Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa
File: 326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa (raw, json)
Hash identifier: cFxWp20cVK0UfiJxxcLtUOXevD3OgB7dMefIF5hBHOk=
Subject key identifier: 2C:54:55:F8:FC:FC:DC:3C:57:1A:86:6A:04:98:43:05:0A:B3:5F:41
Certificate issuer: /CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Certificate serial: 606C4F9D748852BD246ED037DC8BA28A3DFC319F
Authority key identifier: F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa
Signing time: Sun 06 Oct 2024 18:48:37 +0000
ROA not before: Sun 06 Oct 2024 18:43:37 +0000
ROA not after: Sun 05 Oct 2025 18:48:37 +0000
asID: 214643
IP address blocks: 2a14:7581:f40::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:6c:4f:9d:74:88:52:bd:24:6e:d0:37:dc:8b:a2:8a:3d:fc:31:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A
Validity
Not Before: Oct 6 18:43:37 2024 GMT
Not After : Oct 5 18:48:37 2025 GMT
Subject: CN=2C5455F8FCFCDC3C571A866A049843050AB35F41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:43:97:75:8e:10:5c:84:64:05:70:c6:82:b2:
f0:8d:30:3a:6a:da:3e:17:30:3a:8b:b4:de:20:d1:
4a:ff:ce:6c:0d:cd:70:24:73:01:62:29:0e:2b:a2:
c4:7d:f9:75:14:e9:6a:bd:29:4a:35:d5:2b:d9:5c:
3a:85:b4:0a:c6:98:c2:a5:6a:3e:c3:94:49:4e:43:
e9:b1:9d:3b:a8:3b:c7:a1:9a:f5:8a:64:bd:9f:84:
59:9f:02:b0:47:4b:8b:a8:b0:b1:9d:d7:4e:33:c7:
c2:27:60:37:59:ae:19:53:b9:a6:a2:52:1f:f7:a0:
2b:71:69:7a:af:de:a9:44:6a:47:bf:c1:37:5e:96:
22:af:2d:ab:f9:ff:2d:9e:03:49:f8:02:dd:8b:38:
1b:be:3e:0a:be:38:bc:49:e5:78:42:24:5b:b2:6e:
e8:47:8b:64:9e:f6:1c:f2:fc:26:78:e7:d7:6f:fb:
1a:10:d3:ec:6e:7c:ad:96:5f:0c:b0:fd:dd:6a:46:
0c:b9:2c:79:ff:63:da:24:85:25:be:b5:c9:01:e1:
36:c7:cf:11:f4:cb:f9:8e:01:42:ac:89:5a:b7:f6:
1b:85:88:65:89:ec:8e:91:90:19:ca:b8:55:fe:41:
d7:4d:19:ce:f1:25:6a:bc:c2:b8:bc:da:16:68:6a:
e2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:54:55:F8:FC:FC:DC:3C:57:1A:86:6A:04:98:43:05:0A:B3:5F:41
X509v3 Authority Key Identifier:
keyid:F9:F7:A2:88:5C:F3:01:2F:A1:39:0D:3B:32:59:FC:78:AE:F7:AD:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F9F7A2885CF3012FA1390D3B3259FC78AEF7AD1A.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/db8d8b7d-c486-4239-9d9f-8f8f5dced8d0/1/326131343a373538313a6634303a3a2f34342d3438203d3e20323134363433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f40::/44
Signature Algorithm: sha256WithRSAEncryption
55:46:17:ed:03:a8:9e:4e:20:13:e5:70:7b:e6:fa:ca:ad:f7:
fe:df:0a:55:1b:bc:66:40:90:68:fe:aa:12:12:1f:72:23:51:
