Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393036303a3a2f34342d3434203d3e20323135343339.roa
File: 326130613a363034343a393036303a3a2f34342d3434203d3e20323135343339.roa (raw, json)
Hash identifier: pd2Lrnwn2H4VmAPI0n0iBYgBDsKpqvsJNjLpsnux5z0=
Subject key identifier: 87:D5:C4:8C:85:F6:9F:C3:91:E7:20:96:87:13:6E:91:2A:D3:9B:93
Certificate issuer: /CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Certificate serial: 2F2A0CC2D10D440E1FA4C954C1B5E0E6E518C7D5
Authority key identifier: 48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393036303a3a2f34342d3434203d3e20323135343339.roa
Signing time: Thu 29 Aug 2024 14:50:21 +0000
ROA not before: Thu 29 Aug 2024 14:45:21 +0000
ROA not after: Thu 28 Aug 2025 14:50:21 +0000
asID: 215439
IP address blocks: 2a0a:6044:9060::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:2a:0c:c2:d1:0d:44:0e:1f:a4:c9:54:c1:b5:e0:e6:e5:18:c7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF
Validity
Not Before: Aug 29 14:45:21 2024 GMT
Not After : Aug 28 14:50:21 2025 GMT
Subject: CN=87D5C48C85F69FC391E7209687136E912AD39B93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:a5:c6:4a:6b:01:88:c4:01:79:a3:53:fc:3b:
64:95:36:0c:f3:45:77:13:22:89:57:3b:f6:6a:17:
ae:34:65:40:32:62:39:41:71:e9:c3:b3:22:c5:3f:
fe:c3:d5:0d:14:ce:75:df:40:55:17:01:90:74:69:
5d:25:4d:77:b7:46:97:47:ff:9f:c3:f0:6b:e1:18:
1f:ca:55:b3:c8:97:82:d2:d6:ec:6a:4a:fc:31:60:
7a:d5:bc:77:dd:6e:9b:11:12:26:a2:0e:06:ea:62:
ef:89:5b:d5:60:56:7d:98:35:ec:da:41:22:76:6f:
ac:ac:67:39:76:26:f0:1d:07:df:b3:88:b2:7d:c6:
44:3b:f2:09:c5:7f:e2:6c:1b:d8:c7:3a:0e:5d:dd:
c5:6b:ad:8a:e4:a6:df:97:d1:cd:d8:46:07:fd:a5:
51:21:ad:4e:56:9f:6e:b9:be:aa:84:be:0e:d7:0c:
fd:69:f3:f2:2d:10:a8:df:14:d1:38:64:29:9a:75:
c2:11:40:3c:72:f5:a8:cc:8b:49:a2:f1:1f:9c:7c:
76:93:e1:c9:06:41:d2:65:d0:1a:21:3a:e8:fe:2e:
9e:1c:07:88:8a:20:34:7a:a4:34:9d:ba:13:c8:37:
d6:04:be:c1:e5:00:70:58:6e:5f:71:a8:4c:d6:af:
41:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:D5:C4:8C:85:F6:9F:C3:91:E7:20:96:87:13:6E:91:2A:D3:9B:93
X509v3 Authority Key Identifier:
keyid:48:8B:D8:6A:FD:B1:BE:23:8E:1E:3E:AD:E8:5A:05:20:B2:AF:66:DF
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/488BD86AFDB1BE238E1E3EADE85A0520B2AF66DF.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ecb30322-94f7-4e61-8691-5c1b611b0a95/1/326130613a363034343a393036303a3a2f34342d3434203d3e20323135343339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:9060::/44
Signature Algorithm: sha256WithRSAEncryption
5d:3a:68:40:ce:c4:53:81:b0:82:e2:f1:d5:cf:75:92:29:1e:
