Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204585.roa
File: AS204585.roa (raw, json)
Hash identifier: ehdxrPHR9vVjT8oVS1fmCWzXIGVCIk8N+szsdLdexIc=
Subject key identifier: 0F:A1:E9:1A:E5:8A:A0:1E:C0:31:38:46:BB:C2:AA:90:92:00:FC:38
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 45EB665DC38D56F4C3D58761251008ED0B8EDF28
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204585.roa
Signing time: Sun 07 Jul 2024 22:15:35 +0000
ROA not before: Sun 07 Jul 2024 22:10:35 +0000
ROA not after: Sun 06 Jul 2025 22:15:35 +0000
asID: 204585
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
2a07:54c7:8000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:eb:66:5d:c3:8d:56:f4:c3:d5:87:61:25:10:08:ed:0b:8e:df:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jul 7 22:10:35 2024 GMT
Not After : Jul 6 22:15:35 2025 GMT
Subject: CN=0FA1E91AE58AA01EC0313846BBC2AA909200FC38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:3f:a0:57:47:cd:fc:74:53:92:88:24:f4:b3:
74:83:f7:c9:0e:70:71:16:cf:ae:69:f5:6d:8c:3c:
e7:d4:43:cd:2b:2d:5d:97:aa:4e:b8:5f:d3:a8:ee:
24:84:92:da:a0:72:60:5c:ad:82:e7:a5:b2:62:48:
27:26:96:b5:56:12:ec:4c:0f:fe:16:df:67:e9:d9:
6b:15:22:2d:26:e2:b0:b8:1d:14:ec:88:a4:86:aa:
08:e9:e8:2b:11:6d:47:26:5f:06:02:7c:9b:48:13:
15:4a:0a:06:20:3e:b4:0f:0b:69:00:f0:bb:ed:f8:
df:bf:24:a6:08:4e:e1:33:cb:1a:74:99:18:72:15:
62:01:58:e3:f0:0d:16:60:a6:25:a2:da:65:eb:96:
35:40:6e:e7:7e:95:15:60:64:e9:5c:75:0d:88:24:
0f:bd:9f:73:3c:1f:a3:01:3c:b1:d1:e7:7f:2c:54:
89:ea:f8:2f:fe:ad:9f:79:d8:3b:0d:c1:59:1f:86:
61:73:c6:a9:d3:d7:e2:b5:7d:f7:63:50:5a:81:6c:
88:a6:97:fb:59:8f:64:1c:51:d0:b8:28:8f:83:3f:
8c:33:5e:aa:e4:34:a5:71:44:79:19:8c:16:b4:b0:
a5:a9:09:c0:87:7c:b2:db:d3:cb:a5:0f:d4:8f:53:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A1:E9:1A:E5:8A:A0:1E:C0:31:38:46:BB:C2:AA:90:92:00:FC:38
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS204585.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
2a07:54c7:8000::/36
Signature Algorithm: sha256WithRSAEncryption
b1:80:1f:23:d0:e6:e5:01:4d:1f:48:9c:97:7a:15:fd:24:57:
10:16:52:3f:ad:7f:49:34:d0:44:3b:20:78:6e:6e:d9:f6:52:
d4:2e:44:b2:14:b7:ed:ed:c4:0c:19:11:48:84:8d:a5:b1:df:
ad:ab:57:41:16:99:62:c3:e6:09:d9:fb:13:be:fb:c7:e1:46:
4b:fc:87:3f:a2:91:9f:e2:a8:ff:48:25:58:f2:d0:a4:de:de:
a1:84:7a:08:5d:dd:08:62:bf:cb:84:4b:ee:53:fc:57:53:ae:
4c:00:6f:6d:25:a4:c5:2b:49:b2:23:97:fd:eb:7d:54:5f:2e:
0c:b5:a0:e6:bd:f3:03:4f:20:8a:19:fa:b0:f2:98:f4:76:22:
d6:3c:98:c0:0b:b1:ce:a2:3c:4c:f5:6a:c2:df:7d:51:4e:dc:
6f:23:cd:c3:28:4b:c7:c8:9b:5a:df:31:21:7b:b1:be:8d:b6:
32:3c:fe:ab:16:06:66:28:8d:66:0b:12:13:4e:da:c2:a8:e6:
39:c4:65:f1:c7:c5:e1:68:ca:43:95:75:53:56:3c:50:87:a4:
02:4e:8e:ce:c9:db:13:93:41:2c:a3:f1:83:1c:2d:07:fe:f4:
c2:5f:9a:e1:5f:18:d5:fd:c1:07:63:fd:b6:80:36:29:0e:65:
13:4e:fc:d4
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIURetmXcONVvTD1YdhJRAI7QuO3ygwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA3MDcyMjEwMzVaFw0yNTA3MDYyMjE1MzVaMDMxMTAvBgNV
BAMTKDBGQTFFOTFBRTU4QUEwMUVDMDMxMzg0NkJCQzJBQTkwOTIwMEZDMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtP6BXR838dFOSiCT0s3SD98kO
cHEWz65p9W2MPOfUQ80rLV2Xqk64X9Oo7iSEktqgcmBcrYLnpbJiSCcmlrVWEuxM
D/4W32fp2WsVIi0m4rC4HRTsiKSGqgjp6CsRbUcmXwYCfJtIExVKCgYgPrQPC2kA
8Lvt+N+/JKYITuEzyxp0mRhyFWIBWOPwDRZgpiWi2mXrljVAbud+lRVgZOlcdQ2I
JA+9n3M8H6MBPLHR538sVInq+C/+rZ952DsNwVkfhmFzxqnT1+K1ffdjUFqBbIim
l/tZj2QcUdC4KI+DP4wzXqrkNKVxRHkZjBa0sKWpCcCHfLLb08ulD9SPU2dbAgMB
AAGjggJFMIICQTAdBgNVHQ4EFgQUD6HpGuWKoB7AMThGu8KqkJIA/DgwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA0NTg1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKgdU
wrALAwYEKgdUx4AwDQYJKoZIhvcNAQELBQADggEBALGAHyPQ5uUBTR9InJd6Ff0k
VxAWUj+tf0k00EQ7IHhubtn2UtQuRLIUt+3txAwZEUiEjaWx362rV0EWmWLD5gnZ
+xO++8fhRkv8hz+ikZ/iqP9IJVjy0KTe3qGEeghd3Qhiv8uES+5T/FdTrkwAb20l
pMUrSbIjl/3rfVRfLgy1oOa98wNPIIoZ+rDymPR2ItY8mMALsc6iPEz1asLffVFO
3G8jzcMoS8fIm1rfMSF7sb6NtjI8/qsWBmYojWYLEhNO2sKo5jnEZfHHxeFoykOV
dVNWPFCHpAJOjs7J2xOTQSyj8YMcLQf+9MJfmuFfGNX9wQdj/baANikOZRNO/NQ=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:46 2025 by rpki-client