Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200993.roa
File: AS200993.roa (raw, json)
Hash identifier: 5+vAhja1A02pFiBebbfYVxrifizeK5PX8QIoCCOSD98=
Subject key identifier: 85:0C:D2:8B:3B:E8:2A:CE:3C:ED:64:86:C2:81:8E:18:5D:19:BD:8A
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 73811767FCE0138CCA6C91B1FAFF1241FF0DCEBE
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200993.roa
Signing time: Tue 03 Dec 2024 03:30:34 +0000
ROA not before: Tue 03 Dec 2024 03:25:34 +0000
ROA not after: Tue 02 Dec 2025 03:30:34 +0000
asID: 200993
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:81:17:67:fc:e0:13:8c:ca:6c:91:b1:fa:ff:12:41:ff:0d:ce:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Dec 3 03:25:34 2024 GMT
Not After : Dec 2 03:30:34 2025 GMT
Subject: CN=850CD28B3BE82ACE3CED6486C2818E185D19BD8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:06:57:f0:04:10:96:4c:b9:64:27:6b:c9:b4:
cc:17:e3:39:c7:8f:81:92:a7:65:93:e0:c7:2e:9a:
2c:85:1f:7c:fc:74:0f:7f:c7:a8:bb:9b:10:d1:e7:
de:ca:a8:20:ea:c6:99:49:9e:88:d1:33:4c:93:5d:
df:45:5f:12:31:2d:0b:ee:40:e9:cc:1d:20:3e:2f:
a9:b5:9f:b7:f5:f6:16:e2:82:ab:e4:af:f7:bc:ea:
82:4e:f3:2c:48:f4:21:75:52:e3:1d:27:33:38:72:
f5:c7:5b:c2:4a:a8:7a:75:11:40:b7:34:f5:ec:cd:
da:05:87:d1:5a:b4:41:80:c4:ab:13:ee:b9:84:a6:
77:fc:22:c6:13:9d:16:5c:2e:eb:38:27:a8:f2:39:
39:bf:1b:03:74:07:99:d5:83:c6:5f:c3:20:af:08:
5d:12:be:02:20:d2:f6:66:8e:9e:49:e4:7c:46:17:
9d:2b:57:a7:3a:d9:a9:8f:96:5a:84:a7:25:e5:77:
ea:5e:94:ab:04:cb:aa:71:fa:69:22:cb:00:7d:3f:
ad:03:6e:8c:47:eb:6e:00:68:6e:e2:e8:e3:49:f8:
b3:ca:74:2c:1b:7b:0f:bf:54:41:a8:29:65:d8:53:
c6:73:76:7f:87:47:3e:aa:1c:0f:e9:8d:5d:41:2a:
c8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0C:D2:8B:3B:E8:2A:CE:3C:ED:64:86:C2:81:8E:18:5D:19:BD:8A
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS200993.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
3d:62:9c:0a:0b:f0:db:2c:0c:e5:1a:92:c9:d0:2c:17:41:95:
fe:de:49:0b:9f:7d:c3:74:48:fc:f2:7a:6a:c8:0d:24:7e:04:
1e:f1:fe:31:21:88:e8:e6:fd:41:aa:67:b2:b8:85:b4:24:1d:
85:eb:6a:94:b9:68:63:4a:85:a9:bd:af:62:c8:27:80:70:b3:
36:ad:7d:2a:52:15:e3:e6:cb:d2:86:e8:48:c5:42:fc:1a:59:
59:75:61:2b:ac:c0:1f:ef:14:70:d0:34:ad:3d:ed:a9:03:17:
b5:f8:67:d2:3c:87:d5:37:0c:e3:60:24:3d:32:f4:8b:54:14:
7a:e0:3f:93:6a:8a:1a:2d:68:8a:50:96:8b:25:55:7e:6c:12:
0a:3d:c3:d1:16:86:c1:b2:5f:b0:f5:73:54:47:9f:5a:8c:4d:
f2:69:ea:f8:0b:80:6e:c6:0b:63:a8:80:51:3e:99:94:8f:ea:
42:6a:01:d4:ef:bc:37:88:c9:41:78:b2:77:21:4a:34:4d:a9:
73:4d:4b:ff:53:61:85:60:0e:04:b2:34:d8:81:b8:d8:0a:29:
60:76:91:42:4a:a2:6b:6c:c9:89:1b:c6:fd:a2:18:d9:50:b5:
50:96:c7:48:c4:a8:bb:e0:cd:59:50:54:58:23:04:fa:fa:71:
70:0f:d5:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUc4EXZ/zgE4zKbJGx+v8SQf8Nzr4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDEyMDMwMzI1MzRaFw0yNTEyMDIwMzMwMzRaMDMxMTAvBgNV
BAMTKDg1MENEMjhCM0JFODJBQ0UzQ0VENjQ4NkMyODE4RTE4NUQxOUJEOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6BlfwBBCWTLlkJ2vJtMwX4znH
j4GSp2WT4McumiyFH3z8dA9/x6i7mxDR597KqCDqxplJnojRM0yTXd9FXxIxLQvu
QOnMHSA+L6m1n7f19hbigqvkr/e86oJO8yxI9CF1UuMdJzM4cvXHW8JKqHp1EUC3
NPXszdoFh9FatEGAxKsT7rmEpnf8IsYTnRZcLus4J6jyOTm/GwN0B5nVg8ZfwyCv
CF0SvgIg0vZmjp5J5HxGF50rV6c62amPllqEpyXld+pelKsEy6px+mkiywB9P60D
boxH624AaG7i6ONJ+LPKdCwbew+/VEGoKWXYU8Zzdn+HRz6qHA/pjV1BKsgXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUhQzSizvoKs487WSGwoGOGF0ZvYowHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjAwOTkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQA9YpwKC/DbLAzlGpLJ0CwXQZX+3kkLn33D
dEj88npqyA0kfgQe8f4xIYjo5v1BqmeyuIW0JB2F62qUuWhjSoWpva9iyCeAcLM2
rX0qUhXj5svShuhIxUL8GllZdWErrMAf7xRw0DStPe2pAxe1+GfSPIfVNwzjYCQ9
MvSLVBR64D+TaooaLWiKUJaLJVV+bBIKPcPRFobBsl+w9XNUR59ajE3yaer4C4Bu
xgtjqIBRPpmUj+pCagHU77w3iMlBeLJ3IUo0TalzTUv/U2GFYA4EsjTYgbjYCilg
dpFCSqJrbMmJG8b9ohjZULVQlsdIxKi74M1ZUFRYIwT6+nFwD9U6
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:07 2025 by rpki-client