Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/0/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
File: 323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa (raw, json)
Hash identifier: n7zi8erDwVkaEAccTf7AgcxyPGv2dh/rzzppLzmNaTU=
Subject key identifier: 40:A1:C5:19:97:F7:C2:28:B9:4A:3D:7D:11:9B:57:F8:E5:28:DE:7D
Certificate issuer: /CN=75d2e4bdf4befc82ac938ecc346f0b3216597523
Certificate serial: 3DA18FC21BAE7100E54A38D2091E8DD51D055877
Authority key identifier: 75:D2:E4:BD:F4:BE:FC:82:AC:93:8E:CC:34:6F:0B:32:16:59:75:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddLkvfS-_IKsk47MNG8LMhZZdSM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/0/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
Signing time: Fri 07 Feb 2025 11:39:41 +0000
ROA not before: Fri 07 Feb 2025 11:34:41 +0000
ROA not after: Fri 06 Feb 2026 11:39:41 +0000
asID: 47272
IP address blocks: 2001:67c:d84::/48 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:a1:8f:c2:1b:ae:71:00:e5:4a:38:d2:09:1e:8d:d5:1d:05:58:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75d2e4bdf4befc82ac938ecc346f0b3216597523
Validity
Not Before: Feb 7 11:34:41 2025 GMT
Not After : Feb 6 11:39:41 2026 GMT
Subject: CN=40A1C51997F7C228B94A3D7D119B57F8E528DE7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:2d:ae:9e:af:47:d8:0e:cd:8e:05:68:0e:
e3:77:4c:06:bf:b4:12:04:7b:ba:56:e0:d5:f1:8a:
31:71:45:39:c0:80:97:4e:38:a3:c4:49:c0:9c:a9:
04:cf:11:e0:a2:28:c5:0c:05:0b:8a:1e:d7:92:c3:
f0:17:6b:b1:a9:4c:c8:80:66:fc:90:3b:d2:4e:4b:
52:79:af:f8:6d:0f:46:98:51:24:39:8c:63:cb:bc:
a3:0b:79:d5:c3:eb:34:9e:6a:84:dc:eb:c0:fc:08:
43:33:9a:09:46:a4:0a:fc:b5:d7:c2:2e:bf:e0:33:
a7:e8:e6:d5:68:c7:24:d7:fc:90:e2:c7:32:dd:16:
62:7b:68:c1:28:a7:3a:b8:dd:36:58:1a:5f:99:b3:
10:12:10:73:34:24:60:52:ea:22:df:e2:f0:d2:d7:
b7:90:be:b4:5c:dc:98:72:4c:7c:0e:15:90:31:88:
a6:cb:52:e0:47:49:aa:18:e7:9a:34:81:0d:87:d0:
f4:2f:fe:e9:fe:25:97:7a:79:bf:08:a8:2b:20:da:
f1:63:f8:5c:ae:b7:8a:dc:47:0c:2c:26:f3:c1:ef:
41:8f:4e:87:5b:66:11:52:93:ac:23:c8:21:d5:be:
2b:a2:a2:9f:be:3f:7f:75:38:8d:59:c8:83:f8:4d:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A1:C5:19:97:F7:C2:28:B9:4A:3D:7D:11:9B:57:F8:E5:28:DE:7D
X509v3 Authority Key Identifier:
keyid:75:D2:E4:BD:F4:BE:FC:82:AC:93:8E:CC:34:6F:0B:32:16:59:75:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/0/75D2E4BDF4BEFC82AC938ECC346F0B3216597523.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddLkvfS-_IKsk47MNG8LMhZZdSM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/0/323030313a3637633a6438343a3a2f34382d313238203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:d84::/48
