Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/1/326130393a353463363a643031303a3a2f34342d3434203d3e20323134373537.roa
File: 326130393a353463363a643031303a3a2f34342d3434203d3e20323134373537.roa (raw, json)
Hash identifier: 1JG8axTv5r0vZhNPpXif1Pxw9vNmkpWq/VRKcE5XQL0=
Subject key identifier: 4D:D2:7D:7C:5C:E4:E1:14:2F:3A:98:1E:B7:52:BE:58:11:28:AF:F0
Certificate issuer: /CN=8FD9D2B5888D68B05130C2B204FF94681A764D41
Certificate serial: 0C8BFBFD74C24076BE205FB38079DD919ACB8646
Authority key identifier: 8F:D9:D2:B5:88:8D:68:B0:51:30:C2:B2:04:FF:94:68:1A:76:4D:41
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/8FD9D2B5888D68B05130C2B204FF94681A764D41.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/1/326130393a353463363a643031303a3a2f34342d3434203d3e20323134373537.roa
Signing time: Mon 09 Sep 2024 08:58:37 +0000
ROA not before: Mon 09 Sep 2024 08:53:37 +0000
ROA not after: Mon 08 Sep 2025 08:58:37 +0000
asID: 214757
IP address blocks: 2a09:54c6:d010::/44 maxlen: 44
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:8b:fb:fd:74:c2:40:76:be:20:5f:b3:80:79:dd:91:9a:cb:86:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8FD9D2B5888D68B05130C2B204FF94681A764D41
Validity
Not Before: Sep 9 08:53:37 2024 GMT
Not After : Sep 8 08:58:37 2025 GMT
Subject: CN=4DD27D7C5CE4E1142F3A981EB752BE581128AFF0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0a:f1:a1:6b:d7:ec:b8:14:02:d7:c1:42:17:
cb:ea:d3:07:be:e8:d8:b6:aa:54:c6:41:68:78:19:
59:87:a2:5e:d7:54:ca:12:2c:1f:cf:80:f9:55:57:
69:b4:f1:97:87:66:b5:8c:30:55:05:a1:f8:d8:7a:
d1:55:5c:5e:18:6f:b9:f7:bd:ec:76:34:b0:7b:67:
d4:2f:3e:0b:6f:be:e6:69:53:1e:57:f7:ca:e5:53:
61:47:8a:b4:40:90:96:6f:a0:ca:51:01:02:1b:81:
a7:b4:bb:eb:0a:d7:72:10:4f:5d:ff:7e:50:bf:28:
5b:3a:8a:58:b1:fb:1e:a5:97:e6:66:09:64:32:35:
90:14:26:5d:c4:00:a9:f4:45:f2:39:42:20:08:1c:
c0:92:ec:43:43:5f:9e:17:05:83:a2:cc:9f:80:5b:
7b:fe:82:5b:a3:be:02:d2:81:ee:29:03:8f:c2:cf:
18:a5:0e:2b:52:2a:e1:3e:99:56:ce:ec:fc:d1:5a:
ce:5b:f8:d3:80:4a:b3:a9:70:77:e0:0d:62:4e:76:
ca:5f:c2:8d:22:cd:91:fc:87:0c:1f:df:0b:3f:a0:
56:72:8f:1f:42:74:e8:a9:83:0e:b0:48:8c:14:dc:
d0:84:b9:38:1f:ee:da:c7:b2:66:a3:fc:f8:13:32:
e6:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:D2:7D:7C:5C:E4:E1:14:2F:3A:98:1E:B7:52:BE:58:11:28:AF:F0
X509v3 Authority Key Identifier:
keyid:8F:D9:D2:B5:88:8D:68:B0:51:30:C2:B2:04:FF:94:68:1A:76:4D:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/1/8FD9D2B5888D68B05130C2B204FF94681A764D41.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/8FD9D2B5888D68B05130C2B204FF94681A764D41.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d869b33b-5122-4ab8-bb59-98022d6391a0/1/326130393a353463363a643031303a3a2f34342d3434203d3e20323134373537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:54c6:d010::/44
