Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a363534613a3a2f34382d3438203d3e20323134353635.roa
File: 326130373a353463373a363534613a3a2f34382d3438203d3e20323134353635.roa (raw, json)
Hash identifier: Xow69Pg4ksXYCkHxwMsumRcHeKifksDko2ACzOmaT1M=
Subject key identifier: D5:06:A0:A7:08:92:B5:50:3B:B6:AB:14:33:A4:73:5D:5D:6B:B4:62
Certificate issuer: /CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Certificate serial: 3986F1E9982CCD7200436F17EC4D39E06A5E0DAF
Authority key identifier: F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a363534613a3a2f34382d3438203d3e20323134353635.roa
Signing time: Thu 18 Jul 2024 19:14:38 +0000
ROA not before: Thu 18 Jul 2024 19:09:38 +0000
ROA not after: Thu 17 Jul 2025 19:14:38 +0000
asID: 214565
IP address blocks: 2a07:54c7:654a::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:86:f1:e9:98:2c:cd:72:00:43:6f:17:ec:4d:39:e0:6a:5e:0d:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Validity
Not Before: Jul 18 19:09:38 2024 GMT
Not After : Jul 17 19:14:38 2025 GMT
Subject: CN=D506A0A70892B5503BB6AB1433A4735D5D6BB462
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:28:8b:99:06:1f:35:59:86:68:48:0c:dd:
a9:4e:f1:4e:a0:4f:bc:7b:79:97:7f:5d:e0:fd:91:
f6:b2:26:d3:52:58:f0:c7:d7:5b:12:35:c6:30:87:
a2:77:13:6c:fe:5b:aa:f9:4a:43:b5:86:bf:3f:cc:
8f:eb:24:5c:6f:7a:ff:6d:42:3f:19:83:5b:16:23:
4c:12:7c:e6:9d:82:40:91:ec:e8:11:60:33:0a:65:
d1:2f:ab:5a:6e:01:bd:46:5c:c9:fe:a0:0b:4c:1d:
a2:23:d5:33:3d:90:60:b2:d0:06:92:bd:53:c5:44:
8a:85:7a:6a:9e:85:3f:cf:f4:b0:d3:31:62:d5:a5:
df:50:1e:10:30:6e:fa:43:11:94:be:43:c1:9a:cb:
e7:4e:6a:f2:85:12:f6:aa:c9:d0:30:fc:40:49:7c:
a7:b6:85:3a:25:a4:5b:40:46:20:5e:e7:26:45:3e:
f1:80:56:ed:fe:34:3b:78:a6:1e:01:e8:f6:ab:4e:
74:ea:3c:8f:ec:5a:db:8d:09:d0:1a:8f:0b:d1:f9:
b2:5f:ea:b8:d9:fe:e4:bb:e7:02:3d:d6:06:ae:68:
e8:71:74:1d:e7:ef:7e:0b:5c:bb:9c:9c:26:8f:0c:
dd:f5:e8:1f:74:b6:16:98:63:5a:0f:a3:b2:d1:20:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:06:A0:A7:08:92:B5:50:3B:B6:AB:14:33:A4:73:5D:5D:6B:B4:62
X509v3 Authority Key Identifier:
keyid:F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a363534613a3a2f34382d3438203d3e20323134353635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c7:654a::/48
Signature Algorithm: sha256WithRSAEncryption
7c:eb:12:68:ac:db:e0:91:b7:36:94:bb:6e:5c:32:bf:2d:20:
69:e5:8f:93:d1:bf:20:eb:bf:03:b9:b5:f9:9a:d7:b2:21:7d:
55:13:4c:0e:f2:5e:76:3f:a1:a4:af:4f:1f:00:8b:40:9b:f2:
6d:4b:19:95:c4:a6:ae:fc:7e:1b:20:73:f8:2e:56:14:a8:3b:
fa:b9:66:be:07:a8:38:ef:b5:96:55:b6:e2:64:62:0c:5d:d8:
45:ad:02:f2:88:0c:69:55:54:88:64:22:61:26:8f:e8:be:9c:
a0:91:3d:38:0a:f2:a0:97:9c:77:1e:41:db:fd:1c:19:16:94:
92:0a:c3:9f:fe:59:3d:47:6d:9c:63:7c:f0:8b:67:2a:32:3a:
82:e9:62:c8:ca:72:7a:32:89:67:e8:60:e5:0b:25:b8:fd:ff:
a2:9d:1b:49:0e:6c:61:49:a3:9a:c3:cb:67:7f:9a:a9:5a:b8:
ca:0d:31:d5:8e:f5:d0:22:fa:f8:57:d4:17:f2:76:a6:1c:f9:
5e:37:33:36:df:6a:ce:33:cc:b0:17:02:c0:bc:97:ec:89:d1:
10:ef:95:ef:34:88:f7:5c:81:29:34:72:ef:36:67:d5:61:cc:
8c:74:c7:68:0d:64:37:4d:31:5f:25:91:91:cc:3b:3a:a3:da:
60:2c:1e:1f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUOYbx6ZgszXIAQ28X7E054GpeDa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0
M0M5OUIzRTAeFw0yNDA3MTgxOTA5MzhaFw0yNTA3MTcxOTE0MzhaMDMxMTAvBgNV
BAMTKEQ1MDZBMEE3MDg5MkI1NTAzQkI2QUIxNDMzQTQ3MzVENUQ2QkI0NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6LiiLmQYfNVmGaEgM3alO8U6g
T7x7eZd/XeD9kfayJtNSWPDH11sSNcYwh6J3E2z+W6r5SkO1hr8/zI/rJFxvev9t
Qj8Zg1sWI0wSfOadgkCR7OgRYDMKZdEvq1puAb1GXMn+oAtMHaIj1TM9kGCy0AaS
vVPFRIqFemqehT/P9LDTMWLVpd9QHhAwbvpDEZS+Q8Gay+dOavKFEvaqydAw/EBJ
fKe2hTolpFtARiBe5yZFPvGAVu3+NDt4ph4B6ParTnTqPI/sWtuNCdAajwvR+bJf
6rjZ/uS75wI91gauaOhxdB3n734LXLucnCaPDN316B90thaYY1oPo7LRIGRfAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU1QagpwiStVA7tqsUM6RzXV1rtGIwHwYDVR0j
BBgwFoAU8avZQp86czZoysaYwROp40PJmz4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjUzNmExZTQtM2JmMC00MzUyLTkwNjEtNjY2OTRkMmJj
YmQzLzAvRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0M0M5OUIzRS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9GMUFCRDk0MjlGM0E3MzM2NjhDQUM2OThD
MTEzQTlFMzQzQzk5QjNFLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mNTM2YTFlNC0zYmYwLTQzNTItOTA2MS02NjY5NGQyYmNiZDMvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM2MzUzNDYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzUzNjM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKgdUx2VKMA0GCSqGSIb3DQEBCwUAA4IBAQB8
6xJorNvgkbc2lLtuXDK/LSBp5Y+T0b8g678DubX5mteyIX1VE0wO8l52P6Gkr08f
AItAm/JtSxmVxKau/H4bIHP4LlYUqDv6uWa+B6g477WWVbbiZGIMXdhFrQLyiAxp
VVSIZCJhJo/ovpygkT04CvKgl5x3HkHb/RwZFpSSCsOf/lk9R22cY3zwi2cqMjqC
6WLIynJ6Moln6GDlCyW4/f+inRtJDmxhSaOaw8tnf5qpWrjKDTHVjvXQIvr4V9QX
8namHPleNzM232rOM8ywFwLAvJfsidEQ75XvNIj3XIEpNHLvNmfVYcyMdMdoDWQ3
TTFfJZGRzDs6o9pgLB4f
-----END CERTIFICATE-----
Generated at Mon Oct 21 19:13:57 2024 by rpki-client on console-fra.rpki-client.org