Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199582.roa
File: AS199582.roa (raw, json)
Hash identifier: iPsZlif2I3sOZ6iOzpprFDv5ZfqlbqI3shu4T2uHIT8=
Subject key identifier: 22:07:86:DD:E0:27:B4:57:71:98:C9:78:89:8F:D6:B0:94:E1:9F:57
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 4D7794F9A0231E30475FC37FC92CE63B1AC85437
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199582.roa
Signing time: Mon 10 Mar 2025 16:06:26 +0000
ROA not before: Mon 10 Mar 2025 16:01:26 +0000
ROA not after: Mon 09 Mar 2026 16:06:26 +0000
asID: 199582
IP address blocks: 2a07:54c1:c000::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:77:94:f9:a0:23:1e:30:47:5f:c3:7f:c9:2c:e6:3b:1a:c8:54:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Mar 10 16:01:26 2025 GMT
Not After : Mar 9 16:06:26 2026 GMT
Subject: CN=220786DDE027B4577198C978898FD6B094E19F57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8e:f3:e4:ae:fc:75:43:0e:15:2c:3d:df:45:
8d:ce:8c:8f:fd:cc:5a:3e:c3:24:43:8c:c4:91:ac:
d6:ca:cc:ec:f8:4c:9d:89:91:27:aa:4b:7f:cc:cb:
06:3e:84:75:52:11:b2:46:95:81:23:03:a9:35:a8:
13:56:0a:b2:90:e6:01:aa:d3:94:b3:94:37:66:f0:
d9:4b:23:f3:93:c2:4f:a3:4e:c0:ce:b0:86:6c:95:
03:11:ec:fd:b1:a6:63:ff:7a:9e:3c:24:f4:fc:0c:
8f:19:e3:2f:70:c0:a8:ab:11:4f:1b:11:1d:ef:f4:
6e:04:cd:93:8b:63:74:73:37:c3:f4:f2:85:93:25:
b3:16:93:45:8d:3b:81:db:9c:5e:c1:bc:78:1d:bc:
4b:84:eb:df:66:a0:4c:79:4a:50:8d:9d:9c:3f:6f:
03:18:5b:da:f5:9c:59:9d:6a:ca:0d:8b:90:6c:ee:
c3:ca:3d:53:ef:76:37:87:53:8a:a7:05:b7:a7:79:
da:c8:0d:67:35:18:33:e1:1c:ca:51:d4:a6:f1:bc:
4f:aa:1c:9b:dc:f6:87:c8:5c:db:c8:43:2a:cc:0f:
1a:c7:be:93:04:c6:0c:1c:fa:4f:e2:42:f7:46:29:
6c:3e:ee:de:6b:d7:24:54:f9:b0:fe:d7:30:dd:ea:
93:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:07:86:DD:E0:27:B4:57:71:98:C9:78:89:8F:D6:B0:94:E1:9F:57
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS199582.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:c000::/40
Signature Algorithm: sha256WithRSAEncryption
24:1d:fe:35:b0:af:6b:07:e3:ad:1f:ff:2a:a7:f3:3a:88:e8:
35:48:a4:5e:17:bd:62:d3:06:b6:89:00:0a:8b:e0:ab:96:5a:
29:be:e2:c6:ba:00:4d:e6:08:f6:2e:cd:72:25:47:f1:3a:a1:
8e:42:c2:b2:6c:cb:b5:63:97:91:97:de:7c:f3:23:b3:43:a1:
95:cd:52:d1:bb:3f:79:c5:d4:88:21:ef:22:48:83:6a:e8:99:
77:6d:eb:46:ad:e7:fb:40:6a:f4:8b:c1:ed:8b:e5:fc:12:80:
72:54:b4:4d:70:f1:46:bb:e7:39:f6:61:55:1e:ed:96:ca:4f:
6e:4b:00:2b:90:ca:7f:24:06:82:92:d4:5d:08:6c:34:28:69:
e0:7e:2c:a5:ab:6e:d0:e9:2f:8b:a8:4e:a1:88:26:e5:1b:85:
1c:ed:1d:43:38:e8:e9:28:b1:e6:8d:07:cb:27:d3:4f:20:14:
51:0c:82:09:b1:74:5b:31:bf:5b:8a:11:20:d9:4c:49:e5:dd:
0b:e1:03:00:a6:dd:d6:53:3d:74:41:67:28:c3:d4:31:46:44:
36:c7:7d:0d:d1:f7:42:43:d7:74:0c:f7:27:11:21:e3:ec:44:
9f:33:76:b3:be:1f:21:0f:73:81:65:36:96:3d:50:80:32:ec:
c2:5b:a5:51
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUTXeU+aAjHjBHX8N/ySzmOxrIVDcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAzMTAxNjAxMjZaFw0yNjAzMDkxNjA2MjZaMDMxMTAvBgNV
BAMTKDIyMDc4NkRERTAyN0I0NTc3MTk4Qzk3ODg5OEZENkIwOTRFMTlGNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMjvPkrvx1Qw4VLD3fRY3OjI/9
zFo+wyRDjMSRrNbKzOz4TJ2JkSeqS3/MywY+hHVSEbJGlYEjA6k1qBNWCrKQ5gGq
05SzlDdm8NlLI/OTwk+jTsDOsIZslQMR7P2xpmP/ep48JPT8DI8Z4y9wwKirEU8b
ER3v9G4EzZOLY3RzN8P08oWTJbMWk0WNO4HbnF7BvHgdvEuE699moEx5SlCNnZw/
bwMYW9r1nFmdasoNi5Bs7sPKPVPvdjeHU4qnBbenedrIDWc1GDPhHMpR1KbxvE+q
HJvc9ofIXNvIQyrMDxrHvpMExgwc+k/iQvdGKWw+7t5r1yRU+bD+1zDd6pOHAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUIgeG3eAntFdxmMl4iY/WsJThn1cwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMTk5NTgyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wcAwDQYJKoZIhvcNAQELBQADggEBACQd/jWwr2sH460f/yqn8zqI6DVIpF4XvWLT
BraJAAqL4KuWWim+4sa6AE3mCPYuzXIlR/E6oY5CwrJsy7Vjl5GX3nzzI7NDoZXN
UtG7P3nF1Igh7yJIg2romXdt60at5/tAavSLwe2L5fwSgHJUtE1w8Ua75zn2YVUe
7ZbKT25LACuQyn8kBoKS1F0IbDQoaeB+LKWrbtDpL4uoTqGIJuUbhRztHUM46Oko
seaNB8sn008gFFEMggmxdFsxv1uKESDZTEnl3QvhAwCm3dZTPXRBZyjD1DFGRDbH
fQ3R90JD13QM9ycRIePsRJ8zdrO+HyEPc4FlNpY9UIAy7MJbpVE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:43 2025 by rpki-client