Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062333a3a2f34382d3438203d3e203437323732.roa
File: 326131313a323963303a393062333a3a2f34382d3438203d3e203437323732.roa (raw, json)
Hash identifier: Na7sHS9Ok9ZdlXMT+WTfvuk+Jig/BHvXuf2q4MbaXN4=
Subject key identifier: 88:FC:BA:DD:AE:D2:59:23:84:A8:2D:38:AB:D0:34:67:2D:66:08:2F
Certificate issuer: /CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Certificate serial: 06094FC459DA1CE2471D5BFE77BEC9F4EBB02215
Authority key identifier: D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062333a3a2f34382d3438203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 10:57:29 +0000
ROA not before: Sun 26 Nov 2023 10:52:29 +0000
ROA not after: Sun 24 Nov 2024 10:57:29 +0000
asID: 47272
IP address blocks: 2a11:29c0:90b3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:09:4f:c4:59:da:1c:e2:47:1d:5b:fe:77:be:c9:f4:eb:b0:22:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D398429B497D38DBEC7EF14848B74ED6DAE1E2ED
Validity
Not Before: Nov 26 10:52:29 2023 GMT
Not After : Nov 24 10:57:29 2024 GMT
Subject: CN=88FCBADDAED2592384A82D38ABD034672D66082F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:c4:04:34:98:35:ca:23:17:e6:d4:3a:fc:
1d:c7:9a:51:57:d7:43:5d:ca:2a:b0:75:9a:b0:21:
22:d9:23:4b:05:f7:e9:59:b9:e1:c4:e1:a8:39:23:
c7:78:e0:cf:7a:4b:f8:c4:51:26:b8:ac:9c:b0:b3:
2d:d3:8e:d7:2e:0d:44:e3:0b:50:70:d9:1e:97:13:
63:fa:59:8c:21:61:86:32:21:21:c4:3f:97:ed:bb:
14:1f:c4:f9:d5:a7:5a:51:5f:87:35:e2:cb:6a:e6:
04:7c:8a:e0:de:90:08:d4:71:14:d2:21:18:be:31:
49:f5:c4:80:9d:34:2e:60:e0:4e:f8:d4:5e:e7:9d:
4b:96:48:21:38:e4:a3:c1:b7:7b:c6:95:a1:39:c5:
16:c7:71:2c:bf:80:2f:e9:9c:01:1f:0a:f6:75:f8:
ed:42:29:15:78:07:22:3b:66:aa:14:9b:7e:a2:41:
4a:2b:1b:de:27:c5:b3:37:3a:04:7a:a0:d0:c4:3e:
1c:19:e5:73:ca:fe:3a:0e:34:97:55:9d:dd:4b:43:
1b:1f:ca:1c:4c:25:a8:da:47:30:0f:b4:cc:cf:c7:
92:f6:06:3f:4a:09:b0:b8:69:d1:88:96:a6:60:bd:
7c:bf:f1:43:e5:26:21:50:9d:7f:8c:4a:93:7f:53:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FC:BA:DD:AE:D2:59:23:84:A8:2D:38:AB:D0:34:67:2D:66:08:2F
X509v3 Authority Key Identifier:
keyid:D3:98:42:9B:49:7D:38:DB:EC:7E:F1:48:48:B7:4E:D6:DA:E1:E2:ED
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/D398429B497D38DBEC7EF14848B74ED6DAE1E2ED.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/37658aec-0d40-490e-bb63-343e46c3a17a/2/326131313a323963303a393062333a3a2f34382d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:90b3::/48
Signature Algorithm: sha256WithRSAEncryption
