Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030303a3a2f33362d3438203d3e20323134363433.roa
File: 326131343a373538313a653030303a3a2f33362d3438203d3e20323134363433.roa (raw, json)
Hash identifier: x9Ws2a9hchs2I1MVNTnPpvnZFWRirIvQpeIuGTe39hw=
Subject key identifier: DE:1C:34:74:4F:35:B3:CA:B9:9A:DD:BD:4A:B9:4E:D9:03:80:13:83
Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial: 614A6CBEA15D1E83B1355B8050288D30FB74947A
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030303a3a2f33362d3438203d3e20323134363433.roa
Signing time: Sun 06 Oct 2024 18:49:41 +0000
ROA not before: Sun 06 Oct 2024 18:44:41 +0000
ROA not after: Sun 05 Oct 2025 18:49:41 +0000
asID: 214643
IP address blocks: 2a14:7581:e000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:4a:6c:be:a1:5d:1e:83:b1:35:5b:80:50:28:8d:30:fb:74:94:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Validity
Not Before: Oct 6 18:44:41 2024 GMT
Not After : Oct 5 18:49:41 2025 GMT
Subject: CN=DE1C34744F35B3CAB99ADDBD4AB94ED903801383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:55:4e:88:a9:af:9d:ce:72:99:d7:51:c2:
7f:5e:36:d1:6b:e3:a3:dc:ef:8c:6e:36:76:76:0a:
e1:b6:27:42:81:e3:73:24:09:29:7d:53:f7:85:6b:
a8:d6:9d:72:40:ad:af:68:14:26:d3:9d:2f:91:cb:
f5:d5:74:d3:dc:71:f6:e2:87:36:07:5f:8e:60:7c:
7b:cc:28:dd:5f:1e:f1:e3:dd:24:0a:fc:b9:3e:dc:
d3:33:fe:54:6d:79:8a:9b:2f:94:e3:6b:2d:79:40:
50:31:88:c3:06:22:d5:d6:16:17:7d:f9:24:50:be:
7a:49:4c:d0:c3:16:d3:87:47:2e:6d:45:46:29:5d:
59:32:ea:d2:a1:3c:01:ed:4f:23:ab:fe:53:83:5b:
f4:17:1e:b5:61:2a:19:bb:5b:dd:17:35:ff:24:df:
43:8a:a6:44:bf:0e:7b:cf:3f:df:2f:4a:d8:0e:c7:
b9:9c:11:4e:b4:00:ec:82:7b:7b:0d:d4:3f:a8:f2:
54:6b:00:04:19:6b:e1:0d:f5:eb:d3:36:50:c6:21:
ba:0e:f2:d0:d0:c1:d3:fb:1f:0a:43:c5:76:5d:a0:
ab:b3:b9:fc:85:fe:47:f6:d6:94:c3:25:ae:b4:d9:
33:be:10:39:5b:3f:9c:8f:67:40:3b:fe:c4:27:98:
61:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1C:34:74:4F:35:B3:CA:B9:9A:DD:BD:4A:B9:4E:D9:03:80:13:83
X509v3 Authority Key Identifier:
keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a653030303a3a2f33362d3438203d3e20323134363433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:e000::/36
Signature Algorithm: sha256WithRSAEncryption
a4:55:b2:90:d8:3a:98:fb:71:17:46:65:47:95:27:a6:f8:5a:
46:da:da:9b:80:2d:5f:d1:64:71:49:f6:a6:18:dc:ce:05:58:
57:9a:25:83:e9:d2:94:05:d9:ae:18:72:83:b2:f3:7a:38:97:
c5:37:63:e6:75:54:66:20:25:98:31:d0:0b:54:e4:4c:55:3c:
3f:0f:9c:5e:3a:b1:27:26:d3:ae:e7:f2:f6:c5:ad:97:a5:94:
4c:a7:53:70:e4:26:b7:6a:75:2e:b1:50:89:3c:7b:44:2a:3b:
e5:23:69:95:a6:70:67:f5:ed:05:22:cb:ff:ad:a8:a8:7d:73:
12:9b:92:b4:b1:28:06:ac:7e:15:4a:2b:ce:c1:9e:7c:1c:26:
a9:6e:7c:8e:91:01:1a:1e:54:cb:b1:01:e9:b9:5e:f6:77:3c:
1f:ca:39:b0:d0:5e:8a:e1:ca:80:9f:5e:ce:6a:91:be:2d:1c:
f9:0e:14:1a:10:70:71:e8:6c:8b:b5:b7:cc:1e:77:ce:21:28:
4d:83:c3:ba:31:73:ea:60:33:ef:64:da:3b:6d:b6:c3:8e:07:
53:55:25:cc:5c:88:02:71:37:32:d8:1d:94:d5:03:7d:3f:2f:
71:45:fe:26:c0:6e:fe:bc:11:15:28:b0:1a:cd:a6:6f:ff:01:
72:25:8e:a0
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUYUpsvqFdHoOxNVuAUCiNMPt0lHowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDEwMDYxODQ0NDFaFw0yNTEwMDUxODQ5NDFaMDMxMTAvBgNV
BAMTKERFMUMzNDc0NEYzNUIzQ0FCOTlBRERCRDRBQjk0RUQ5MDM4MDEzODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkqFVOiKmvnc5ymddRwn9eNtFr
46Pc74xuNnZ2CuG2J0KB43MkCSl9U/eFa6jWnXJAra9oFCbTnS+Ry/XVdNPccfbi
hzYHX45gfHvMKN1fHvHj3SQK/Lk+3NMz/lRteYqbL5Tjay15QFAxiMMGItXWFhd9
+SRQvnpJTNDDFtOHRy5tRUYpXVky6tKhPAHtTyOr/lODW/QXHrVhKhm7W90XNf8k
30OKpkS/DnvPP98vStgOx7mcEU60AOyCe3sN1D+o8lRrAAQZa+EN9evTNlDGIboO
8tDQwdP7HwpDxXZdoKuzufyF/kf21pTDJa602TO+EDlbP5yPZ0A7/sQnmGENAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQU3hw0dE81s8q5mt29SrlO2QOAE4MwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY1MzAzMDMwM2EzYTJmMzMzNjJkMzQzODIwM2QzZTIwMzIz
MTM0MzYzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1geAwDQYJKoZIhvcNAQELBQADggEBAKRV
spDYOpj7cRdGZUeVJ6b4Wkba2puALV/RZHFJ9qYY3M4FWFeaJYPp0pQF2a4YcoOy
83o4l8U3Y+Z1VGYgJZgx0AtU5ExVPD8PnF46sScm067n8vbFrZellEynU3DkJrdq
dS6xUIk8e0QqO+UjaZWmcGf17QUiy/+tqKh9cxKbkrSxKAasfhVKK87BnnwcJqlu
fI6RARoeVMuxAem5XvZ3PB/KObDQXorhyoCfXs5qkb4tHPkOFBoQcHHobIu1t8we
d84hKE2Dw7oxc+pgM+9k2jtttsOOB1NVJcxciAJxNzLYHZTVA30/L3FF/ibAbv68
ERUosBrNpm//AXIljqA=
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:53:23 2025 by rpki-client