Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS3209.roa
File: AS3209.roa (raw, json)
Hash identifier: UFd4ib+zHTSSZ49d/9pexZs2Quzezw6feEP/RXUwqsY=
Subject key identifier: E9:74:7E:46:B2:8A:AA:A1:16:84:97:2D:60:FF:12:7C:08:4C:89:94
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 0372B30E942914B4F766FB0BA64ADA5E5AE7AF9F
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS3209.roa
Signing time: Wed 20 Dec 2023 16:21:44 +0000
ROA not before: Wed 20 Dec 2023 16:16:44 +0000
ROA not after: Wed 18 Dec 2024 16:21:44 +0000
asID: 3209
IP address blocks: 2a13:df80:1137::/48 maxlen: 48
2a13:df80:1196::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:72:b3:0e:94:29:14:b4:f7:66:fb:0b:a6:4a:da:5e:5a:e7:af:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:16:44 2023 GMT
Not After : Dec 18 16:21:44 2024 GMT
Subject: CN=E9747E46B28AAAA11684972D60FF127C084C8994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f4:fd:39:4a:1e:16:45:ed:36:3e:6c:28:0a:
ce:77:c8:9c:11:80:5a:8e:df:32:5e:be:6b:8c:b4:
c0:98:17:fb:5b:6d:95:d2:b8:b3:1e:f7:4c:b9:1c:
cd:af:a8:ab:b1:d5:1a:8f:b2:60:e1:b4:d2:9b:b9:
9b:c6:73:17:71:79:3c:1b:15:9a:5f:a5:b7:4a:e5:
d6:d3:b5:b7:82:83:4f:e1:89:a4:f5:a8:f8:cd:c0:
1b:6e:67:6c:32:5d:57:09:06:23:ca:49:0d:59:6e:
cc:f7:88:d5:a9:a5:a8:a3:da:b5:a1:e0:2c:09:19:
c2:f7:63:da:80:fc:6d:a6:21:b4:26:b8:c2:f1:17:
ed:de:e6:02:ae:01:c8:30:e9:01:08:0f:82:2c:92:
94:0f:cf:0b:0f:e9:c4:dc:2d:90:12:0d:a7:d8:6c:
09:b2:e2:1a:c4:25:86:b7:bf:d4:9e:93:a3:77:5d:
65:54:28:67:ba:74:ff:73:dd:38:7a:a7:77:a0:1f:
9c:5f:2b:08:82:3d:78:96:e2:1c:cf:c2:6a:05:6d:
22:cc:fb:87:b9:07:b8:22:ba:c3:cd:29:e4:5c:f4:
c6:8a:14:89:7f:2a:85:d7:bb:8c:22:24:f3:a0:3e:
88:09:8d:72:00:0a:81:27:36:8c:54:1d:b8:9f:03:
b8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:74:7E:46:B2:8A:AA:A1:16:84:97:2D:60:FF:12:7C:08:4C:89:94
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS3209.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:1137::/48
2a13:df80:1196::/48
Signature Algorithm: sha256WithRSAEncryption
22:07:f2:21:ad:7f:d1:bb:2b:31:b3:11:7b:ef:f0:3c:7f:4b:
64:17:80:dd:c3:65:10:ed:51:75:77:35:f4:3b:35:4b:c8:2f:
70:16:6c:8d:ea:a7:94:8d:e3:b4:84:fe:66:2d:c9:73:5e:e5:
43:b8:0f:2d:ba:46:d2:9c:59:ec:d2:fb:6a:b3:60:f0:1c:70:
c1:f8:a1:e7:53:0a:14:be:66:dc:62:45:44:ac:64:14:3b:13:
79:ab:03:81:ed:5d:e2:1e:10:0a:9e:c8:f3:a8:c2:8c:fc:71:
90:d6:a3:4f:19:05:ad:93:84:fe:06:69:6e:ae:89:97:1d:5a:
43:6b:6e:c4:38:d0:e8:18:0d:6c:98:4f:19:60:a1:46:ec:5d:
89:ae:a5:3d:51:0e:46:e1:d1:d5:fe:e6:ca:9b:ec:80:ae:90:
0c:5e:44:cb:8f:d4:60:92:15:87:6c:92:63:c2:76:af:f8:4d:
15:d6:4b:ea:2f:63:7a:28:ce:a9:15:82:30:98:bb:6b:cf:b8:
0b:f3:c6:f1:29:1b:24:95:90:71:d8:76:93:f2:6f:e6:0d:a0:
8e:0c:d5:4a:13:ca:70:a4:c6:a1:29:e0:c4:b6:59:2c:7b:fa:
9d:e4:b3:b1:22:ef:3d:0d:4c:15:da:0e:b2:01:2a:59:d2:83:
3a:3a:39:e6
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIUA3KzDpQpFLT3ZvsLpkraXlrnr58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE2NDRaFw0yNDEyMTgxNjIxNDRaMDMxMTAvBgNV
BAMTKEU5NzQ3RTQ2QjI4QUFBQTExNjg0OTcyRDYwRkYxMjdDMDg0Qzg5OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi9P05Sh4WRe02PmwoCs53yJwR
gFqO3zJevmuMtMCYF/tbbZXSuLMe90y5HM2vqKux1RqPsmDhtNKbuZvGcxdxeTwb
FZpfpbdK5dbTtbeCg0/hiaT1qPjNwBtuZ2wyXVcJBiPKSQ1Zbsz3iNWppaij2rWh
4CwJGcL3Y9qA/G2mIbQmuMLxF+3e5gKuAcgw6QEID4IskpQPzwsP6cTcLZASDafY
bAmy4hrEJYa3v9Sek6N3XWVUKGe6dP9z3Th6p3egH5xfKwiCPXiW4hzPwmoFbSLM
+4e5B7giusPNKeRc9MaKFIl/KoXXu4wiJPOgPogJjXIACoEnNoxUHbifA7gHAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQU6XR+RrKKqqEWhJctYP8SfAhMiZQwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTMzIwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAIwEgMHACoT34AR
NwMHACoT34ARljANBgkqhkiG9w0BAQsFAAOCAQEAIgfyIa1/0bsrMbMRe+/wPH9L
ZBeA3cNlEO1RdXc19Ds1S8gvcBZsjeqnlI3jtIT+Zi3Jc17lQ7gPLbpG0pxZ7NL7
arNg8Bxwwfih51MKFL5m3GJFRKxkFDsTeasDge1d4h4QCp7I86jCjPxxkNajTxkF
rZOE/gZpbq6Jlx1aQ2tuxDjQ6BgNbJhPGWChRuxdia6lPVEORuHR1f7mypvsgK6Q
DF5Ey4/UYJIVh2ySY8J2r/hNFdZL6i9jeijOqRWCMJi7a8+4C/PG8SkbJJWQcdh2
k/Jv5g2gjgzVShPKcKTGoSngxLZZLHv6neSzsSLvPQ1MFdoOsgEqWdKDOjo55g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org