Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60858.roa
File: AS60858.roa (raw, json)
Hash identifier: 42A/yA+zNTZW/C3O/3XhAsD0AXhrv8pCTQfS9jnjxbU=
Subject key identifier: 62:B8:45:28:5A:D2:A7:35:B3:5D:DB:55:87:DD:D0:65:1C:28:4C:B1
Certificate issuer: /CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Certificate serial: 290E37111476FFE69F1E048EC7BB842EDE385753
Authority key identifier: D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60858.roa
Signing time: Wed 01 May 2024 23:33:21 +0000
ROA not before: Wed 01 May 2024 23:28:21 +0000
ROA not after: Wed 30 Apr 2025 23:33:21 +0000
asID: 60858
IP address blocks: 2a13:df80::/29 maxlen: 48
2a13:df80:54::/48 maxlen: 48
2a13:df80:c0::/44 maxlen: 44
2a13:df87:1000::/36 maxlen: 36
2a13:df87:3000::/36 maxlen: 36
2a13:df87:4000::/48 maxlen: 48
2a13:df87:4002::/48 maxlen: 48
2a13:df87:4004::/48 maxlen: 48
2a13:df87:4005::/48 maxlen: 48
2a13:df87:b402::/48 maxlen: 48
2a13:df87:b40a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:0e:37:11:14:76:ff:e6:9f:1e:04:8e:c7:bb:84:2e:de:38:57:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5c3d5e70fc9ad10ba90d45dc66454e9e3a146a8
Validity
Not Before: May 1 23:28:21 2024 GMT
Not After : Apr 30 23:33:21 2025 GMT
Subject: CN=62B845285AD2A735B35DDB5587DDD0651C284CB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7a:a3:41:0c:10:5f:e8:2f:de:ab:08:b3:0c:
ce:b4:08:26:68:17:db:35:c9:26:68:4a:ef:61:46:
9a:47:24:66:98:59:c2:9b:f4:03:ef:a1:eb:14:7a:
97:e4:73:ac:23:30:18:10:24:4b:38:0c:31:12:94:
af:65:4d:92:3b:bc:de:40:63:fc:45:a4:ce:51:a1:
c2:60:17:54:dd:57:61:c6:d9:7d:01:86:2b:2e:da:
35:bd:6b:c8:75:04:6e:54:02:10:bc:4c:02:6c:0f:
ed:2a:63:10:a8:4a:0e:af:8d:2d:75:3f:46:24:5c:
17:3d:2a:36:2d:93:7c:58:92:7b:2e:a9:d4:3e:5e:
fd:e2:0a:dd:05:b9:a0:15:19:a5:78:3a:1a:51:c3:
f5:b5:cd:14:c2:12:18:c9:b7:96:dd:09:46:08:81:
d1:9e:f1:8e:7d:c1:11:b5:e3:5c:5a:55:d7:cb:4d:
09:b5:93:50:f0:41:aa:f5:2b:4a:2e:89:b3:3f:ec:
1d:ab:63:22:c6:d2:4a:df:58:45:bf:50:67:14:b2:
06:ad:a6:9f:0f:77:15:89:5c:03:24:1a:3d:eb:9b:
fc:b4:ca:ba:6f:3d:97:e9:3c:b1:f4:0d:1e:62:da:
b4:83:87:c6:07:fb:a0:eb:70:ee:71:5f:4d:93:ca:
55:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B8:45:28:5A:D2:A7:35:B3:5D:DB:55:87:DD:D0:65:1C:28:4C:B1
X509v3 Authority Key Identifier:
keyid:D5:C3:D5:E7:0F:C9:AD:10:BA:90:D4:5D:C6:64:54:E9:E3:A1:46:A8
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/D5C3D5E70FC9AD10BA90D45DC66454E9E3A146A8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1cPV5w_JrRC6kNRdxmRU6eOhRqg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/04032c8f-1d57-4c3b-9043-a0e7febf167d/0/AS60858.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:df80::/29
