Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS147020.roa
File: AS147020.roa (raw, json)
Hash identifier: 5n9o0m2na7Cr/bOmctDIB11UbVFeTjutkJOSRdlfIQo=
Subject key identifier: A9:4B:55:35:9C:07:39:32:26:50:13:23:9F:18:FA:C3:66:79:97:BA
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 4ECE4FE6B21AB78301FB50FB875C16C0F0886D01
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS147020.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 147020
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ce:4f:e6:b2:1a:b7:83:01:fb:50:fb:87:5c:16:c0:f0:88:6d:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=A94B55359C073932265013239F18FAC3667997BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:5f:d1:87:09:73:01:25:b7:aa:fb:03:52:
c0:bc:6e:13:e9:cf:f2:9f:bb:06:55:ca:ae:0e:32:
e4:27:79:e1:63:d8:66:50:dd:ca:88:51:5d:23:e3:
4b:a0:2a:97:3b:8d:72:7d:ed:62:c1:78:85:c9:5b:
76:7d:01:7b:e2:4a:e9:a1:71:42:7a:ba:56:a5:b0:
5a:77:0f:68:a3:0b:8c:28:bb:45:4d:b4:59:f5:a1:
74:44:ab:a0:58:f7:bf:98:5f:d5:05:ff:c1:27:1f:
5e:29:49:33:26:2f:52:ff:29:7a:1b:db:32:f8:8c:
91:44:d0:c7:a5:a3:05:36:20:7a:5f:d8:2b:4d:20:
70:14:e9:1e:4d:77:36:f1:ce:fb:90:09:17:5e:a1:
2c:6c:b9:6b:4a:45:d4:86:de:d8:69:df:22:78:98:
c9:c8:a6:a5:f0:0d:8e:96:3a:7e:ac:98:bc:fb:a1:
da:d0:87:61:13:26:0c:13:ad:d9:da:b8:0a:3f:8d:
64:c9:0e:62:6b:17:76:fe:ef:04:d8:31:be:8f:9f:
41:7b:93:e0:7e:9d:3c:8f:ab:f4:dd:32:5c:98:20:
33:33:8d:42:5a:41:9a:f9:2c:59:ca:19:70:75:f7:
d8:44:dc:bf:03:16:2a:e3:ad:03:fc:f7:fa:2c:79:
a4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4B:55:35:9C:07:39:32:26:50:13:23:9F:18:FA:C3:66:79:97:BA
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS147020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
4a:78:8d:67:97:8b:4e:a8:88:64:b9:a2:08:f2:56:fc:36:50:
55:d3:ee:af:c8:8c:91:ee:11:e6:56:33:52:7a:c5:09:a6:55:
2b:a2:98:29:17:ea:b0:45:16:78:de:3b:17:60:c5:0e:b4:c0:
1e:f3:d3:04:56:50:75:56:b1:ab:e6:0d:b2:44:4e:6f:2d:67:
4d:fe:a2:45:02:fb:bf:14:28:ad:87:18:88:d4:a3:da:7b:16:
ac:b1:73:df:ae:c9:cf:68:8a:fa:14:53:f4:14:91:a8:73:f3:
d1:ee:8d:ff:79:54:51:84:50:2c:2a:38:cb:d9:65:75:18:61:
0b:e2:ae:e7:42:bf:20:9c:7f:88:19:1a:4d:cc:5d:4d:6f:5e:
e9:8b:e3:ce:f1:1b:15:35:41:19:2c:cc:dc:6c:bb:e2:8c:13:
4f:b2:33:df:6a:b1:73:19:14:78:95:a4:55:16:2c:12:37:e4:
f2:15:1c:5c:55:c6:fc:4a:04:61:83:eb:74:11:3f:5a:b0:e2:
c6:d3:78:b6:b3:f3:b6:14:44:bb:e7:f0:7a:95:11:2d:a4:75:
2d:2f:98:65:d4:f4:7e:13:ff:1b:77:d1:72:54:ca:5f:10:72:
3e:1a:c2:d6:40:da:67:0d:6b:06:29:88:de:74:9b:63:2e:9a:
03:f1:88:b7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTs5P5rIat4MB+1D7h1wWwPCIbQEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKEE5NEI1NTM1OUMwNzM5MzIyNjUwMTMyMzlGMThGQUMzNjY3OTk3QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvwF/RhwlzASW3qvsDUsC8bhPp
z/KfuwZVyq4OMuQneeFj2GZQ3cqIUV0j40ugKpc7jXJ97WLBeIXJW3Z9AXviSumh
cUJ6ulalsFp3D2ijC4wou0VNtFn1oXREq6BY97+YX9UF/8EnH14pSTMmL1L/KXob
2zL4jJFE0MelowU2IHpf2CtNIHAU6R5NdzbxzvuQCRdeoSxsuWtKRdSG3thp3yJ4
mMnIpqXwDY6WOn6smLz7odrQh2ETJgwTrdnauAo/jWTJDmJrF3b+7wTYMb6Pn0F7
k+B+nTyPq/TdMlyYIDMzjUJaQZr5LFnKGXB199hE3L8DFirjrQP89/oseaQlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqUtVNZwHOTImUBMjnxj6w2Z5l7owHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTQ3MDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBKeI1nl4tOqIhkuaII8lb8NlBV0+6vyIyR
7hHmVjNSesUJplUropgpF+qwRRZ43jsXYMUOtMAe89MEVlB1VrGr5g2yRE5vLWdN
/qJFAvu/FCithxiI1KPaexassXPfrsnPaIr6FFP0FJGoc/PR7o3/eVRRhFAsKjjL
2WV1GGEL4q7nQr8gnH+IGRpNzF1Nb17pi+PO8RsVNUEZLMzcbLvijBNPsjPfarFz
GRR4laRVFiwSN+TyFRxcVcb8SgRhg+t0ET9asOLG03i2s/O2FES75/B6lREtpHUt
L5hl1PR+E/8bd9FyVMpfEHI+GsLWQNpnDWsGKYjedJtjLpoD8Yi3
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:58 2025 by rpki-client