Signature Algorithm: sha256WithRSAEncryption
3b:a0:5f:e9:43:c6:6e:70:47:01:19:48:f4:60:d4:4b:bd:e2:
f5:86:c0:00:32:10:04:e0:a2:09:3b:c8:c6:a4:b9:1b:5d:56:
53:ff:0b:8e:dd:99:21:12:54:19:3d:e4:d5:6b:ad:4c:3f:c2:
8e:65:db:36:89:84:89:26:23:5a:27:d8:6c:62:fb:a6:72:b7:
b5:df:be:0a:85:92:77:96:02:c4:f0:ae:9b:aa:88:12:78:24:
e8:aa:1e:21:f7:b8:a5:03:96:65:1d:58:0a:10:74:d4:3b:b9:
67:a0:77:2a:5c:5b:58:20:8f:9d:32:01:e7:8d:11:02:ed:3e:
88:f2:24:15:2b:93:a8:ea:ce:d9:b8:ef:34:a4:a3:28:7b:4f:
a0:27:c2:74:88:fc:70:71:7f:b4:46:e0:58:85:c5:a0:8d:ed:
a8:92:4b:30:89:3b:d5:df:c8:11:ab:c7:18:a5:f2:ed:3d:c2:
dc:fd:f3:23:93:36:45:a6:38:df:42:55:0e:85:86:b9:e2:18:
b7:df:cb:c7:9e:93:8f:06:c5:8a:99:cb:33:a7:2d:fb:50:7e:
41:9f:19:40:57:44:7b:e1:65:e2:c7:38:79:fc:83:1c:46:2e:
ef:34:28:3d:44:f8:86:9f:c8:81:f9:f4:53:ad:df:78:d3:37:
90:f3:6e:ca
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPaGPwhuucQDlSjjSCR6N1R0FWHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzVkMmU0YmRmNGJlZmM4MmFjOTM4ZWNjMzQ2ZjBiMzIx
NjU5NzUyMzAeFw0yNTAyMDcxMTM0NDFaFw0yNjAyMDYxMTM5NDFaMDMxMTAvBgNV
BAMTKDQwQTFDNTE5OTdGN0MyMjhCOTRBM0Q3RDExOUI1N0Y4RTUyOERFN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl3S2unq9H2A7NjgVoDuN3TAa/
tBIEe7pW4NXxijFxRTnAgJdOOKPEScCcqQTPEeCiKMUMBQuKHteSw/AXa7GpTMiA
ZvyQO9JOS1J5r/htD0aYUSQ5jGPLvKMLedXD6zSeaoTc68D8CEMzmglGpAr8tdfC
Lr/gM6fo5tVoxyTX/JDixzLdFmJ7aMEopzq43TZYGl+ZsxASEHM0JGBS6iLf4vDS
17eQvrRc3JhyTHwOFZAxiKbLUuBHSaoY55o0gQ2H0PQv/un+JZd6eb8IqCsg2vFj
+Fyut4rcRwwsJvPB70GPTodbZhFSk6wjyCHVviuiop++P391OI1ZyIP4Tf0ZAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUQKHFGZf3wii5Sj19EZtX+OUo3n0wHwYDVR0j
BBgwFoAUddLkvfS+/IKsk47MNG8LMhZZdSMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzAvNzVEMkU0QkRGNEJFRkM4MkFDOTM4RUNDMzQ2RjBCMzIxNjU5NzUyMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2RkTGt2ZlMtX0lLc2s0N01ORzhMTWha
WmRTTS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZjc5NDg3Mzgt
MzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5OTVkLzAvMzIzMDMwMzEzYTM2Mzc2MzNh
NjQzODM0M2EzYTJmMzQzODJkMzEzMjM4MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAIAEGfA2EMA0GCSqGSIb3DQEBCwUAA4IBAQA7oF/pQ8ZucEcBGUj0YNRL
veL1hsAAMhAE4KIJO8jGpLkbXVZT/wuO3ZkhElQZPeTVa61MP8KOZds2iYSJJiNa
J9hsYvumcre1374KhZJ3lgLE8K6bqogSeCToqh4h97ilA5ZlHVgKEHTUO7lnoHcq
XFtYII+dMgHnjREC7T6I8iQVK5Oo6s7ZuO80pKMoe0+gJ8J0iPxwcX+0RuBYhcWg
je2okkswiTvV38gRq8cYpfLtPcLc/fMjkzZFpjjfQlUOhYa54hi338vHnpOPBsWK
mcszpy37UH5BnxlAV0R74WXixzh5/IMcRi7vNCg9RPiGn8iB+fRTrd940zeQ827K
-----END CERTIFICATE-----
Generated at Thu Apr 3 07:11:55 2025 by rpki-client