8c:03:24:23:92:11:f8:42:22:13:8f:4e:66:af:c9:db:be:36:
bb:cf:aa:3b:fe:42:27:97:7a:9a:ba:53:b4:d3:f6:c4:a0:25:
77:9c:44:cc:e1:c7:cf:16:05:25:1d:ed:fa:ee:de:ea:3d:3e:
98:21:1d:ff:3e:83:e7:27:b3:db:eb:49:8c:5c:fc:a7:c5:c8:
fe:c9:e8:44:ba:6f:5d:d2:39:89:8f:4f:a2:a7:db:b0:89:30:
0c:02:e0:0e:2f:01:c3:44:34:31:9f:32:ce:d0:f3:8b:28:d1:
e1:63:1b:27:c3:dd:73:a5:ef:40:ac:8a:3b:ac:df:2f:29:6e:
61:6c:bd:c4:39:3e:9a:28:d4:d8:b7:2c:da:e3:62:b7:a2:dc:
d9:de:0f:16:cb:b4:c9:80:53:9e:ce:3f:3d:d3:b7:3d:7a:c2:
cd:cf:3c:34:d3:88:65:08:18:4e:3c:a5:09:bb:5b:5a:8a:ac:
29:01:16:fc:9f:08:5a:8b:4e:ae:6d:a3:ed:97:01:da:20:d1:
4b:f8:0e:85:43:50:06:54:e0:e0:df:51:61:63:81:7a:22:c8:
b5:5f:2c:9e:02:4a:39:d8:16:cf:c3:f7:3c:99:26:f5:eb:58:
d2:40:fc:fb
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIULyoMwtENRA4fpMlUwbXg5uUYx9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBC
MkFGNjZERjAeFw0yNDA4MjkxNDQ1MjFaFw0yNTA4MjgxNDUwMjFaMDMxMTAvBgNV
BAMTKDg3RDVDNDhDODVGNjlGQzM5MUU3MjA5Njg3MTM2RTkxMkFEMzlCOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7pcZKawGIxAF5o1P8O2SVNgzz
RXcTIolXO/ZqF640ZUAyYjlBcenDsyLFP/7D1Q0UznXfQFUXAZB0aV0lTXe3RpdH
/5/D8GvhGB/KVbPIl4LS1uxqSvwxYHrVvHfdbpsREiaiDgbqYu+JW9VgVn2YNeza
QSJ2b6ysZzl2JvAdB9+ziLJ9xkQ78gnFf+JsG9jHOg5d3cVrrYrkpt+X0c3YRgf9
pVEhrU5Wn265vqqEvg7XDP1p8/ItEKjfFNE4ZCmadcIRQDxy9ajMi0mi8R+cfHaT
4ckGQdJl0BohOuj+Lp4cB4iKIDR6pDSduhPIN9YEvsHlAHBYbl9xqEzWr0F3AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUh9XEjIX2n8OR5yCWhxNukSrTm5MwHwYDVR0j
BBgwFoAUSIvYav2xviOOHj6t6FoFILKvZt8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWNiMzAzMjItOTRmNy00ZTYxLTg2OTEtNWMxYjYxMWIw
YTk1LzEvNDg4QkQ4NkFGREIxQkUyMzhFMUUzRUFERTg1QTA1MjBCMkFGNjZERi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zMjUzZDk3My1kNWJmLTQ1
NDEtYmNjMS0yNzY1NDNhMjVjN2QvMC80ODhCRDg2QUZEQjFCRTIzOEUxRTNFQURF
ODVBMDUyMEIyQUY2NkRGLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lY2IzMDMyMi05NGY3LTRlNjEtODY5MS01YzFiNjExYjBhOTUvMS8zMjYxMzA2
MTNhMzYzMDM0MzQzYTM5MzAzNjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIz
MTM1MzQzMzM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKgpgRJBgMA0GCSqGSIb3DQEBCwUAA4IBAQBd
OmhAzsRTgbCC4vHVz3WSKR6MAyQjkhH4QiITj05mr8nbvja7z6o7/kInl3qaulO0
0/bEoCV3nETM4cfPFgUlHe367t7qPT6YIR3/PoPnJ7Pb60mMXPynxcj+yehEum9d
0jmJj0+ip9uwiTAMAuAOLwHDRDQxnzLO0POLKNHhYxsnw91zpe9ArIo7rN8vKW5h
bL3EOT6aKNTYtyza42K3otzZ3g8Wy7TJgFOezj8907c9esLNzzw004hlCBhOPKUJ
u1taiqwpARb8nwhai06ubaPtlwHaINFL+A6FQ1AGVODg31FhY4F6Isi1XyyeAko5
2BbPw/c8mSb161jSQPz7
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:12:03 2025 by rpki-client