6c:c1:65:45:c6:ea:10:05:a3:51:83:dd:45:a6:f9:ff:7d:f0:
b6:72:05:53:8b:41:25:40:31:83:16:d3:87:20:b2:5a:d7:00:
f2:d4:4e:b2:e6:23:5c:1d:be:61:d4:7e:3e:96:a9:18:e3:4a:
ef:49:68:9c:ad:e8:cd:3e:d0:5e:d8:1b:3f:95:ed:2a:24:61:
62:4f:fd:7f:15:4e:5b:52:df:1d:cf:8d:91:1f:b8:9d:8d:1a:
1e:91:7a:65:d5:7a:ac:28:ca:c5:fd:0c:12:ff:1e:6b:b5:e1:
e2:33:a9:e2:cb:1a:1e:3f:0b:48:d1:54:95:6b:9a:3c:5e:e4:
fc:c3:6e:e0:24:17:67:f4:b5:50:c5:83:79:ed:2e:2b:25:c9:
66:a7:92:ff:6b:93:5b:4c:42:37:6b:c8:6d:c8:c8:52:45:e0:
ff:b1:30:4f:79:a4:70:da:79:ba:d4:45:e6:3f:a9:bb:11:22:
e4:c8:fc:cf:5b:49:3d:c3:b8:eb:9f:6f:81:4a:69:35:e5:90:
b3:a8:22:83:2a:60:fc:75:b7:01:83:64:82:02:50:fe:a1:a2:
f8:7e:2e:b7
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUYGxPnXSIUr0kbtA33Iuiij38MZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhB
RUY3QUQxQTAeFw0yNDEwMDYxODQzMzdaFw0yNTEwMDUxODQ4MzdaMDMxMTAvBgNV
BAMTKDJDNTQ1NUY4RkNGQ0RDM0M1NzFBODY2QTA0OTg0MzA1MEFCMzVGNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeQ5d1jhBchGQFcMaCsvCNMDpq
2j4XMDqLtN4g0Ur/zmwNzXAkcwFiKQ4rosR9+XUU6Wq9KUo11SvZXDqFtArGmMKl
aj7DlElOQ+mxnTuoO8ehmvWKZL2fhFmfArBHS4uosLGd104zx8InYDdZrhlTuaai
Uh/3oCtxaXqv3qlEake/wTdeliKvLav5/y2eA0n4At2LOBu+Pgq+OLxJ5XhCJFuy
buhHi2Se9hzy/CZ459dv+xoQ0+xufK2WXwyw/d1qRgy5LHn/Y9okhSW+tckB4TbH
zxH0y/mOAUKsiVq39huFiGWJ7I6RkBnKuFX+QddNGc7xJWq8wri82hZoauK/AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQULFRV+Pz83DxXGoZqBJhDBQqzX0EwHwYDVR0j
BBgwFoAU+feiiFzzAS+hOQ07Mln8eK73rRowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZGI4ZDhiN2QtYzQ4Ni00MjM5LTlkOWYtOGY4ZjVkY2Vk
OGQwLzEvRjlGN0EyODg1Q0YzMDEyRkExMzkwRDNCMzI1OUZDNzhBRUY3QUQxQS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GOUY3QTI4ODVDRjMwMTJGQTEzOTBEM0Iz
MjU5RkM3OEFFRjdBRDFBLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9kYjhkOGI3ZC1jNDg2LTQyMzktOWQ5Zi04ZjhmNWRjZWQ4ZDAvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTY2MzQzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEz
NDM2MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHBCoUdYEPQDANBgkqhkiG9w0BAQsFAAOCAQEAVUYX
7QOonk4gE+Vwe+b6yq33/t8KVRu8ZkCQaP6qEhIfciNRbMFlRcbqEAWjUYPdRab5
/33wtnIFU4tBJUAxgxbThyCyWtcA8tROsuYjXB2+YdR+PpapGONK70lonK3ozT7Q
XtgbP5XtKiRhYk/9fxVOW1LfHc+NkR+4nY0aHpF6ZdV6rCjKxf0MEv8ea7Xh4jOp
4ssaHj8LSNFUlWuaPF7k/MNu4CQXZ/S1UMWDee0uKyXJZqeS/2uTW0xCN2vIbcjI
UkXg/7EwT3mkcNp5utRF5j+puxEi5Mj8z1tJPcO4659vgUppNeWQs6gigypg/HW3
AYNkggJQ/qGi+H4utw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:53:36 2025 by rpki-client