Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS142598.roa
File: AS142598.roa (raw, json)
Hash identifier: 0hc1PbJzjDV+zPWG7saJ4ZD4R+4cdJ0DPIdcVlQPAwo=
Subject key identifier: D5:BA:3D:2F:F5:B6:D1:38:19:95:91:6D:8B:25:64:6F:C4:FF:B8:AD
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 21ACB5BDF1B546D4FE458EB0ADAED827C88AF184
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS142598.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 142598
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:ac:b5:bd:f1:b5:46:d4:fe:45:8e:b0:ad:ae:d8:27:c8:8a:f1:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=D5BA3D2FF5B6D1381995916D8B25646FC4FFB8AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:de:c0:75:07:3d:54:99:64:fe:af:73:7c:60:
e1:be:73:15:5d:e3:9b:cf:e1:72:b1:13:43:ed:3f:
5b:c8:81:49:f6:92:9e:de:f4:f3:8c:04:b9:ae:bf:
03:4e:b4:73:3d:d6:bf:08:ba:19:08:02:1f:bf:53:
3d:47:7b:2f:b4:b4:c3:19:07:08:a1:d8:2e:02:48:
1f:cf:97:d3:ce:c5:3c:df:14:ac:ec:98:4e:28:96:
ac:30:75:31:e6:51:12:c0:78:03:ff:80:2c:61:cc:
2a:c2:2f:98:6f:24:f4:d6:99:09:4a:ee:76:e1:57:
a5:d0:65:c9:0c:56:b7:eb:20:bc:26:d2:23:d5:68:
4a:36:7b:ca:d6:f5:5a:4a:41:32:68:1f:0b:d6:9c:
27:d6:81:47:96:2e:38:34:3f:0f:59:82:20:73:d6:
b0:71:e2:a7:ca:01:0e:89:b2:82:9b:f8:9c:ec:a1:
f7:50:19:bf:0b:34:7c:c7:43:f2:57:01:9b:ad:6e:
f1:3e:90:4a:02:f2:d5:67:3f:1f:4c:a7:8a:24:78:
b3:08:34:83:94:d1:b1:ef:28:a2:ef:b5:17:0d:8e:
68:f6:b8:62:f3:cc:bc:47:7a:38:ae:03:94:a3:37:
ee:09:d4:84:42:e0:6d:f1:94:6e:a9:9b:fd:a8:40:
a4:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BA:3D:2F:F5:B6:D1:38:19:95:91:6D:8B:25:64:6F:C4:FF:B8:AD
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS142598.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
74:be:2b:e6:c9:91:a9:9b:68:4a:5b:51:49:b5:54:aa:b5:b5:
7d:8a:4b:d7:56:aa:49:d2:a0:e2:72:73:37:09:96:cb:8e:35:
b3:ba:aa:97:99:b6:39:0a:64:fd:a2:f7:f2:09:36:45:f6:c6:
40:fe:7f:8b:03:15:07:7b:f0:32:85:6f:f4:61:d0:ea:d8:db:
4f:89:38:47:aa:04:d2:f7:53:40:03:84:51:43:36:b0:19:43:
6d:a2:4b:52:b7:7a:0a:9e:7c:34:74:3e:95:1a:21:9d:cc:78:
9b:88:c9:02:7a:e2:cf:51:43:25:30:6d:93:cf:c2:de:86:aa:
15:75:f3:5b:2d:ca:93:d3:e4:dd:21:36:85:c7:24:d4:26:18:
f2:33:76:37:f9:0f:00:a3:33:58:5b:87:09:39:17:d7:4a:9f:
93:65:c7:b4:29:4d:ba:f9:c9:cc:a3:f4:b8:39:81:f9:b4:63:
e1:a9:d4:a1:53:ca:57:fd:54:0c:89:68:8c:30:bd:2a:4c:95:
2a:1d:b6:91:d4:c1:6f:00:8e:01:79:1e:7e:6f:0d:1a:2b:4e:
dc:ea:09:1e:7c:69:b2:a0:32:80:b8:dd:04:aa:27:8e:b9:08:
0a:f1:56:eb:0b:49:bd:42:17:24:88:9d:d0:01:18:c3:6e:8a:
3f:69:b8:e8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUIay1vfG1RtT+RY6wra7YJ8iK8YQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKEQ1QkEzRDJGRjVCNkQxMzgxOTk1OTE2RDhCMjU2NDZGQzRGRkI4QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3sB1Bz1UmWT+r3N8YOG+cxVd
45vP4XKxE0PtP1vIgUn2kp7e9POMBLmuvwNOtHM91r8IuhkIAh+/Uz1Hey+0tMMZ
Bwih2C4CSB/Pl9POxTzfFKzsmE4olqwwdTHmURLAeAP/gCxhzCrCL5hvJPTWmQlK
7nbhV6XQZckMVrfrILwm0iPVaEo2e8rW9VpKQTJoHwvWnCfWgUeWLjg0Pw9ZgiBz
1rBx4qfKAQ6JsoKb+JzsofdQGb8LNHzHQ/JXAZutbvE+kEoC8tVnPx9Mp4okeLMI
NIOU0bHvKKLvtRcNjmj2uGLzzLxHejiuA5SjN+4J1IRC4G3xlG6pm/2oQKTfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU1bo9L/W20TgZlZFtiyVkb8T/uK0wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTQyNTk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQB0vivmyZGpm2hKW1FJtVSqtbV9ikvXVqpJ
0qDicnM3CZbLjjWzuqqXmbY5CmT9ovfyCTZF9sZA/n+LAxUHe/AyhW/0YdDq2NtP
iThHqgTS91NAA4RRQzawGUNtoktSt3oKnnw0dD6VGiGdzHibiMkCeuLPUUMlMG2T
z8LehqoVdfNbLcqT0+TdITaFxyTUJhjyM3Y3+Q8AozNYW4cJORfXSp+TZce0KU26
+cnMo/S4OYH5tGPhqdShU8pX/VQMiWiMML0qTJUqHbaR1MFvAI4BeR5+bw0aK07c
6gkefGmyoDKAuN0EqieOuQgK8VbrC0m9QhckiJ3QARjDboo/abjo
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:11 2025 by rpki-client