Signature Algorithm: sha256WithRSAEncryption
c6:98:e5:8e:66:21:a6:7f:f4:11:b7:dc:7d:68:af:7d:84:27:
e8:31:fc:b5:a4:81:be:e9:33:24:da:c5:78:c0:aa:6c:27:91:
82:92:0c:3f:e4:0b:8d:dd:07:b0:e8:60:74:12:db:b3:51:e8:
db:36:98:d0:7d:6a:7c:9c:12:12:4c:0c:d2:72:69:f8:38:d1:
55:f4:2d:54:f2:71:90:74:07:bc:f7:70:ff:f0:7b:87:78:07:
31:f0:17:5d:fe:56:bc:4b:80:51:2b:49:35:3c:41:79:79:95:
33:1d:57:03:fd:fc:e3:ee:99:d8:fa:12:73:39:ad:11:fa:8f:
38:31:ec:00:0a:92:e2:81:33:a5:4b:f4:1b:8d:c3:1a:6d:e6:
4a:ed:07:dd:4c:d9:bf:41:f6:ee:98:a8:44:3b:8b:b2:43:7b:
65:03:bd:47:21:11:69:96:50:81:82:45:e6:98:2a:b5:07:da:
0d:e1:e7:75:a1:43:e1:f6:3f:81:53:4d:3c:08:dd:62:c2:f6:
5e:8c:ba:e3:41:73:cb:df:1d:61:f6:34:c6:d6:c6:2a:74:90:
f1:c2:88:71:a0:5c:d5:0b:48:d3:ae:26:0a:d8:42:0e:6f:14:
8b:eb:e5:f9:78:88:cc:b4:63:bd:f5:63:d0:a3:04:09:22:53:
3e:bc:f8:0b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUKQ43ERR2/+afHgSOx7uELt44V1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDVjM2Q1ZTcwZmM5YWQxMGJhOTBkNDVkYzY2NDU0ZTll
M2ExNDZhODAeFw0yNDA1MDEyMzI4MjFaFw0yNTA0MzAyMzMzMjFaMDMxMTAvBgNV
BAMTKDYyQjg0NTI4NUFEMkE3MzVCMzVEREI1NTg3REREMDY1MUMyODRDQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWeqNBDBBf6C/eqwizDM60CCZo
F9s1ySZoSu9hRppHJGaYWcKb9APvoesUepfkc6wjMBgQJEs4DDESlK9lTZI7vN5A
Y/xFpM5RocJgF1TdV2HG2X0Bhisu2jW9a8h1BG5UAhC8TAJsD+0qYxCoSg6vjS11
P0YkXBc9KjYtk3xYknsuqdQ+Xv3iCt0FuaAVGaV4OhpRw/W1zRTCEhjJt5bdCUYI
gdGe8Y59wRG141xaVdfLTQm1k1DwQar1K0ouibM/7B2rYyLG0krfWEW/UGcUsgat
pp8PdxWJXAMkGj3rm/y0yrpvPZfpPLH0DR5i2rSDh8YH+6DrcO5xX02TylW9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUYrhFKFrSpzWzXdtVh93QZRwoTLEwHwYDVR0j
BBgwFoAU1cPV5w/JrRC6kNRdxmRU6eOhRqgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDQwMzJjOGYtMWQ1Ny00YzNiLTkwNDMtYTBlN2ZlYmYx
NjdkLzAvRDVDM0Q1RTcwRkM5QUQxMEJBOTBENDVEQzY2NDU0RTlFM0ExNDZBOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzFjUFY1d19KclJDNmtOUmR4bVJVNmVP
aFJxZy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA0MDMyYzhmLTFkNTct
NGMzYi05MDQzLWEwZTdmZWJmMTY3ZC8wL0FTNjA4NTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQMqE9+A
MA0GCSqGSIb3DQEBCwUAA4IBAQDGmOWOZiGmf/QRt9x9aK99hCfoMfy1pIG+6TMk
2sV4wKpsJ5GCkgw/5AuN3Qew6GB0EtuzUejbNpjQfWp8nBISTAzScmn4ONFV9C1U
8nGQdAe893D/8HuHeAcx8Bdd/la8S4BRK0k1PEF5eZUzHVcD/fzj7pnY+hJzOa0R
+o84MewACpLigTOlS/QbjcMabeZK7QfdTNm/QfbumKhEO4uyQ3tlA71HIRFpllCB
gkXmmCq1B9oN4ed1oUPh9j+BU008CN1iwvZejLrjQXPL3x1h9jTG1sYqdJDxwohx
oFzVC0jTriYK2EIObxSL6+X5eIjMtGO99WPQowQJIlM+vPgL
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:29 2025 by rpki-client