Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198057.roa
File: AS198057.roa (raw, json)
Hash identifier: bDzxzR7+2I+dAyQ4iKrNJ0RXyMmHEgbr7LwghloeKb8=
Subject key identifier: 0D:7E:7C:66:B8:1F:CC:2B:19:FF:B0:43:06:82:5A:07:6C:BE:35:51
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 6C1C7586F3E9532CDED5F56DDB0796CCFA93FE50
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198057.roa
Signing time: Wed 01 Jan 2025 18:30:34 +0000
ROA not before: Wed 01 Jan 2025 18:25:34 +0000
ROA not after: Wed 31 Dec 2025 18:30:34 +0000
asID: 198057
IP address blocks: 2a07:54c1:44f0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:1c:75:86:f3:e9:53:2c:de:d5:f5:6d:db:07:96:cc:fa:93:fe:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 1 18:25:34 2025 GMT
Not After : Dec 31 18:30:34 2025 GMT
Subject: CN=0D7E7C66B81FCC2B19FFB04306825A076CBE3551
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:28:ca:f9:a8:37:0c:d9:29:07:7d:f6:c1:
d1:fc:6c:e4:61:8f:21:1c:8a:77:d5:c5:c4:bb:23:
fd:0d:97:b1:26:30:54:65:50:79:7d:de:db:9c:46:
9a:22:16:23:22:9c:ed:fb:12:8b:a8:54:62:fb:a7:
42:86:c3:75:97:02:e7:9c:6a:af:34:c0:87:98:db:
00:a3:35:3a:f7:40:5d:00:a3:a7:7e:26:c2:e3:ab:
f6:5f:19:91:6a:0c:5a:71:06:52:d2:ba:92:9f:28:
41:87:56:25:4b:81:ff:89:ed:92:f4:73:37:73:14:
e0:c3:b6:a3:21:83:1a:db:0a:ef:e6:79:1b:85:00:
db:d7:33:21:9a:e6:03:61:ee:f6:87:8e:0a:64:3d:
18:1c:ef:bf:a2:c2:f5:bd:b3:74:b5:13:3c:c5:11:
68:0f:c9:45:d1:a1:b0:74:61:c8:fb:58:c7:25:03:
27:5f:bf:70:1c:79:59:ad:f0:6e:7c:a0:8f:29:d4:
b9:4c:f9:ec:57:0e:9e:34:df:6d:54:e3:90:fb:80:
b9:f1:e8:20:fd:5c:95:0f:b0:17:1d:41:0c:19:bb:
f7:40:aa:c6:31:15:06:bb:09:15:91:58:95:75:ce:
6e:34:41:95:e3:cc:fb:11:72:4c:e3:0e:74:73:b6:
22:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:7E:7C:66:B8:1F:CC:2B:19:FF:B0:43:06:82:5A:07:6C:BE:35:51
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS198057.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:44f0::/44
Signature Algorithm: sha256WithRSAEncryption
78:b8:09:8e:fe:33:b8:3b:e2:99:76:32:52:ab:87:92:af:93:
81:66:17:9f:e5:24:22:64:3f:d1:ca:88:18:af:57:04:c5:91:
68:d2:e2:db:5e:69:3d:e5:1f:e0:26:a6:e7:9a:c8:ce:4e:21:
1a:3d:c0:ba:de:b5:f6:66:3f:bf:1d:86:43:e9:5c:28:8b:30:
1e:6d:d1:f1:9a:d4:7e:bf:cf:0a:05:fa:a2:80:90:53:1e:61:
89:29:4a:ed:f4:eb:23:90:6e:67:f5:cf:15:77:0b:e5:0e:4d:
91:d8:f1:db:8a:26:49:36:c2:a7:4e:6f:65:9c:31:5c:a9:a7:
a0:74:44:b9:64:5e:05:fb:c3:37:47:56:d9:9d:23:d7:2e:50:
9a:7f:c1:8f:3f:3f:01:82:9a:44:87:b6:bd:c9:9f:e2:26:8a:
86:12:73:e4:2c:ea:91:c4:fa:46:3a:eb:7f:50:25:a6:0b:8b:
11:2f:f0:99:b4:3c:f5:ec:e4:13:6c:cd:ef:95:c7:74:1e:3a:
ea:d3:84:6b:e5:36:ac:1d:9c:99:8f:42:d6:db:98:fe:4b:c5:
68:4d:18:d8:c8:44:b0:e2:b2:64:cf:2f:8f:24:db:f7:02:63:
ee:81:ea:38:e8:bd:d1:28:34:5d:26:05:d4:5d:fd:fb:f0:9a:
44:0d:18:46
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbBx1hvPpUyze1fVt2weWzPqT/lAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAxMDExODI1MzRaFw0yNTEyMzExODMwMzRaMDMxMTAvBgNV
BAMTKDBEN0U3QzY2QjgxRkNDMkIxOUZGQjA0MzA2ODI1QTA3NkNCRTM1NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4kCjK+ag3DNkpB332wdH8bORh
jyEcinfVxcS7I/0Nl7EmMFRlUHl93tucRpoiFiMinO37EouoVGL7p0KGw3WXAuec
aq80wIeY2wCjNTr3QF0Ao6d+JsLjq/ZfGZFqDFpxBlLSupKfKEGHViVLgf+J7ZL0
czdzFODDtqMhgxrbCu/meRuFANvXMyGa5gNh7vaHjgpkPRgc77+iwvW9s3S1EzzF
EWgPyUXRobB0Ycj7WMclAydfv3AceVmt8G58oI8p1LlM+exXDp40321U45D7gLnx
6CD9XJUPsBcdQQwZu/dAqsYxFQa7CRWRWJV1zm40QZXjzPsRckzjDnRztiIFAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDX58ZrgfzCsZ/7BDBoJaB2y+NVEwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk4MDU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgdU
wUTwMA0GCSqGSIb3DQEBCwUAA4IBAQB4uAmO/jO4O+KZdjJSq4eSr5OBZhef5SQi
ZD/RyogYr1cExZFo0uLbXmk95R/gJqbnmsjOTiEaPcC63rX2Zj+/HYZD6VwoizAe
bdHxmtR+v88KBfqigJBTHmGJKUrt9OsjkG5n9c8VdwvlDk2R2PHbiiZJNsKnTm9l
nDFcqaegdES5ZF4F+8M3R1bZnSPXLlCaf8GPPz8BgppEh7a9yZ/iJoqGEnPkLOqR
xPpGOut/UCWmC4sRL/CZtDz17OQTbM3vlcd0Hjrq04Rr5TasHZyZj0LW25j+S8Vo
TRjYyESw4rJkzy+PJNv3AmPugeo46L3RKDRdJgXUXf378JpEDRhG
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:11 2025 by rpki-client