Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030343a3a2f34382d3438203d3e20323135343433.roa
File: 326130613a363034343a393030343a3a2f34382d3438203d3e20323135343433.roa (raw, json)
Hash identifier: N53r+fj2CPzmLYdetT5f7xYtYHnCPblA/IGh+xuvj+s=
Subject key identifier: F7:A9:01:12:E9:97:57:A5:4C:78:95:DA:79:41:0A:C7:CA:AC:37:DC
Certificate issuer: /CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Certificate serial: 0D85509992A2C6BD8AF08AAF77AD476E2A55254D
Authority key identifier: 48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030343a3a2f34382d3438203d3e20323135343433.roa
Signing time: Tue 07 May 2024 15:00:26 +0000
ROA not before: Tue 07 May 2024 14:55:26 +0000
ROA not after: Tue 06 May 2025 15:00:26 +0000
asID: 215443
IP address blocks: 2a0a:6044:9004::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:85:50:99:92:a2:c6:bd:8a:f0:8a:af:77:ad:47:6e:2a:55:25:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Validity
Not Before: May 7 14:55:26 2024 GMT
Not After : May 6 15:00:26 2025 GMT
Subject: CN=F7A90112E99757A54C7895DA79410AC7CAAC37DC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:6c:41:89:70:de:81:50:e9:c2:9f:4c:c1:72:
45:b6:27:8d:45:2c:aa:bf:c8:f3:a6:5d:31:ae:b4:
b8:25:cf:34:eb:10:6b:1c:31:fb:74:1b:97:ec:00:
23:22:67:de:04:df:17:93:8d:1c:c9:eb:79:9c:59:
56:8d:2f:93:81:00:ac:02:67:0b:27:30:94:f4:a4:
9a:e8:19:8c:9e:1c:7f:87:51:82:c4:9e:c1:12:9c:
99:bb:53:32:98:c3:3d:1f:82:a2:e7:7a:14:40:e5:
16:35:a1:c9:67:c7:76:d4:af:e9:47:a7:32:44:59:
f1:94:ca:9b:01:c8:f0:da:38:29:2a:23:99:07:70:
a8:a0:b0:c4:1f:72:92:e4:9e:c9:28:62:af:0a:34:
54:4e:43:73:61:06:58:df:1f:d2:eb:43:6e:bc:fe:
c4:55:04:1f:0e:fc:99:eb:d1:9d:49:34:7b:8e:84:
62:25:61:cc:b3:e4:1b:37:36:96:1e:f1:a9:84:3d:
96:2e:44:6a:37:1e:d7:0a:da:64:41:65:cd:a0:ad:
1b:c5:6a:7c:12:7e:cd:66:00:30:e8:b3:81:62:2f:
90:d4:3d:e0:0a:5d:cc:5a:7a:a0:67:10:b5:c7:ec:
a7:e3:d8:4f:96:cb:31:e5:45:47:b3:0e:f7:67:e2:
e8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:A9:01:12:E9:97:57:A5:4C:78:95:DA:79:41:0A:C7:CA:AC:37:DC
X509v3 Authority Key Identifier:
keyid:48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393030343a3a2f34382d3438203d3e20323135343433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:9004::/48
Signature Algorithm: sha256WithRSAEncryption
73:19:3d:d7:0a:e8:67:6e:f6:95:fd:e6:87:cd:27:5d:6c:2e:
0c:94:6c:82:06:b1:43:b4:5c:26:32:b1:1b:b0:b4:3b:6c:70:
a2:d7:4e:fe:2b:2c:3c:2e:4b:ce:4f:66:23:9e:5f:b6:b1:d5:
6d:85:20:d5:77:af:e5:11:c5:c7:95:e9:46:85:09:7b:28:33:
2d:d1:c6:2c:24:75:b6:46:ca:8a:91:e5:02:77:1d:aa:07:2f:
20:f7:08:63:6f:ce:42:5c:e2:a1:58:9a:ab:c3:c1:b6:50:8d:
e5:95:22:49:99:fa:47:b8:45:b9:68:cf:bb:ff:ce:8f:cc:11:
d6:e9:db:60:70:27:f1:c5:26:61:31:00:b5:75:7f:ac:90:af:
1c:a6:b3:0b:b6:d7:bd:a8:47:0d:2f:89:13:6e:bc:00:0f:71:
2b:93:8b:59:62:f1:ce:a8:ff:aa:ea:e7:0c:20:bc:b9:49:06:
8c:d2:b4:ca:79:92:ce:d6:c6:c5:0d:e0:ac:db:3d:1c:da:e0:
2b:1a:74:35:9a:85:62:d9:3e:7e:64:8b:6e:35:3c:3b:99:68:
3d:65:37:20:fe:15:eb:ce:4c:bc:44:26:e3:e0:0c:67:8a:41:
43:86:8f:c3:da:31:78:62:07:66:a7:16:51:bb:f2:e2:c3:35:
51:90:e8:c2
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUDYVQmZKixr2K8Iqvd61HbipVJU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBC
MkFGNjZERjAeFw0yNDA1MDcxNDU1MjZaFw0yNTA1MDYxNTAwMjZaMDMxMTAvBgNV
BAMTKEY3QTkwMTEyRTk5NzU3QTU0Qzc4OTVEQTc5NDEwQUM3Q0FBQzM3REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDybEGJcN6BUOnCn0zBckW2J41F
LKq/yPOmXTGutLglzzTrEGscMft0G5fsACMiZ94E3xeTjRzJ63mcWVaNL5OBAKwC
ZwsnMJT0pJroGYyeHH+HUYLEnsESnJm7UzKYwz0fgqLnehRA5RY1oclnx3bUr+lH
pzJEWfGUypsByPDaOCkqI5kHcKigsMQfcpLknskoYq8KNFROQ3NhBljfH9LrQ268
/sRVBB8O/Jnr0Z1JNHuOhGIlYcyz5Bs3NpYe8amEPZYuRGo3HtcK2mRBZc2grRvF
anwSfs1mADDos4FiL5DUPeAKXcxaeqBnELXH7Kfj2E+WyzHlRUezDvdn4uivAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU96kBEumXV6VMeJXaeUEKx8qsN9wwHwYDVR0j
BBgwFoAUSIvYav2xviOOHj6t6FoFILKvZt8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNiMzAzMjItOTRmNy00ZTYxLTg2OTEtNWMxYjYxMWIw
YTk1LzEvNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBCMkFGNjZERi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80ODhCRDg2QUZEQjFCRTIzOEUxRTNFQURF
ODVBMDUyMEIyQUY2NkRGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lY2IzMDMyMi05NGY3LTRlNjEtODY5MS01YzFiNjExYjBhOTUvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM5MzAzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzQzNDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgpgRJAEMA0GCSqGSIb3DQEBCwUAA4IBAQBz
GT3XCuhnbvaV/eaHzSddbC4MlGyCBrFDtFwmMrEbsLQ7bHCi107+Kyw8LkvOT2Yj
nl+2sdVthSDVd6/lEcXHlelGhQl7KDMt0cYsJHW2RsqKkeUCdx2qBy8g9whjb85C
XOKhWJqrw8G2UI3llSJJmfpHuEW5aM+7/86PzBHW6dtgcCfxxSZhMQC1dX+skK8c
prMLtte9qEcNL4kTbrwAD3Erk4tZYvHOqP+q6ucMILy5SQaM0rTKeZLO1sbFDeCs
2z0c2uArGnQ1moVi2T5+ZItuNTw7mWg9ZTcg/hXrzky8RCbj4AxnikFDho/D2jF4
YgdmpxZRu/LiwzVRkOjC
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:57:07 2025 by rpki-client