Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200975.roa
File: AS200975.roa (raw, json)
Hash identifier: 28CnaTpZmXPPI0cLPecqK3fVhrsPXigYsVS1FzWgc7k=
Subject key identifier: 92:32:BD:46:80:19:9C:5D:F2:83:FC:C5:86:4A:9E:51:70:AF:33:88
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 4DB797F7E3F98D82F097CE3D342754A5076C4199
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200975.roa
Signing time: Tue 20 Aug 2024 02:31:57 +0000
ROA not before: Tue 20 Aug 2024 02:26:57 +0000
ROA not after: Tue 19 Aug 2025 02:31:57 +0000
asID: 200975
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:b7:97:f7:e3:f9:8d:82:f0:97:ce:3d:34:27:54:a5:07:6c:41:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:57 2024 GMT
Not After : Aug 19 02:31:57 2025 GMT
Subject: CN=9232BD4680199C5DF283FCC5864A9E5170AF3388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e4:0b:75:e6:53:24:b8:25:22:24:33:0e:f8:
07:c6:74:89:ed:62:83:a4:4b:25:5f:ff:a8:db:b7:
d1:de:82:07:60:00:2a:4a:8c:b0:76:37:af:9f:e6:
19:2f:f1:e8:9a:ee:ab:fe:5b:ab:4a:7a:b1:e0:49:
4c:86:33:77:3e:31:4a:6f:da:09:12:07:ca:85:18:
05:27:87:bd:e3:29:a9:a5:d5:86:5a:0a:76:59:2a:
4a:9f:e8:68:6d:48:f0:7d:ba:ab:75:38:ff:86:39:
c1:10:e2:e2:10:97:5c:24:1e:0c:15:f2:8c:c8:d4:
85:5f:f4:56:60:b5:93:c4:6b:95:7c:99:32:1b:cb:
8e:54:4d:b4:6c:fd:06:49:21:4a:63:62:67:a1:ff:
09:88:90:bb:13:a6:e5:3d:f1:2f:85:08:0f:ce:b8:
45:79:93:ed:37:ef:59:66:09:ff:56:99:b9:17:26:
70:4c:40:2e:5b:15:ba:d2:76:0e:fc:d1:dd:a0:63:
92:6c:e0:36:a8:36:77:e0:b2:bf:90:ec:8a:9c:f8:
89:85:7b:30:ba:05:80:63:96:b2:fe:5b:6a:1f:fb:
d4:0b:23:73:37:7d:71:97:1e:7c:ad:6d:50:0d:44:
e3:9e:27:3a:b8:48:04:84:39:53:15:d8:36:ef:39:
4f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:32:BD:46:80:19:9C:5D:F2:83:FC:C5:86:4A:9E:51:70:AF:33:88
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200975.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
22:ee:17:cd:96:39:75:16:c5:14:a5:74:d7:c8:22:f1:02:bd:
98:68:29:59:0b:bb:a6:37:84:ec:49:48:fb:84:89:21:8a:b2:
db:83:b7:63:95:57:e7:e9:5a:e8:c6:3c:23:27:b9:d3:da:08:
e3:73:39:ee:c5:92:cb:2f:a8:c3:d7:71:9e:09:e0:fe:d1:67:
c6:b0:0e:da:7f:5a:0d:4b:95:c3:f1:ea:36:d6:ed:c1:4f:3b:
a7:6d:c1:ef:eb:c4:a1:e5:86:4f:ee:46:27:e0:b8:63:84:a1:
d6:a6:40:cd:73:7a:ed:74:db:7d:5f:1f:89:6c:c5:94:df:97:
69:12:ce:4d:41:de:ba:f2:35:fd:93:44:4d:a0:6d:5f:35:e5:
2b:de:26:7f:a8:82:ef:f5:f7:55:9f:a7:14:ba:82:dc:ab:8c:
34:19:e1:e9:d7:94:ce:9f:26:ac:16:f8:13:f7:2c:57:6f:a3:
98:66:1d:d5:09:56:1e:69:2a:b9:05:84:e7:98:69:c0:27:f1:
bc:46:3d:f4:66:f7:11:63:94:b3:2a:d8:68:bd:dd:03:2b:5b:
64:d0:64:7f:fd:24:f9:75:05:2c:d3:e8:df:94:c6:11:b9:e7:
eb:d3:57:1c:d1:6b:44:8a:36:ce:95:56:e9:46:36:32:85:d0:
cd:6c:8e:38
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTbeX9+P5jYLwl849NCdUpQdsQZkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTdaFw0yNTA4MTkwMjMxNTdaMDMxMTAvBgNV
BAMTKDkyMzJCRDQ2ODAxOTlDNURGMjgzRkNDNTg2NEE5RTUxNzBBRjMzODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj5At15lMkuCUiJDMO+AfGdInt
YoOkSyVf/6jbt9HeggdgACpKjLB2N6+f5hkv8eia7qv+W6tKerHgSUyGM3c+MUpv
2gkSB8qFGAUnh73jKaml1YZaCnZZKkqf6GhtSPB9uqt1OP+GOcEQ4uIQl1wkHgwV
8ozI1IVf9FZgtZPEa5V8mTIby45UTbRs/QZJIUpjYmeh/wmIkLsTpuU98S+FCA/O
uEV5k+0371lmCf9WmbkXJnBMQC5bFbrSdg780d2gY5Js4DaoNnfgsr+Q7Iqc+ImF
ezC6BYBjlrL+W2of+9QLI3M3fXGXHnytbVANROOeJzq4SASEOVMV2DbvOU9fAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUkjK9RoAZnF3yg/zFhkqeUXCvM4gwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAwOTc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQAi7hfNljl1FsUUpXTXyCLxAr2YaClZC7um
N4TsSUj7hIkhirLbg7djlVfn6VroxjwjJ7nT2gjjcznuxZLLL6jD13GeCeD+0WfG
sA7af1oNS5XD8eo21u3BTzunbcHv68Sh5YZP7kYn4LhjhKHWpkDNc3rtdNt9Xx+J
bMWU35dpEs5NQd668jX9k0RNoG1fNeUr3iZ/qILv9fdVn6cUuoLcq4w0GeHp15TO
nyasFvgT9yxXb6OYZh3VCVYeaSq5BYTnmGnAJ/G8Rj30ZvcRY5SzKthovd0DK1tk
0GR//ST5dQUs0+jflMYRuefr01cc0WtEijbOlVbpRjYyhdDNbI44
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:44 2025 by rpki-client