Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203868.roa
File: AS203868.roa (raw, json)
Hash identifier: HXj/GEVPHiD5sq5HDJYrKa332gHYxWMN6dqsGtPDhkY=
Subject key identifier: 3A:92:22:D8:78:EF:45:65:85:F7:34:F2:F3:C2:FC:EF:22:7A:3B:4E
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 37016DCF24FC8A4DAD54A815948F51C10988EF6C
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203868.roa
Signing time: Mon 08 Apr 2024 20:12:20 +0000
ROA not before: Mon 08 Apr 2024 20:07:20 +0000
ROA not after: Mon 07 Apr 2025 20:12:20 +0000
asID: 203868
IP address blocks: 2a13:df80:7d30::/44 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:01:6d:cf:24:fc:8a:4d:ad:54:a8:15:94:8f:51:c1:09:88:ef:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 8 20:07:20 2024 GMT
Not After : Apr 7 20:12:20 2025 GMT
Subject: CN=3A9222D878EF456585F734F2F3C2FCEF227A3B4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:78:e4:23:88:15:23:86:82:c6:8d:3c:c0:
e2:49:7c:2c:4e:3a:1e:a4:5f:72:bb:b1:bd:3a:f7:
81:0b:a2:07:42:2a:95:94:ec:03:c6:6e:d4:4f:b6:
62:f2:1a:24:a5:b7:7c:55:9a:7a:e2:e0:3b:e1:a0:
fd:4b:f2:78:bd:e5:e2:f7:92:90:cb:49:fc:51:e2:
89:a9:9b:71:b7:14:11:e5:e6:b8:21:65:0d:d4:f0:
a8:89:ba:f2:86:7f:f1:96:8a:9a:b4:d8:a3:9e:19:
97:b5:e2:cc:40:ad:e4:5e:b5:8c:4c:7f:73:dc:a7:
ad:a9:01:b7:32:84:9a:fe:33:29:e8:84:44:4d:12:
da:20:be:0d:d7:ef:31:a5:83:39:cc:c8:bc:ab:c2:
ac:b8:f7:22:f8:d8:40:20:3a:8a:08:e4:37:b9:95:
2a:49:0b:12:b7:4c:8a:bf:92:a9:40:d5:be:30:05:
ae:fe:1d:8c:96:f1:8f:84:f9:4b:a1:94:20:d0:b2:
f1:db:85:e6:5a:47:e5:75:32:c7:cc:09:4b:fe:4d:
fc:64:bd:e1:c7:c1:0b:2c:ff:9a:fa:a5:56:bb:0a:
58:40:f4:07:be:86:1f:69:5c:57:25:c6:eb:7d:c8:
fd:58:37:5a:c0:b6:cd:16:65:29:3a:f3:e2:f7:54:
d4:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:22:D8:78:EF:45:65:85:F7:34:F2:F3:C2:FC:EF:22:7A:3B:4E
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS203868.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:7d30::/44
Signature Algorithm: sha256WithRSAEncryption
8e:ac:3a:d9:0f:8c:90:48:b6:f1:d9:c5:4f:15:ad:ef:f6:b6:
c4:b7:22:da:ef:5a:1c:f8:a8:61:f0:bf:b1:f3:65:ff:a1:44:
2b:56:3d:73:10:b1:3d:1d:7e:43:a7:79:a8:da:1c:e1:d3:90:
48:b5:b8:c6:9a:38:59:a1:1c:92:fe:f3:f9:da:fe:34:66:8f:
8d:dd:ec:3b:9e:de:d6:55:70:36:2a:16:14:e1:33:ef:5a:17:
79:26:95:42:97:7b:38:a5:4e:b0:f8:7d:98:2b:9d:ab:de:19:
8c:97:ff:d9:ee:82:94:0b:11:fb:8b:48:23:7c:1d:2f:46:7a:
e8:bf:e4:f6:49:70:92:ab:29:01:31:0e:aa:3d:9d:63:ef:ff:
9f:dd:5e:ff:e6:04:fe:b2:8a:05:c2:a3:25:4d:43:fe:6b:73:
6a:ad:07:b7:32:b9:43:d9:bc:96:30:cd:c9:f0:bb:21:c0:df:
43:43:fc:26:36:7d:3b:ff:6e:1a:43:22:dc:18:3b:b3:d4:43:
c9:3a:8e:eb:60:f5:6e:10:e5:46:e7:8e:53:f9:86:e5:76:61:
3f:15:a3:6c:fb:3b:ce:b4:b2:1a:b9:b3:34:05:45:c3:5d:ae:
e9:0e:e2:60:39:22:a0:f5:29:78:96:c3:74:8c:c6:d1:3a:68:
fa:06:64:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUNwFtzyT8ik2tVKgVlI9RwQmI72wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDgyMDA3MjBaFw0yNTA0MDcyMDEyMjBaMDMxMTAvBgNV
BAMTKDNBOTIyMkQ4NzhFRjQ1NjU4NUY3MzRGMkYzQzJGQ0VGMjI3QTNCNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrVHjkI4gVI4aCxo08wOJJfCxO
Oh6kX3K7sb0694ELogdCKpWU7APGbtRPtmLyGiSlt3xVmnri4DvhoP1L8ni95eL3
kpDLSfxR4ompm3G3FBHl5rghZQ3U8KiJuvKGf/GWipq02KOeGZe14sxAreRetYxM
f3Pcp62pAbcyhJr+MynohERNEtogvg3X7zGlgznMyLyrwqy49yL42EAgOooI5De5
lSpJCxK3TIq/kqlA1b4wBa7+HYyW8Y+E+UuhlCDQsvHbheZaR+V1MsfMCUv+Tfxk
veHHwQss/5r6pVa7ClhA9Ae+hh9pXFclxut9yP1YN1rAts0WZSk68+L3VNRFAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUOpIi2HjvRWWF9zTy88L87yJ6O04wHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMjAzODY4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhPf
gH0wMA0GCSqGSIb3DQEBCwUAA4IBAQCOrDrZD4yQSLbx2cVPFa3v9rbEtyLa71oc
+Khh8L+x82X/oUQrVj1zELE9HX5Dp3mo2hzh05BItbjGmjhZoRyS/vP52v40Zo+N
3ew7nt7WVXA2KhYU4TPvWhd5JpVCl3s4pU6w+H2YK52r3hmMl//Z7oKUCxH7i0gj
fB0vRnrov+T2SXCSqykBMQ6qPZ1j7/+f3V7/5gT+sooFwqMlTUP+a3NqrQe3MrlD
2byWMM3J8LshwN9DQ/wmNn07/24aQyLcGDuz1EPJOo7rYPVuEOVG545T+YbldmE/
FaNs+zvOtLIaubM0BUXDXa7pDuJgOSKg9Sl4lsN0jMbROmj6BmTj
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:02:18 2025 by rpki-client