Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f34302d3430203d3e203432333636.roa
File: 326130313a3666303a3a2f34302d3430203d3e203432333636.roa (raw, json)
Hash identifier: s6n/Ka4wrxMcfxB+/L9bmyAl6KKyj2o6GufsswWrDmQ=
Subject key identifier: A4:76:78:BB:73:57:80:F1:BC:E6:DF:85:90:2B:C6:60:7F:E1:6A:34
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79BAFA7ECBC9D89AE1DA8F35079FC287129748A8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f34302d3430203d3e203432333636.roa
Signing time: Mon 27 Jan 2025 09:45:03 +0000
ROA not before: Mon 27 Jan 2025 09:40:03 +0000
ROA not after: Mon 26 Jan 2026 09:45:03 +0000
asID: 42366
IP address blocks: 2a01:6f0::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:ba:fa:7e:cb:c9:d8:9a:e1:da:8f:35:07:9f:c2:87:12:97:48:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:03 2025 GMT
Not After : Jan 26 09:45:03 2026 GMT
Subject: CN=A47678BB735780F1BCE6DF85902BC6607FE16A34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:cc:88:f5:38:f8:2e:c7:c3:44:08:fc:83:a4:
50:9d:6a:9d:c8:d8:b1:4a:f1:6a:65:59:63:c4:a4:
9b:9f:0a:f9:81:a3:73:b8:8e:c7:3f:59:04:cc:c6:
2e:e1:58:37:c1:4b:a1:89:de:70:75:4d:13:14:fc:
c6:e3:35:66:4a:b8:c5:c1:50:99:39:5d:dc:2f:99:
d6:ef:f1:84:bb:72:ef:2f:d9:91:c4:13:01:64:48:
f7:db:3b:b3:05:49:16:c1:19:e3:4a:07:88:5f:e1:
db:e2:f2:e8:0f:9f:30:a3:12:12:7b:2e:ae:06:5f:
e9:30:f3:5b:67:5e:bb:1c:76:9c:88:38:61:7d:f8:
2c:1f:50:4e:fd:fb:1f:10:e4:f7:5a:ba:bd:ff:15:
27:34:04:aa:b0:ff:03:91:99:53:38:2b:56:53:c0:
7a:85:38:65:62:a5:49:01:60:65:f6:0e:55:eb:bb:
f3:f4:f5:8f:de:2c:a8:36:52:f2:fa:19:57:89:39:
6d:84:9b:a8:01:06:fb:a0:16:41:0a:92:39:4e:80:
b0:90:f0:b2:45:0a:c6:72:9a:60:d6:70:35:5d:be:
06:80:f3:f9:12:3e:92:98:7a:20:54:b4:e4:87:e8:
6f:a0:f0:d7:c1:7a:26:ed:be:4d:b9:5e:54:80:68:
8c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:76:78:BB:73:57:80:F1:BC:E6:DF:85:90:2B:C6:60:7F:E1:6A:34
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f34302d3430203d3e203432333636.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:6f0::/40
Signature Algorithm: sha256WithRSAEncryption
08:7b:48:97:8d:dc:73:cf:6e:d7:56:68:cc:2c:76:f8:e7:70:
9b:b5:9f:08:71:89:c7:99:70:30:2f:a7:f6:ac:55:b2:9d:b0:
6a:bd:28:0d:dd:07:aa:67:ff:db:a4:69:c2:8e:4a:40:ce:ba:
78:db:5c:3f:6b:b0:0c:e4:28:bd:73:2e:57:14:9a:bf:8f:c8:
d2:43:d2:03:c3:65:3a:ce:0e:2d:65:89:94:b8:fb:19:c2:22:
60:39:12:23:7a:da:2c:cd:83:66:4a:c8:ab:d6:5e:e7:4c:9e:
af:14:3f:23:b9:ef:06:d8:64:24:99:c8:02:54:49:f6:98:70:
72:c1:db:0e:c4:1b:73:a8:35:09:90:ff:94:db:c9:e0:5f:f5:
42:87:f2:5f:83:39:22:50:2a:ac:2d:ed:01:c0:2e:50:b1:95:
30:35:26:08:80:d3:f2:a4:ba:a6:5e:a3:ab:a1:4a:35:ad:81:
b4:92:aa:53:a3:39:39:c0:70:6a:c2:50:97:8e:d2:23:5c:81:
57:34:ca:10:ce:f6:2b:b2:ff:d5:14:60:11:5b:97:6a:7e:6d:
17:c7:c5:96:4e:1c:f4:ca:0a:26:69:b9:9d:00:09:d9:42:e4:
52:3f:41:15:67:ab:77:96:85:d6:03:67:ab:94:c3:9b:a1:1c:
48:bd:8a:39
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUebr6fsvJ2Jrh2o81B5/ChxKXSKgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDNaFw0yNjAxMjYwOTQ1MDNaMDMxMTAvBgNV
BAMTKEE0NzY3OEJCNzM1NzgwRjFCQ0U2REY4NTkwMkJDNjYwN0ZFMTZBMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0zIj1OPgux8NECPyDpFCdap3I
2LFK8WplWWPEpJufCvmBo3O4jsc/WQTMxi7hWDfBS6GJ3nB1TRMU/MbjNWZKuMXB
UJk5Xdwvmdbv8YS7cu8v2ZHEEwFkSPfbO7MFSRbBGeNKB4hf4dvi8ugPnzCjEhJ7
Lq4GX+kw81tnXrscdpyIOGF9+CwfUE79+x8Q5Pdaur3/FSc0BKqw/wORmVM4K1ZT
wHqFOGVipUkBYGX2DlXru/P09Y/eLKg2UvL6GVeJOW2Em6gBBvugFkEKkjlOgLCQ
8LJFCsZymmDWcDVdvgaA8/kSPpKYeiBUtOSH6G+g8NfBeibtvk25XlSAaIzrAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpHZ4u3NXgPG85t+FkCvGYH/hajQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh
M2EyZjM0MzAyZDM0MzAyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqAQbw
ADANBgkqhkiG9w0BAQsFAAOCAQEACHtIl43cc89u11ZozCx2+Odwm7WfCHGJx5lw
MC+n9qxVsp2war0oDd0Hqmf/26Rpwo5KQM66eNtcP2uwDOQovXMuVxSav4/I0kPS
A8NlOs4OLWWJlLj7GcIiYDkSI3raLM2DZkrIq9Ze50yerxQ/I7nvBthkJJnIAlRJ
9phwcsHbDsQbc6g1CZD/lNvJ4F/1QofyX4M5IlAqrC3tAcAuULGVMDUmCIDT8qS6
pl6jq6FKNa2BtJKqU6M5OcBwasJQl47SI1yBVzTKEM72K7L/1RRgEVuXan5tF8fF
lk4c9MoKJmm5nQAJ2ULkUj9BFWerd5aF1gNnq5TDm6EcSL2KOQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:13:48 2025 by rpki-client