Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa
File: 326130313a3666303a3a2f33322d3332203d3e203432333636.roa (raw, json)
Hash identifier: bHEujDyrsWoh4WqmhOYm5KW+l4VMKd5NM/MoYX8I5vk=
Subject key identifier: AE:D4:21:FA:73:A3:44:5B:E7:7F:10:F7:41:F8:B5:35:90:5E:2E:99
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3EE13B2019E63973D8C88CE06AF3F918D37636E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa
Signing time: Mon 27 Jan 2025 09:45:22 +0000
ROA not before: Mon 27 Jan 2025 09:40:22 +0000
ROA not after: Mon 26 Jan 2026 09:45:22 +0000
asID: 42366
IP address blocks: 2a01:6f0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:e1:3b:20:19:e6:39:73:d8:c8:8c:e0:6a:f3:f9:18:d3:76:36:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:22 2025 GMT
Not After : Jan 26 09:45:22 2026 GMT
Subject: CN=AED421FA73A3445BE77F10F741F8B535905E2E99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:09:71:f5:aa:7f:22:02:e1:62:98:71:1f:da:
3b:45:be:ca:06:4d:d6:2d:67:d4:ff:60:02:cb:06:
d8:71:c6:ce:f9:39:81:b0:40:a5:d0:98:f2:50:60:
a3:1a:5d:0d:2c:0a:3d:da:08:90:c5:e1:2b:7d:d9:
83:09:fb:3d:96:f9:16:96:2a:ec:9f:93:fa:75:b6:
88:44:1b:63:1f:4b:71:01:bb:dd:38:60:69:c5:71:
01:02:8f:63:a3:1c:c5:5f:96:86:91:d0:4d:d3:4d:
37:4e:a4:52:90:ae:51:4d:d4:69:3a:b2:5a:b6:70:
1f:32:ec:03:ef:28:07:37:e9:6c:86:ca:40:c3:25:
06:d3:61:75:19:32:e7:df:ab:45:97:90:96:bb:f1:
aa:bc:83:22:f1:63:d0:fb:b2:14:3e:3e:d3:75:f3:
2a:b4:41:1b:ff:87:cc:31:fa:f6:26:53:b3:4c:ef:
66:ad:0b:ee:d4:ea:3a:68:97:4b:de:ac:30:75:1b:
3f:df:f1:35:19:26:c6:71:8c:f5:8e:bd:ac:14:0b:
95:ab:a8:a6:39:ee:d2:f1:b5:ce:0a:6e:0a:23:b2:
26:82:e4:81:db:06:8a:55:a7:f9:86:38:cb:c2:da:
75:39:e7:13:3a:f6:67:37:02:20:50:af:2c:c6:f4:
72:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:D4:21:FA:73:A3:44:5B:E7:7F:10:F7:41:F8:B5:35:90:5E:2E:99
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0::/32
Signature Algorithm: sha256WithRSAEncryption
23:ca:b3:08:e8:d3:6b:b1:d0:4d:78:72:6b:0a:92:ac:15:8d:
64:b4:b7:1c:7e:1c:d1:3c:e8:c8:07:62:89:8a:da:9a:74:f5:
13:4c:05:eb:bd:a0:a9:6c:31:ab:8a:08:be:69:98:d3:de:c6:
94:07:86:77:48:3b:fb:31:ab:64:bd:5b:98:ee:8d:77:21:86:
e9:48:0b:e1:c8:c8:55:82:73:f1:d6:25:f3:65:e4:d4:6c:e1:
c0:f9:7d:f3:35:e8:a3:1c:8e:9b:df:79:c6:7e:b5:12:1c:23:
0e:99:17:e2:b7:41:62:78:4d:af:4d:90:06:44:95:a3:62:a4:
b9:64:3c:1d:30:73:c9:ed:f9:a8:37:28:17:56:fb:c3:3b:c1:
0f:12:84:f2:45:bb:2d:2d:0a:f2:0a:d9:3d:a1:98:be:97:9a:
71:9a:45:6d:c2:cf:74:b0:0f:30:98:05:7d:b3:74:d1:a3:4a:
51:a8:67:3d:dc:aa:76:83:58:57:67:86:02:9b:a0:90:7a:a4:
11:9c:69:4c:84:89:6e:aa:ed:a9:0d:e2:a2:23:97:d6:69:ce:
24:c9:24:c9:fa:ed:94:8b:f2:0c:c3:2d:fa:95:15:e1:9d:ad:
b4:d0:8a:66:ec:4b:91:2f:02:11:b8:b3:82:c8:ab:fd:6e:8c:
9d:d1:47:03
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIUPuE7IBnmOXPYyIzgavP5GNN2NugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjJaFw0yNjAxMjYwOTQ1MjJaMDMxMTAvBgNV
BAMTKEFFRDQyMUZBNzNBMzQ0NUJFNzdGMTBGNzQxRjhCNTM1OTA1RTJFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpCXH1qn8iAuFimHEf2jtFvsoG
TdYtZ9T/YALLBthxxs75OYGwQKXQmPJQYKMaXQ0sCj3aCJDF4St92YMJ+z2W+RaW
Kuyfk/p1tohEG2MfS3EBu904YGnFcQECj2OjHMVfloaR0E3TTTdOpFKQrlFN1Gk6
slq2cB8y7APvKAc36WyGykDDJQbTYXUZMuffq0WXkJa78aq8gyLxY9D7shQ+PtN1
8yq0QRv/h8wx+vYmU7NM72atC+7U6jpol0verDB1Gz/f8TUZJsZxjPWOvawUC5Wr
qKY57tLxtc4KbgojsiaC5IHbBopVp/mGOMvC2nU55xM69mc3AiBQryzG9HIXAgMB
AAGjggI6MIICNjAdBgNVHQ4EFgQUrtQh+nOjRFvnfxD3Qfi1NZBeLpkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
M2EyZjMzMzIyZDMzMzIyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqAQbw
MA0GCSqGSIb3DQEBCwUAA4IBAQAjyrMI6NNrsdBNeHJrCpKsFY1ktLccfhzRPOjI
B2KJitqadPUTTAXrvaCpbDGrigi+aZjT3saUB4Z3SDv7MatkvVuY7o13IYbpSAvh
yMhVgnPx1iXzZeTUbOHA+X3zNeijHI6b33nGfrUSHCMOmRfit0FieE2vTZAGRJWj
YqS5ZDwdMHPJ7fmoNygXVvvDO8EPEoTyRbstLQryCtk9oZi+l5pxmkVtws90sA8w
mAV9s3TRo0pRqGc93Kp2g1hXZ4YCm6CQeqQRnGlMhIluqu2pDeKiI5fWac4kySTJ
+u2Ui/IMwy36lRXhna200Ipm7EuRLwIRuLOCyKv9boyd0UcD
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:13:22 2025 by rpki-client