Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS0.roa
File: AS0.roa (raw, json)
Hash identifier: h2OWhkjk8G7V8dvTE46C/eqvQCnZ3Rj055H82sd367w=
Subject key identifier: CB:27:DA:8C:E0:99:6E:8E:C0:B1:30:98:8F:A3:7B:20:8E:4D:CE:5D
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0C61AF40CE12D16DA78B1EF2C0E56CE562027476
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS0.roa
Signing time: Thu 02 May 2024 16:32:59 +0000
ROA not before: Thu 02 May 2024 16:27:59 +0000
ROA not after: Thu 01 May 2025 16:32:59 +0000
asID: 0
IP address blocks: 2a13:df81::/32 maxlen: 32
2a13:df84::/32 maxlen: 32
2a13:df87:2000::/36 maxlen: 36
2a13:df87:2105::/48 maxlen: 48
2a13:df87:b400::/38 maxlen: 38
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:61:af:40:ce:12:d1:6d:a7:8b:1e:f2:c0:e5:6c:e5:62:02:74:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 2 16:27:59 2024 GMT
Not After : May 1 16:32:59 2025 GMT
Subject: CN=CB27DA8CE0996E8EC0B130988FA37B208E4DCE5D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:dc:98:45:f4:0d:b8:35:61:f8:97:c1:be:
22:02:1e:28:e3:9a:b2:d1:f9:f0:b5:8f:a4:d5:3d:
47:21:a1:29:f5:26:45:0e:07:70:00:14:24:d9:33:
b8:08:dd:68:47:0f:80:f2:09:ee:5c:f5:c9:35:04:
d8:9f:40:e2:4d:f5:93:8a:fc:5d:d0:5e:0f:03:3c:
52:13:67:47:2a:86:03:44:6e:23:d6:93:be:10:fc:
5c:eb:b7:56:15:3b:72:16:bb:6a:87:bd:e1:40:be:
c0:54:1d:90:ee:98:8a:76:1d:0d:17:12:8f:2b:13:
d7:18:ad:ec:40:07:2b:68:a6:7b:9e:d3:2d:67:c2:
08:69:5b:b0:34:27:37:a7:12:9d:9a:c8:d1:6d:13:
10:01:e8:1e:16:44:86:dd:a2:18:a8:7c:09:b8:66:
23:3d:68:ed:bc:17:4a:b6:ac:f5:45:53:d1:92:f4:
01:b3:af:0c:bd:dc:de:1f:3c:84:56:f4:a9:a0:d4:
e5:46:cd:6d:df:36:fa:4c:85:19:27:41:b6:38:c9:
03:f8:65:19:c8:39:73:5b:e7:6f:8a:50:20:31:21:
fa:8b:46:32:24:f4:ca:f0:a5:bf:75:4c:db:6d:8a:
50:b4:72:28:27:a1:a2:10:8b:6f:81:7f:94:b1:7b:
6e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:27:DA:8C:E0:99:6E:8E:C0:B1:30:98:8F:A3:7B:20:8E:4D:CE:5D
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS0.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df81::/32
2a13:df84::/32
2a13:df87:2000::/36
2a13:df87:b400::/38
Signature Algorithm: sha256WithRSAEncryption
51:aa:cd:c7:fd:4a:1a:3a:da:b3:42:13:81:12:6b:eb:f1:3f:
89:0c:01:43:b7:ab:ee:2c:47:dc:ce:ca:64:76:6b:6e:45:b5:
53:b9:0d:84:47:28:02:7f:57:ef:c6:51:18:37:a1:e7:77:55:
d6:81:56:10:50:bb:da:1f:35:b8:1f:55:6c:67:95:6c:93:15:
49:cb:c9:11:3f:ba:a0:3d:9f:c9:c4:c2:f8:a1:21:39:a3:da:
ce:42:80:c5:38:49:1c:c9:82:28:1e:ab:a5:40:5f:7a:08:41:
f6:d3:79:87:91:74:bb:ce:43:04:b1:6a:d0:77:09:4e:95:fb:
ca:6d:6e:4f:1f:54:69:69:23:a7:13:ad:52:44:c8:80:d4:80:
2a:19:b4:4c:85:86:ff:e8:da:03:74:46:ea:74:a9:71:f5:ee:
42:eb:f5:0e:38:7b:b2:08:c0:82:ed:c3:5b:cf:3f:38:39:48:
53:e6:f1:82:c4:a7:cb:f1:2b:e4:fc:d5:70:95:1b:52:42:a0:
64:66:ce:36:7c:f9:86:e2:80:b4:31:5d:6b:d7:18:c6:08:0d:
cf:8f:4f:3b:ef:b6:d3:6e:6a:b6:65:ee:7c:01:d7:b5:4a:2b:
c8:bb:fb:4b:1c:e6:8a:61:ce:b0:22:8a:37:44:c8:3a:0b:a9:
95:3d:58:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUDGGvQM4S0W2nix7ywOVs5WICdHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MDIxNjI3NTlaFw0yNTA1MDExNjMyNTlaMDMxMTAvBgNV
BAMTKENCMjdEQThDRTA5OTZFOEVDMEIxMzA5ODhGQTM3QjIwOEU0RENFNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt0NyYRfQNuDVh+JfBviICHijj
mrLR+fC1j6TVPUchoSn1JkUOB3AAFCTZM7gI3WhHD4DyCe5c9ck1BNifQOJN9ZOK
/F3QXg8DPFITZ0cqhgNEbiPWk74Q/Fzrt1YVO3IWu2qHveFAvsBUHZDumIp2HQ0X
Eo8rE9cYrexABytopnue0y1nwghpW7A0JzenEp2ayNFtExAB6B4WRIbdohiofAm4
ZiM9aO28F0q2rPVFU9GS9AGzrwy93N4fPIRW9Kmg1OVGzW3fNvpMhRknQbY4yQP4
ZRnIOXNb52+KUCAxIfqLRjIk9Mrwpb91TNttilC0cignoaIQi2+Bf5Sxe24JAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUyyfajOCZbo7AsTCYj6N7II5Nzl0wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAIwHgMFACoT34EDBQAq
E9+EAwYEKhPfhyADBgIqE9+HtDANBgkqhkiG9w0BAQsFAAOCAQEAUarNx/1KGjra
s0ITgRJr6/E/iQwBQ7er7ixH3M7KZHZrbkW1U7kNhEcoAn9X78ZRGDeh53dV1oFW
EFC72h81uB9VbGeVbJMVScvJET+6oD2fycTC+KEhOaPazkKAxThJHMmCKB6rpUBf
eghB9tN5h5F0u85DBLFq0HcJTpX7ym1uTx9UaWkjpxOtUkTIgNSAKhm0TIWG/+ja
A3RG6nSpcfXuQuv1Djh7sgjAgu3DW88/ODlIU+bxgsSny/Er5PzVcJUbUkKgZGbO
Nnz5huKAtDFda9cYxggNz49PO++2025qtmXufAHXtUoryLv7SxzmimHOsCKKN0TI
OguplT1YUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:08 2024 by rpki-client on console-fra.rpki-client.org