98:fb:22:af:b5:11:0b:f3:7e:05:38:d1:fc:a6:50:59:5d:ad:
84:f5:88:40:2d:e7:49:b2:28:03:4d:7b:a2:e8:ca:9d:57:68:
ff:3a:73:12:5e:29:06:66:6d:db:ed:57:da:fe:e6:d9:a9:d2:
73:29:9c:11:1b:f0:45:88:8b:08:88:12:d0:cf:13:59:1d:43:
14:70:bf:6a:c4:a2:02:dd:9e:38:c5:4c:03:d4:b4:75:71:19:
86:9f:cc:fb:0b:2a:00:41:17:32:db:9b:74:6e:b6:ca:6d:50:
9c:e6:b8:6b:c7:5c:89:9e:75:50:51:a5:fe:7b:93:49:e3:62:
81:42:b8:4a:ec:cf:78:9d:ed:6a:6a:78:5b:66:75:5e:c6:8e:
c1:3a:a9:23:be:ae:0f:da:27:41:9e:cb:c1:f2:4e:82:26:a7:
96:da:fb:a3:82:a8:0d:47:5d:b5:73:7e:cc:e8:ad:05:b6:a2:
af:7b:04:50:af:30:50:d5:85:3f:12:5a:33:6f:88:8f:ec:54:
50:77:d8:84:83:af:9e:5d:b1:ab:4f:6c:e0:b7:4a:51:68:2e:
50:82:f8:7d:1c:dd:c2:03:56:29:86:91:17:3a:be:a1:fd:2d:
a3:b3:e6:6c:81:9d:f9:5a:ba:34:0a:04:ae:f6:4c:a9:41:dc:
6b:25:f7:08
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUBglPxFnaHOJHHVv+d77J9OuwIhUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZE
QUUxRTJFRDAeFw0yMzExMjYxMDUyMjlaFw0yNDExMjQxMDU3MjlaMDMxMTAvBgNV
BAMTKDg4RkNCQUREQUVEMjU5MjM4NEE4MkQzOEFCRDAzNDY3MkQ2NjA4MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrPcQENJg1yiMX5tQ6/B3HmlFX
10NdyiqwdZqwISLZI0sF9+lZueHE4ag5I8d44M96S/jEUSa4rJywsy3TjtcuDUTj
C1Bw2R6XE2P6WYwhYYYyISHEP5ftuxQfxPnVp1pRX4c14stq5gR8iuDekAjUcRTS
IRi+MUn1xICdNC5g4E741F7nnUuWSCE45KPBt3vGlaE5xRbHcSy/gC/pnAEfCvZ1
+O1CKRV4ByI7ZqoUm36iQUorG94nxbM3OgR6oNDEPhwZ5XPK/joONJdVnd1LQxsf
yhxMJajaRzAPtMzPx5L2Bj9KCbC4adGIlqZgvXy/8UPlJiFQnX+MSpN/U+0ZAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUiPy63a7SWSOEqC04q9A0Zy1mCC8wHwYDVR0j
BBgwFoAU05hCm0l9ONvsfvFISLdO1trh4u0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzc2NThhZWMtMGQ0MC00OTBlLWJiNjMtMzQzZTQ2YzNh
MTdhLzIvRDM5ODQyOUI0OTdEMzhEQkVDN0VGMTQ4NDhCNzRFRDZEQUUxRTJFRC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9EMzk4NDI5QjQ5N0QzOERCRUM3RUYxNDg0
OEI3NEVENkRBRTFFMkVELmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zNzY1OGFlYy0wZDQwLTQ5MGUtYmI2My0zNDNlNDZjM2ExN2EvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzA2MjMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoRKcCQszANBgkqhkiG9w0BAQsFAAOCAQEAmPsi
r7URC/N+BTjR/KZQWV2thPWIQC3nSbIoA017oujKnVdo/zpzEl4pBmZt2+1X2v7m
2anScymcERvwRYiLCIgS0M8TWR1DFHC/asSiAt2eOMVMA9S0dXEZhp/M+wsqAEEX
MtubdG62ym1QnOa4a8dciZ51UFGl/nuTSeNigUK4SuzPeJ3tamp4W2Z1XsaOwTqp
I76uD9onQZ7LwfJOgianltr7o4KoDUddtXN+zOitBbair3sEUK8wUNWFPxJaM2+I
j+xUUHfYhIOvnl2xq09s4LdKUWguUIL4fRzdwgNWKYaRFzq+of0to7PmbIGd+Vq6
NAoErvZMqUHcayX3CA==
-----END CERTIFICATE-----
Generated at Thu May 8 17:07:44 2025 by rpki-client