Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366130303a3a2f34302d3430203d3e20323135353232.roa
File: 326130373a353463373a366130303a3a2f34302d3430203d3e20323135353232.roa (raw, json)
Hash identifier: meVKaK5e6Rl0axgIF+OPFWXAfeIaQpGrDezkKaQe220=
Subject key identifier: 4E:9B:6E:24:DA:5C:E5:A0:77:41:C6:93:B0:56:B3:7B:05:5F:EA:92
Certificate issuer: /CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Certificate serial: 6395FCF3BEA8A7575683AE68E6C2770E0A8AB3AC
Authority key identifier: F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366130303a3a2f34302d3430203d3e20323135353232.roa
Signing time: Mon 04 Mar 2024 00:58:49 +0000
ROA not before: Mon 04 Mar 2024 00:53:49 +0000
ROA not after: Mon 03 Mar 2025 00:58:49 +0000
asID: 215522
IP address blocks: 2a07:54c7:6a00::/40 maxlen: 40
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:95:fc:f3:be:a8:a7:57:56:83:ae:68:e6:c2:77:0e:0a:8a:b3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F1ABD9429F3A733668CAC698C113A9E343C99B3E
Validity
Not Before: Mar 4 00:53:49 2024 GMT
Not After : Mar 3 00:58:49 2025 GMT
Subject: CN=4E9B6E24DA5CE5A07741C693B056B37B055FEA92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f8:37:a2:a8:34:15:dc:87:4a:ec:ca:cc:1f:
3c:ea:02:28:72:eb:2f:21:03:cf:92:55:92:7f:a7:
e7:a3:d8:07:3e:55:04:36:c7:1e:62:26:f3:77:ce:
83:ab:14:4c:11:4d:31:36:f1:3a:6f:6e:50:71:01:
2f:c4:8b:be:b4:82:13:2e:aa:01:46:9c:fa:00:c0:
78:8f:f9:2d:c3:71:94:ee:41:ab:44:a5:03:ce:a0:
5c:6a:13:e6:32:d6:e3:d0:b9:e9:b5:76:11:1b:41:
0d:f6:51:61:76:12:ab:ca:c9:a7:57:e1:f6:c1:2a:
d9:27:02:1a:38:6c:82:14:a7:ca:9e:bb:71:60:5c:
fd:9b:bc:0f:7c:9b:6a:fb:85:a5:be:8b:e0:3f:62:
9d:d7:0a:3c:a1:aa:1e:cd:b5:8f:08:c1:2b:0f:6a:
dd:c0:76:ff:8a:1d:fd:a6:e9:27:7f:91:12:81:9c:
76:06:f5:bd:15:c8:c9:b0:64:90:ba:ee:fe:06:81:
d0:a9:c9:60:06:10:2f:e1:a6:8a:8f:99:9d:dd:72:
6a:73:c4:69:9f:fb:48:7c:bf:96:2e:bd:b5:90:8e:
bf:b6:33:45:f7:8b:69:96:eb:94:1a:5b:8d:61:38:
75:6d:11:35:4e:59:d6:b8:e0:0a:5c:f8:12:f7:25:
60:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9B:6E:24:DA:5C:E5:A0:77:41:C6:93:B0:56:B3:7B:05:5F:EA:92
X509v3 Authority Key Identifier:
keyid:F1:AB:D9:42:9F:3A:73:36:68:CA:C6:98:C1:13:A9:E3:43:C9:9B:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/F1ABD9429F3A733668CAC698C113A9E343C99B3E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f536a1e4-3bf0-4352-9061-66694d2bcbd3/0/326130373a353463373a366130303a3a2f34302d3430203d3e20323135353232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c7:6a00::/40
Signature Algorithm: sha256WithRSAEncryption
61:2c:19:84:21:e4:4f:16:72:5e:83:70:34:80:bf:84:03:dd:
