a:32:3a:45:72:36:00:ba:b2:10:18:b4:8e:
35:ca:5d:08:a8:f6:58:09:d4:9e:69:52:24:58:cc:
cd:92:5b:02:9d:11:6c:a3:5f:c9:b2:05:ba:c3:81:
7c:c1:ea:ff:bf:c4:19:46:c3:c4:de:66:94:14:3f:
0e:60:fb:fc:58:7f:3b:ed:1b:e7:53:8e:bf:5c:07:
fc:31:b3:cf:5e:cc:a0:c4:66:71:d8:63:44:cd:59:
de:2c:16:c6:27:f7:4c:13:9a:e2:4e:37:2d:4a:8b:
52:03:ad:a9:46:cf:df:2d:57:54:ec:bf:04:bf:c3:
8b:8e:b1:d6:d0:a3:59:cc:13:93:82:d7:d1:a8:2d:
34:65:2c:4a:ef:dd:2d:4c:2c:da:56:17:64:ce:7d:
87:36:24:68:42:6a:8c:93:aa:93:d6:fd:a6:98:f6:
29:e4:0f:11:22:fc:5b:37:be:83:6e:29:47:55:e2:
2f:e3:23:b7:60:83:46:b9:3e:43:4d:63:4d:c9:03:
fe:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:8D:D9:1B:2C:3F:B8:1A:43:D1:03:9A:47:6D:AA:C9:D7:55:2D:00
X509v3 Authority Key Identifier:
keyid:1A:90:A6:AE:15:42:A3:53:CC:A7:49:77:EB:2B:FE:2A:49:C1:83:77
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/1A90A6AE1542A353CCA74977EB2BFE2A49C18377.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d06333c6-946d-4b0b-95ef-daba262a42e1/1/326130663a383563313a3766383a3a2f34382d3438203d3e20323135323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:7f8::/48
Signature Algorithm: sha256WithRSAEncryption
43:69:66:3e:3f:b9:2d:51:8e:5c:01:14:71:1e:6c:6a:d4:79:
b1:6b:1c:f3:ee:26:bd:ba:fc:fa:f7:85:d9:78:24:2e:db:99:
2c:f6:d4:ee:24:01:67:cb:9b:42:11:01:27:37:f7:9b:43:94:
b8:14:a4:b4:6d:db:b9:5d:64:ab:5a:dd:dc:48:ce:30:0d:0d:
22:89:82:f3:ea:2a:37:3c:43:f4:ab:cf:b4:8f:71:42:39:c0:
32:7d:dc:0c:1d:eb:a9:31:87:02:ea:d1:43:23:0c:44:95:31:
40:c1:4c:2a:98:96:15:8a:65:a9:ff:bf:e6:ac:ae:76:8c:5f:
61:4b:d4:3c:df:06:ba:28:18:1c:22:48:5b:84:62:b3:f6:e8:
d2:52:fb:fa:6b:e4:01:cd:96:a4:14:e1:26:eb:d6:56:e1:7c:
f7:b0:fb:1a:f9:b0:70:38:f0:e5:aa:04:73:41:a4:f0:31:f2:
a1:ed:f8:6f:c2:d2:86:12:50:6f:80:32:fc:85:97:e8:12:87:
56:75:c4:3f:e9:02:9c:69:61:43:da:55:7e:67:aa:8c:f6:8a:
93:fe:56:e6:f2:63:64:a0:c3:28:9e:0d:5d:b9:22:83:02:bb:
91:59:bf:67:bf:f1:a1:2d:14:c4:42:59:4b:4f:02:5c:a7:97:
f7:1d:f6:f9
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUMRp+6mgMYd6wYhgTfsq4QHp48wEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0
OUMxODM3NzAeFw0yNTAyMDcyMTE2MTRaFw0yNjAyMDYyMTIxMTRaMDMxMTAvBgNV
BAMTKENFOEREOTFCMkMzRkI4MUE0M0QxMDM5QTQ3NkRBQUM5RDc1NTJEMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk0mM8QW2TD89E1KAzkcOCve3j
nv50B8Ed4xA7eDRcs7XkSwE+/p5znrXv66FOwMGUBG64/Ei0HH2157fnijI6RXI2
ALqyEBi0jjXKXQio9lgJ1J5pUiRYzM2SWwKdEWyjX8myBbrDgXzB6v+/xBlGw8Te
ZpQUPw5g+/xYfzvtG+dTjr9cB/wxs89ezKDEZnHYY0TNWd4sFsYn90wTmuJONy1K
i1IDralGz98tV1TsvwS/w4uOsdbQo1nME5OC19GoLTRlLErv3S1MLNpWF2TOfYc2
JGhCaoyTqpPW/aaY9inkDxEi/Fs3voNuKUdV4i/jI7dgg0a5PkNNY03JA/69AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUzo3ZGyw/uBpD0QOaR22qyddVLQAwHwYDVR0j
BBgwFoAUGpCmrhVCo1PMp0l36yv+KknBg3cwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA2MzMzYzYtOTQ2ZC00YjBiLTk1ZWYtZGFiYTI2MmE0
MmUxLzEvMUE5MEE2QUUxNTQyQTM1M0NDQTc0OTc3RUIyQkZFMkE0OUMxODM3Ny5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84NGQ1MTgxMC0xOTg3LTQ3
MDEtOGYxZi04NDI1MTExOTY0ZjQvMC8xQTkwQTZBRTE1NDJBMzUzQ0NBNzQ5NzdF
QjJCRkUyQTQ5QzE4Mzc3LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kMDYzMzNjNi05NDZkLTRiMGItOTVlZi1kYWJhMjYyYTQyZTEvMS8zMjYxMzA2
NjNhMzgzNTYzMzEzYTM3NjYzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTMyMzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoPhcEH+DANBgkqhkiG9w0BAQsFAAOCAQEAQ2lm
Pj+5LVGOXAEUcR5satR5sWsc8+4mvbr8+veF2XgkLtuZLPbU7iQBZ8ubQhEBJzf3
m0OUuBSktG3buV1kq1rd3EjOMA0NIomC8+oqNzxD9KvPtI9xQjnAMn3cDB3rqTGH
AurRQyMMRJUxQMFMKpiWFYplqf+/5qyudoxfYUvUPN8GuigYHCJIW4Ris/bo0lL7
+mvkAc2WpBThJuvWVuF897D7GvmwcDjw5aoEc0Gk8DHyoe34b8LShhJQb4Ay/IWX
6BKHVnXEP+kCnGlhQ9pVfmeqjPaKk/5W5vJjZKDDKJ4NXbkigwK7kVm/Z7/xoS0U
xEJZS08CXKeX9x32+Q==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:17 2025 by rpki-client