Signature Algorithm: sha256WithRSAEncryption
26:7f:ad:15:9d:ab:54:92:1e:3f:57:42:c8:e8:6b:19:0c:8f:
39:f6:21:e8:bc:e1:2e:61:e0:9d:f4:62:47:c4:b9:9f:90:37:
85:ec:86:fa:76:16:18:cb:a7:0d:d3:aa:45:c7:54:34:f9:d0:
53:84:ac:67:5d:4e:b4:b0:3a:ee:3a:be:f4:d6:1c:e6:c9:51:
c0:1f:18:eb:0a:e4:ee:12:7d:d9:3d:9c:40:6e:a0:32:cd:c9:
dc:20:f2:cb:bc:32:b9:d7:87:3f:b1:69:58:b6:5f:d1:dd:fb:
bb:63:d5:26:1b:ed:8e:1f:7c:8a:ea:9b:99:d3:73:9b:1f:62:
81:46:70:52:5b:2f:8e:b5:f0:4e:2b:d2:87:a8:fb:25:22:43:
4c:96:54:a4:da:e1:9b:fc:d1:31:9e:3f:2f:6d:11:13:a5:ea:
cd:a5:5d:92:ee:81:08:b0:45:1a:e1:88:73:cd:ce:02:fc:53:
6b:a9:05:f4:c7:80:a9:a3:56:5c:3a:5c:ae:18:1b:d6:b2:c9:
af:cf:0b:1e:34:9a:e9:ee:a9:0c:e9:bf:73:0a:0c:c0:29:11:
67:81:b0:63:5d:ec:70:15:1b:86:10:aa:2e:2c:df:2b:87:5c:
30:79:2a:a2:8f:ec:0a:1f:22:38:36:7a:a0:74:c7:aa:a5:a5:
98:b9:a8:c9
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUDIv7/XTCQHa+IF+zgHndkZrLhkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEZEOUQyQjU4ODhENjhCMDUxMzBDMkIyMDRGRjk0Njgx
QTc2NEQ0MTAeFw0yNDA5MDkwODUzMzdaFw0yNTA5MDgwODU4MzdaMDMxMTAvBgNV
BAMTKDRERDI3RDdDNUNFNEUxMTQyRjNBOTgxRUI3NTJCRTU4MTEyOEFGRjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbCvGha9fsuBQC18FCF8vq0we+
6Ni2qlTGQWh4GVmHol7XVMoSLB/PgPlVV2m08ZeHZrWMMFUFofjYetFVXF4Yb7n3
vex2NLB7Z9QvPgtvvuZpUx5X98rlU2FHirRAkJZvoMpRAQIbgae0u+sK13IQT13/
flC/KFs6ilix+x6ll+ZmCWQyNZAUJl3EAKn0RfI5QiAIHMCS7ENDX54XBYOizJ+A
W3v+glujvgLSge4pA4/CzxilDitSKuE+mVbO7PzRWs5b+NOASrOpcHfgDWJOdspf
wo0izZH8hwwf3ws/oFZyjx9CdOipgw6wSIwU3NCEuTgf7trHsmaj/PgTMubTAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUTdJ9fFzk4RQvOpget1K+WBEor/AwHwYDVR0j
BBgwFoAUj9nStYiNaLBRMMKyBP+UaBp2TUEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDg2OWIzM2ItNTEyMi00YWI4LWJiNTktOTgwMjJkNjM5
MWEwLzEvOEZEOUQyQjU4ODhENjhCMDUxMzBDMkIyMDRGRjk0NjgxQTc2NEQ0MS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC84RkQ5RDJCNTg4OEQ2OEIwNTEzMEMyQjIw
NEZGOTQ2ODFBNzY0RDQxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kODY5YjMzYi01MTIyLTRhYjgtYmI1OS05ODAyMmQ2MzkxYTAvMS8zMjYxMzAz
OTNhMzUzNDYzMzYzYTY0MzAzMTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM0MzczNTM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKglUxtAQMA0GCSqGSIb3DQEBCwUAA4IBAQAm
f60VnatUkh4/V0LI6GsZDI859iHovOEuYeCd9GJHxLmfkDeF7Ib6dhYYy6cN06pF
x1Q0+dBThKxnXU60sDruOr701hzmyVHAHxjrCuTuEn3ZPZxAbqAyzcncIPLLvDK5
14c/sWlYtl/R3fu7Y9UmG+2OH3yK6puZ03ObH2KBRnBSWy+OtfBOK9KHqPslIkNM
llSk2uGb/NExnj8vbRETperNpV2S7oEIsEUa4Yhzzc4C/FNrqQX0x4Cpo1ZcOlyu
GBvWssmvzwseNJrp7qkM6b9zCgzAKRFngbBjXexwFRuGEKouLN8rh1wweSqij+wK
HyI4NnqgdMeqpaWYuajJ
-----END CERTIFICATE-----
Generated at Sun Sep 29 19:45:41 2024 by rpki-client on console-fra.rpki-client.org