9c:df:27:e2:97:78:9c:e6:db:25:17:32:be:a4:0a:fb:c0:60:
b6:92:da:29:05:e7:40:e8:ae:0e:fc:02:28:ae:bc:c6:d1:fc:
aa:55:7d:65:21:4c:9f:a4:33:65:9e:c1:64:55:00:6f:19:95:
f2:ae:09:28:83:34:14:f8:2f:6a:09:c6:bb:84:16:b6:7d:39:
07:1c:5f:5b:a1:2d:39:7c:e6:99:0a:ab:12:67:76:6d:27:8d:
bc:74:39:f5:0a:90:21:77:35:8d:b2:02:17:0f:0a:e5:25:46:
8c:cd:16:df:30:45:0a:81:30:f6:f3:0c:7a:ee:91:ba:b5:29:
2f:14:56:44:7d:01:1a:93:c7:d6:69:d5:de:5b:4a:60:f2:ef:
80:cd:14:e4:af:3c:ed:41:e5:97:03:7d:51:8d:ae:29:92:6e:
81:2e:c9:34:be:60:bd:c8:31:6c:50:b0:ee:44:d0:e8:be:58:
97:9d:aa:9d:df:da:b5:d1:0f:9a:a5:d7:e7:9e:cf:2f:ba:44:
a4:c4:a5:3a:a7:ff:98:fb:68:75:51:7a:c6:47:36:51:60:27:
b8:96:fe:f8:d1:77:2e:8d:20:fe:4f:2b:f5:8f:39:a6:c9:13:
33:66:70:35
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUY5X8876op1dWg65o5sJ3DgqKs6wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0
M0M5OUIzRTAeFw0yNDAzMDQwMDUzNDlaFw0yNTAzMDMwMDU4NDlaMDMxMTAvBgNV
BAMTKDRFOUI2RTI0REE1Q0U1QTA3NzQxQzY5M0IwNTZCMzdCMDU1RkVBOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk+DeiqDQV3IdK7MrMHzzqAihy
6y8hA8+SVZJ/p+ej2Ac+VQQ2xx5iJvN3zoOrFEwRTTE28TpvblBxAS/Ei760ghMu
qgFGnPoAwHiP+S3DcZTuQatEpQPOoFxqE+Yy1uPQuem1dhEbQQ32UWF2EqvKyadX
4fbBKtknAho4bIIUp8qeu3FgXP2bvA98m2r7haW+i+A/Yp3XCjyhqh7NtY8IwSsP
at3Adv+KHf2m6Sd/kRKBnHYG9b0VyMmwZJC67v4GgdCpyWAGEC/hpoqPmZ3dcmpz
xGmf+0h8v5YuvbWQjr+2M0X3i2mW65QaW41hOHVtETVOWda44Apc+BL3JWDHAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUTptuJNpc5aB3QcaTsFazewVf6pIwHwYDVR0j
BBgwFoAU8avZQp86czZoysaYwROp40PJmz4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjUzNmExZTQtM2JmMC00MzUyLTkwNjEtNjY2OTRkMmJj
YmQzLzAvRjFBQkQ5NDI5RjNBNzMzNjY4Q0FDNjk4QzExM0E5RTM0M0M5OUIzRS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9hYTAwNGJhMS00MTliLTRk
YjUtYmJkMy01Y2NhNjMzY2FlM2YvMC9GMUFCRDk0MjlGM0E3MzM2NjhDQUM2OThD
MTEzQTlFMzQzQzk5QjNFLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9mNTM2YTFlNC0zYmYwLTQzNTItOTA2MS02NjY5NGQyYmNiZDMvMC8zMjYxMzAz
NzNhMzUzNDYzMzczYTM2NjEzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MTM1MzUzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdUx2owDQYJKoZIhvcNAQELBQADggEBAGEs
GYQh5E8Wcl6DcDSAv4QD3ZzfJ+KXeJzm2yUXMr6kCvvAYLaS2ikF50Dorg78Aiiu
vMbR/KpVfWUhTJ+kM2WewWRVAG8ZlfKuCSiDNBT4L2oJxruEFrZ9OQccX1uhLTl8
5pkKqxJndm0njbx0OfUKkCF3NY2yAhcPCuUlRozNFt8wRQqBMPbzDHrukbq1KS8U
VkR9ARqTx9Zp1d5bSmDy74DNFOSvPO1B5ZcDfVGNrimSboEuyTS+YL3IMWxQsO5E
0Oi+WJedqp3f2rXRD5ql1+eezy+6RKTEpTqn/5j7aHVResZHNlFgJ7iW/vjRdy6N
IP5PK/WPOabJEzNmcDU=
-----END CERTIFICATE-----
Generated at Mon Oct 21 19:13:57 2024 by rpki-client on console-fra.rpki-client.org