Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60234.roa
File: AS60234.roa (raw, json)
Hash identifier: Kgd60cV3r5ylfwZba6rvSgbGNhPcf/wRs2LxnDpPoJA=
Subject key identifier: CA:75:00:A7:EC:01:26:96:8B:3C:24:82:D1:56:FC:57:D8:1A:96:07
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 62FC6876485E153EB518D3EB836A81292FBC8844
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60234.roa
Signing time: Wed 20 Dec 2023 16:22:16 +0000
ROA not before: Wed 20 Dec 2023 16:17:16 +0000
ROA not after: Wed 18 Dec 2024 16:22:16 +0000
asID: 60234
IP address blocks: 2a13:df80:f400::/38 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:fc:68:76:48:5e:15:3e:b5:18:d3:eb:83:6a:81:29:2f:bc:88:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: Dec 20 16:17:16 2023 GMT
Not After : Dec 18 16:22:16 2024 GMT
Subject: CN=CA7500A7EC0126968B3C2482D156FC57D81A9607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ef:f9:dd:f0:c7:6c:9e:3f:4a:f4:01:72:00:
d2:b9:5e:3e:cc:d6:e3:2f:1b:a3:44:19:dd:50:9f:
4b:97:01:4a:53:f8:8b:62:3f:3f:63:23:9a:0b:45:
65:68:f9:23:c5:b6:25:12:f0:2e:3d:3d:f1:fe:03:
a0:58:fc:2c:b3:ad:72:00:6e:2c:a3:83:d3:5f:c8:
d3:00:29:54:74:3a:22:28:7b:12:3f:ed:cb:2d:e3:
d2:36:28:61:00:42:bf:e0:42:a4:35:ac:1b:13:4c:
bb:04:dd:d3:d1:d2:c9:96:1e:7f:b5:d3:f6:0a:40:
69:bd:14:50:f4:b5:02:39:30:25:a7:70:b4:0a:6b:
27:5d:37:ec:c1:ab:ad:62:a4:1f:cd:b0:c9:cb:f4:
6b:34:59:3f:89:8b:33:a5:17:54:fa:12:b2:6c:31:
77:03:38:f2:43:19:aa:1c:cc:f4:a7:30:33:37:7c:
16:a2:28:8c:24:34:95:cf:91:e8:0c:b8:66:12:e9:
9a:df:19:7d:e6:ef:7a:76:b4:65:d1:3f:10:12:66:
b5:22:e5:03:30:39:54:7a:59:24:13:05:25:a9:1d:
42:f6:ae:24:ce:fe:13:79:5f:91:ca:e5:30:fc:95:
cf:5d:1d:10:7e:f7:9b:49:e9:99:85:4e:15:19:29:
f0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:75:00:A7:EC:01:26:96:8B:3C:24:82:D1:56:FC:57:D8:1A:96:07
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80:f400::/38
Signature Algorithm: sha256WithRSAEncryption
46:25:db:ed:4b:29:68:9a:b5:09:86:a6:f8:d5:84:dc:53:7e:
3b:43:47:b4:e7:8f:40:48:8d:e9:14:50:a0:73:3e:d1:cf:4f:
e3:6e:fd:07:40:7b:7a:e0:d7:9f:eb:8e:ac:3c:00:88:6e:e8:
32:5e:64:35:25:ca:34:4a:e5:14:db:1a:5a:b8:a3:4b:2f:34:
2b:bf:8f:c0:bb:cd:33:84:30:d1:e9:99:61:58:06:ef:a6:45:
25:04:94:1e:73:ad:19:04:0d:68:72:4c:09:08:51:77:06:91:
e9:09:63:7d:6a:3f:ac:2a:cc:2a:4f:49:0a:95:dc:ad:44:89:
fb:e5:c9:0e:91:a0:07:2c:90:aa:60:8f:43:e5:b6:31:9b:4c:
ce:7f:ad:92:3d:4a:f4:42:55:3e:16:ba:12:4a:0a:46:ab:2a:
74:b7:60:3d:ae:90:c5:7b:8d:e7:e6:a6:77:7d:45:56:92:44:
87:60:f5:d5:87:fe:6f:f2:24:8c:6d:bc:20:fd:38:5f:9c:31:
0a:7f:93:6d:93:31:75:fa:6a:83:cb:36:65:49:32:5c:b0:f7:
fa:26:f6:0e:69:50:d7:5d:1e:bd:35:17:11:0d:68:89:40:87:
86:52:49:66:5d:74:f5:a3:d4:af:4f:5c:fa:f7:b1:ae:fa:5d:
dc:20:10:02
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUYvxodkheFT61GNPrg2qBKS+8iEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yMzEyMjAxNjE3MTZaFw0yNDEyMTgxNjIyMTZaMDMxMTAvBgNV
BAMTKENBNzUwMEE3RUMwMTI2OTY4QjNDMjQ4MkQxNTZGQzU3RDgxQTk2MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX7/nd8Mdsnj9K9AFyANK5Xj7M
1uMvG6NEGd1Qn0uXAUpT+ItiPz9jI5oLRWVo+SPFtiUS8C49PfH+A6BY/CyzrXIA
biyjg9NfyNMAKVR0OiIoexI/7cst49I2KGEAQr/gQqQ1rBsTTLsE3dPR0smWHn+1
0/YKQGm9FFD0tQI5MCWncLQKayddN+zBq61ipB/NsMnL9Gs0WT+JizOlF1T6ErJs
MXcDOPJDGaoczPSnMDM3fBaiKIwkNJXPkegMuGYS6ZrfGX3m73p2tGXRPxASZrUi
5QMwOVR6WSQTBSWpHUL2riTO/hN5X5HK5TD8lc9dHRB+95tJ6ZmFThUZKfCxAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUynUAp+wBJpaLPCSC0Vb8V9galgcwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNjAyMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgIqE9+A
9DANBgkqhkiG9w0BAQsFAAOCAQEARiXb7UspaJq1CYam+NWE3FN+O0NHtOePQEiN
6RRQoHM+0c9P4279B0B7euDXn+uOrDwAiG7oMl5kNSXKNErlFNsaWrijSy80K7+P
wLvNM4Qw0emZYVgG76ZFJQSUHnOtGQQNaHJMCQhRdwaR6QljfWo/rCrMKk9JCpXc
rUSJ++XJDpGgByyQqmCPQ+W2MZtMzn+tkj1K9EJVPha6EkoKRqsqdLdgPa6QxXuN
5+amd31FVpJEh2D11Yf+b/IkjG28IP04X5wxCn+TbZMxdfpqg8s2ZUkyXLD3+ib2
DmlQ110evTUXEQ1oiUCHhlJJZl109aPUr09c+vexrvpd3CAQAg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:03:00 2025 by rpki-client