Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS215039.roa
File: AS215039.roa (raw, json)
Hash identifier: bE12fEbimFfm1LpsduDEI9QQLW5dKnlMiFIU3ZpT9xo=
Subject key identifier: 33:D1:38:78:19:FE:04:9B:F6:D9:A5:08:C4:2B:9E:FC:03:B8:37:59
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 45FFE80C1EBC81C46DCC682C91137A78A220C8B6
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS215039.roa
Signing time: Sat 04 Jan 2025 13:26:59 +0000
ROA not before: Sat 04 Jan 2025 13:21:59 +0000
ROA not after: Sat 03 Jan 2026 13:26:59 +0000
asID: 215039
IP address blocks: 2a0a:6044:ac50::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:ff:e8:0c:1e:bc:81:c4:6d:cc:68:2c:91:13:7a:78:a2:20:c8:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jan 4 13:21:59 2025 GMT
Not After : Jan 3 13:26:59 2026 GMT
Subject: CN=33D1387819FE049BF6D9A508C42B9EFC03B83759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e1:24:73:15:57:11:d7:74:cb:a1:27:f4:f0:
01:f7:5a:4a:5e:5b:30:67:b6:bf:ba:f2:2d:d8:fc:
df:00:83:7a:75:40:fd:e7:27:17:31:d4:dc:46:db:
42:45:15:9b:54:fe:9c:84:7b:4f:b0:7a:38:09:4a:
b6:47:ea:10:30:b6:36:9d:de:f4:40:10:6a:62:ac:
d3:33:d1:b1:03:72:7c:8b:a5:2d:2a:30:11:63:7d:
67:57:26:76:70:ab:13:4b:b1:27:e4:7b:16:2f:7f:
96:07:86:da:2c:24:16:34:01:33:0b:de:d6:37:36:
99:0e:6d:48:db:00:16:df:a2:87:26:18:1d:01:10:
e2:e2:f0:a2:45:bc:de:cc:28:8c:5d:b8:b0:27:37:
6e:b0:c5:d3:78:8b:f5:32:94:8f:e4:5b:50:51:b9:
b7:bb:3a:95:ec:ce:be:a0:90:5e:c8:90:53:0e:49:
be:81:8a:02:9b:e4:85:e0:60:a9:0a:c6:6a:10:ab:
e4:49:df:5b:f8:44:41:80:b7:e9:fe:ee:44:eb:87:
44:95:9d:96:29:94:fd:80:b2:be:62:9c:27:db:83:
bc:86:94:45:ae:83:fc:5f:d3:95:4d:59:b1:0a:bc:
9b:68:cb:bb:29:45:92:ed:6f:51:db:39:9e:12:e2:
bf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D1:38:78:19:FE:04:9B:F6:D9:A5:08:C4:2B:9E:FC:03:B8:37:59
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS215039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:6044:ac50::/44
Signature Algorithm: sha256WithRSAEncryption
35:4f:08:aa:1d:d2:1f:a6:ba:ab:7b:d3:e7:66:53:1c:22:d2:
a5:fc:b5:04:86:85:2f:f9:12:e0:b4:aa:d5:87:d7:3a:1b:8d:
6a:a4:dd:81:11:64:95:a6:ba:9d:3f:ff:97:85:d2:cc:e3:89:
f0:93:cf:e1:ad:6e:69:51:4a:80:3c:02:b3:78:9c:11:0e:8d:
40:fe:c5:93:4f:c8:92:90:d6:ae:77:00:10:a5:d4:b3:02:9e:
0d:28:1d:62:34:ae:8f:5d:32:bb:08:bd:a0:1f:95:ca:47:41:
b2:b5:7b:97:d7:60:2e:e8:ef:5f:e5:24:23:7b:55:39:65:1e:
41:3f:30:cf:23:fa:ab:9d:a5:8c:11:fb:a4:f2:ca:52:d2:d2:
29:3a:f2:91:05:da:a5:53:61:63:be:1a:8f:e4:8c:84:45:78:
00:87:c9:36:d0:1c:2c:52:ac:78:e8:87:49:c8:11:6f:99:2b:
8e:6f:d7:da:25:5a:23:7d:f3:d9:2e:a0:a1:79:37:6d:69:2f:
e2:34:18:42:be:3d:1d:4a:6e:4f:00:1d:59:07:a1:fb:6c:25:
85:e4:01:bc:ac:84:6c:69:c4:79:00:75:2a:33:dd:32:df:21:
d1:be:63:f5:bd:1d:4c:a8:be:a1:52:71:25:af:65:fb:44:77:
aa:8c:24:4e
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURf/oDB68gcRtzGgskRN6eKIgyLYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNTAxMDQxMzIxNTlaFw0yNjAxMDMxMzI2NTlaMDMxMTAvBgNV
BAMTKDMzRDEzODc4MTlGRTA0OUJGNkQ5QTUwOEM0MkI5RUZDMDNCODM3NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk4SRzFVcR13TLoSf08AH3Wkpe
WzBntr+68i3Y/N8Ag3p1QP3nJxcx1NxG20JFFZtU/pyEe0+wejgJSrZH6hAwtjad
3vRAEGpirNMz0bEDcnyLpS0qMBFjfWdXJnZwqxNLsSfkexYvf5YHhtosJBY0ATML
3tY3NpkObUjbABbfoocmGB0BEOLi8KJFvN7MKIxduLAnN26wxdN4i/UylI/kW1BR
ube7OpXszr6gkF7IkFMOSb6BigKb5IXgYKkKxmoQq+RJ31v4REGAt+n+7kTrh0SV
nZYplP2Asr5inCfbg7yGlEWug/xf05VNWbEKvJtoy7spRZLtb1HbOZ4S4r+rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUM9E4eBn+BJv22aUIxCue/AO4N1kwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYt
NDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC8wL0FTMjE1MDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgpg
RKxQMA0GCSqGSIb3DQEBCwUAA4IBAQA1TwiqHdIfprqre9PnZlMcItKl/LUEhoUv
+RLgtKrVh9c6G41qpN2BEWSVprqdP/+XhdLM44nwk8/hrW5pUUqAPAKzeJwRDo1A
/sWTT8iSkNaudwAQpdSzAp4NKB1iNK6PXTK7CL2gH5XKR0GytXuX12Au6O9f5SQj
e1U5ZR5BPzDPI/qrnaWMEfuk8spS0tIpOvKRBdqlU2FjvhqP5IyERXgAh8k20Bws
Uqx46IdJyBFvmSuOb9faJVojffPZLqCheTdtaS/iNBhCvj0dSm5PAB1ZB6H7bCWF
5AG8rIRsacR5AHUqM90y3yHRvmP1vR1MqL6hUnElr2X7RHeqjCRO
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:35 2025 by rpki-client