Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS197919.roa
File: AS197919.roa (raw, json)
Hash identifier: zwojY4yP3icYFot9tqoTNWeZkybs/2MDVSctf/2dAGA=
Subject key identifier: 9E:5D:98:E6:FA:38:E5:D1:F7:53:C8:1D:1B:6E:D0:DB:43:70:57:89
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 45E5D1F24EDC5D7AF2F73646A1D2EEA20CBC181E
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS197919.roa
Signing time: Sat 11 Jan 2025 21:30:34 +0000
ROA not before: Sat 11 Jan 2025 21:25:34 +0000
ROA not after: Sat 10 Jan 2026 21:30:34 +0000
asID: 197919
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:e5:d1:f2:4e:dc:5d:7a:f2:f7:36:46:a1:d2:ee:a2:0c:bc:18:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 11 21:25:34 2025 GMT
Not After : Jan 10 21:30:34 2026 GMT
Subject: CN=9E5D98E6FA38E5D1F753C81D1B6ED0DB43705789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2e:04:69:df:1e:af:87:ef:ff:28:65:c7:79:
c5:c0:80:c0:b0:f3:c7:1f:f9:53:b5:9e:02:30:fe:
5b:f6:7c:0e:15:a8:2f:b3:78:9f:30:2a:72:ad:93:
55:6f:57:ae:f4:b6:c4:85:d9:22:40:b5:61:5e:13:
32:40:64:b2:dc:59:9e:46:41:d3:7b:9e:a8:22:1f:
07:83:34:0c:aa:b7:38:5a:34:3c:b0:22:25:6e:8a:
de:38:4a:bf:43:17:79:6e:4d:99:22:da:31:d4:9c:
f4:bb:4b:f1:aa:04:94:6e:af:a9:b9:76:49:df:23:
aa:c4:26:e6:fd:2e:68:fa:05:69:da:11:1b:89:09:
1d:ca:77:28:43:4f:1e:c1:44:a9:ea:69:88:3e:22:
a9:37:49:5e:ee:05:d4:0f:2d:b8:53:fa:20:bb:3c:
3e:25:06:0c:59:05:8b:de:00:89:b1:23:9b:29:4d:
fb:d2:78:b9:17:bc:fc:b5:a1:77:8a:57:ec:4c:43:
76:e1:ef:d3:c3:11:61:3d:0a:40:8f:cb:b9:92:b8:
50:30:66:b5:bd:1d:ad:1f:cf:c6:62:45:80:87:4e:
21:ce:78:47:ba:4b:d8:e6:34:0c:37:db:21:0a:6d:
d5:ee:bd:8a:fa:73:9a:a6:ff:dc:c2:8d:6a:52:bb:
db:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:5D:98:E6:FA:38:E5:D1:F7:53:C8:1D:1B:6E:D0:DB:43:70:57:89
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS197919.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
2f:61:31:e4:ec:48:56:a3:47:de:34:39:60:25:47:a1:4e:87:
29:8a:0c:98:66:ca:75:98:9d:0a:3a:1d:3e:29:fe:ed:47:d6:
4a:34:d4:3e:a3:48:9a:f1:0d:23:44:08:de:81:91:b7:05:5e:
03:4a:b9:02:d3:94:6f:0d:b8:cb:1f:fb:4f:b0:af:9b:fb:16:
e9:d1:6b:46:cf:68:83:88:4e:e6:3c:57:d4:95:07:7a:80:48:
82:f8:02:08:f5:94:95:7e:89:ef:84:d1:3c:30:b4:44:a3:73:
16:f1:dc:1c:58:c7:a7:04:d8:11:83:2c:2d:c6:07:04:3a:f7:
c3:b1:99:be:4e:e5:ca:84:6c:91:3d:13:28:fb:0c:c0:46:46:
95:2e:e6:be:95:fa:2d:a3:06:9e:81:71:a5:91:12:b0:47:71:
60:cf:7f:b2:36:4c:f9:10:bc:5d:1f:53:0b:bf:90:95:1d:25:
57:f5:02:f4:ff:b4:5e:fa:d0:ca:51:fb:25:a3:9f:96:97:93:
51:d3:07:34:a0:bf:15:52:4b:3a:39:15:43:ac:d6:c5:d2:47:
61:d6:be:3c:20:0b:ef:3b:30:bc:be:ca:21:8b:e0:a1:b7:3c:
ec:c5:21:34:82:3d:f9:94:89:e6:78:b3:2b:0a:ae:e9:cf:8b:
43:33:d0:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUReXR8k7cXXry9zZGodLuogy8GB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAxMTEyMTI1MzRaFw0yNjAxMTAyMTMwMzRaMDMxMTAvBgNV
BAMTKDlFNUQ5OEU2RkEzOEU1RDFGNzUzQzgxRDFCNkVEMERCNDM3MDU3ODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDALgRp3x6vh+//KGXHecXAgMCw
88cf+VO1ngIw/lv2fA4VqC+zeJ8wKnKtk1VvV670tsSF2SJAtWFeEzJAZLLcWZ5G
QdN7nqgiHweDNAyqtzhaNDywIiVuit44Sr9DF3luTZki2jHUnPS7S/GqBJRur6m5
dknfI6rEJub9Lmj6BWnaERuJCR3KdyhDTx7BRKnqaYg+Iqk3SV7uBdQPLbhT+iC7
PD4lBgxZBYveAImxI5spTfvSeLkXvPy1oXeKV+xMQ3bh79PDEWE9CkCPy7mSuFAw
ZrW9Ha0fz8ZiRYCHTiHOeEe6S9jmNAw32yEKbdXuvYr6c5qm/9zCjWpSu9vXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUnl2Y5vo45dH3U8gdG27Q20NwV4kwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk3OTE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAvYTHk7EhWo0feNDlgJUehTocpigyYZsp1
mJ0KOh0+Kf7tR9ZKNNQ+o0ia8Q0jRAjegZG3BV4DSrkC05RvDbjLH/tPsK+b+xbp
0WtGz2iDiE7mPFfUlQd6gEiC+AII9ZSVfonvhNE8MLREo3MW8dwcWMenBNgRgywt
xgcEOvfDsZm+TuXKhGyRPRMo+wzARkaVLua+lfotowaegXGlkRKwR3Fgz3+yNkz5
ELxdH1MLv5CVHSVX9QL0/7Re+tDKUfslo5+Wl5NR0wc0oL8VUks6ORVDrNbF0kdh
1r48IAvvOzC8vsohi+ChtzzsxSE0gj35lInmeLMrCq7pz4tDM9Bg
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:56 2025 by rpki-client