Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS57870.roa
File: AS57870.roa (raw, json)
Hash identifier: jQ5JQJFKAzd28jF1TWNHi5uDLO6i8RXP/h/60cX3NHs=
Subject key identifier: BB:F5:25:D5:E4:E6:1A:09:44:AB:75:A2:93:70:54:BB:37:3B:AA:30
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 3FF1180D1D93AD7B6880B10A781F52094D05A53A
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS57870.roa
Signing time: Tue 02 Apr 2024 18:23:49 +0000
ROA not before: Tue 02 Apr 2024 18:18:49 +0000
ROA not after: Tue 01 Apr 2025 18:23:49 +0000
asID: 57870
IP address blocks: 2a13:df82:b00b::/48 maxlen: 48
2a13:df83:b00b::/48 maxlen: 48
2a13:df84:b00b::/48 maxlen: 48
2a13:df85:bb00::/40 maxlen: 48
2a13:df87:b00b::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:f1:18:0d:1d:93:ad:7b:68:80:b1:0a:78:1f:52:09:4d:05:a5:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Apr 2 18:18:49 2024 GMT
Not After : Apr 1 18:23:49 2025 GMT
Subject: CN=BBF525D5E4E61A0944AB75A2937054BB373BAA30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e8:5a:91:bd:2f:88:5f:15:ec:cb:5c:c2:9b:
35:fc:d0:a3:16:cd:11:10:75:0c:8d:47:76:7c:d0:
83:1b:7a:ef:c3:7f:61:57:9f:2f:48:64:97:08:a0:
68:c7:bd:05:c3:be:7e:c9:6f:e9:51:c5:6c:f5:2f:
55:5a:13:aa:de:1c:ed:e5:d0:c1:3b:35:2f:63:2f:
c7:29:6e:b9:d9:6f:c3:67:f9:7f:91:61:38:f1:71:
c8:54:1c:d0:ef:55:e0:8f:9f:3b:b5:c6:0a:f9:86:
c9:85:a2:08:2f:33:99:b0:b4:e0:d7:1b:21:23:7b:
87:89:49:42:41:f9:1c:59:31:1f:43:c0:48:22:6d:
cc:52:15:73:05:61:7c:53:79:18:13:82:35:22:43:
c3:2c:81:49:6e:4e:49:f4:72:9a:9c:3d:be:22:b7:
e0:d0:8e:64:27:67:3d:35:46:47:10:33:9e:54:9f:
94:e5:88:24:91:47:c8:7a:29:83:98:3e:26:b5:e3:
2d:4d:a2:6a:43:39:20:5f:16:a5:40:56:19:d4:f2:
4a:64:f1:f7:43:a0:8d:3e:48:f5:c8:5c:63:53:f0:
60:21:f8:3f:15:0e:4c:4e:94:50:c5:11:01:ff:3a:
86:56:c3:27:dc:53:45:e7:33:a8:34:68:29:7d:fc:
cb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:F5:25:D5:E4:E6:1A:09:44:AB:75:A2:93:70:54:BB:37:3B:AA:30
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS57870.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df82:b00b::/48
2a13:df83:b00b::/48
2a13:df84:b00b::/48
2a13:df85:bb00::/40
2a13:df87:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
00:6f:26:97:af:0a:e8:de:80:f9:91:24:4a:1c:19:7f:be:14:
35:b9:34:9b:9e:95:85:8e:ee:e9:60:4d:e2:c9:68:d1:45:47:
c1:66:ea:03:9e:53:27:e0:12:9c:b6:5b:2a:9b:36:d3:c3:ce:
bc:84:b6:52:89:82:46:fa:a5:83:b7:c5:1a:c6:5f:d2:80:3e:
c8:0e:ff:d8:91:a4:74:1e:ce:ba:1c:11:f2:aa:a5:80:59:0a:
eb:06:9d:68:c1:10:65:17:7d:dd:7e:c2:8a:4e:79:3d:a6:56:
b1:fb:4a:55:52:ed:ef:07:8d:ad:1a:42:0e:f3:a1:83:53:c0:
83:25:b5:89:67:af:06:7a:93:57:48:84:c8:7a:d9:a7:d5:ca:
26:1b:0e:43:12:e0:dd:7a:f7:be:c2:62:83:9d:4a:a2:d4:d1:
d7:a7:b3:ff:35:50:87:96:c4:0b:d6:58:fd:7b:ee:3a:87:71:
d1:06:fb:f4:d5:2f:49:54:b1:b0:96:c5:af:93:8e:a9:70:a8:
37:9a:08:f4:ae:ad:95:a2:cb:56:a0:fb:5b:18:ae:d9:ba:87:
c2:a7:80:d6:4f:3d:87:82:3e:52:03:32:e8:e0:16:cc:28:93:
5c:61:18:74:9e:fb:a3:c2:71:5b:7e:cb:cf:12:ab:f5:2e:6a:
d9:41:a3:f9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIUP/EYDR2TrXtogLEKeB9SCU0FpTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA0MDIxODE4NDlaFw0yNTA0MDExODIzNDlaMDMxMTAvBgNV
BAMTKEJCRjUyNUQ1RTRFNjFBMDk0NEFCNzVBMjkzNzA1NEJCMzczQkFBMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC56FqRvS+IXxXsy1zCmzX80KMW
zREQdQyNR3Z80IMbeu/Df2FXny9IZJcIoGjHvQXDvn7Jb+lRxWz1L1VaE6reHO3l
0ME7NS9jL8cpbrnZb8Nn+X+RYTjxcchUHNDvVeCPnzu1xgr5hsmFoggvM5mwtODX
GyEje4eJSUJB+RxZMR9DwEgibcxSFXMFYXxTeRgTgjUiQ8MsgUluTkn0cpqcPb4i
t+DQjmQnZz01RkcQM55Un5TliCSRR8h6KYOYPia14y1NompDOSBfFqVAVhnU8kpk
8fdDoI0+SPXIXGNT8GAh+D8VDkxOlFDFEQH/OoZWwyfcU0XnM6g0aCl9/MsLAgMB
AAGjggIvMIICKzAdBgNVHQ4EFgQUu/Ul1eTmGglEq3Wik3BUuzc7qjAwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNTc4NzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgACMCwDBwAqE9+C
sAsDBwAqE9+DsAsDBwAqE9+EsAsDBgAqE9+FuwMHACoT34ewCzANBgkqhkiG9w0B
AQsFAAOCAQEAAG8ml68K6N6A+ZEkShwZf74UNbk0m56VhY7u6WBN4slo0UVHwWbq
A55TJ+ASnLZbKps208POvIS2UomCRvqlg7fFGsZf0oA+yA7/2JGkdB7OuhwR8qql
gFkK6wadaMEQZRd93X7Cik55PaZWsftKVVLt7weNrRpCDvOhg1PAgyW1iWevBnqT
V0iEyHrZp9XKJhsOQxLg3Xr3vsJig51KotTR16ez/zVQh5bEC9ZY/XvuOodx0Qb7
9NUvSVSxsJbFr5OOqXCoN5oI9K6tlaLLVqD7Wxiu2bqHwqeA1k89h4I+UgMy6OAW
zCiTXGEYdJ77o8JxW37LzxKr9S5q2UGj+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:53 2024 by rpki-client on console-ams.rpki-client.org