Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa
File: AS206125.roa (raw, json)
Hash identifier: flNE15L+bwI6Evj1HrENWsi9DqIaYdGqVPxZe8AU6RA=
Subject key identifier: 6A:B0:E1:E5:E7:59:84:AE:F8:12:3A:E4:01:C7:0C:B5:30:44:67:7D
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 1A5629A5C0384CE7994F2F762D962ECD8E43FCE0
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa
Signing time: Wed 26 Jun 2024 17:29:40 +0000
ROA not before: Wed 26 Jun 2024 17:24:40 +0000
ROA not after: Wed 25 Jun 2025 17:29:40 +0000
asID: 206125
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:56:29:a5:c0:38:4c:e7:99:4f:2f:76:2d:96:2e:cd:8e:43:fc:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jun 26 17:24:40 2024 GMT
Not After : Jun 25 17:29:40 2025 GMT
Subject: CN=6AB0E1E5E75984AEF8123AE401C70CB53044677D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f6:59:7e:db:00:b0:70:0c:2a:8a:fe:c8:f0:
29:cd:d4:a5:42:25:8c:ae:91:1b:f0:da:48:62:7b:
ca:9d:1c:4c:35:54:77:c3:0a:7b:19:d2:59:d2:d3:
b4:ed:5c:ca:84:0e:c5:19:c7:01:77:76:73:2d:83:
35:9a:a7:68:e4:30:63:0a:59:af:d1:c8:f4:e5:c9:
f6:29:61:54:a9:0c:0a:a5:d9:48:d9:a8:87:1c:48:
01:f2:bb:bf:09:10:9a:04:2f:7e:9e:0e:40:15:dd:
2e:1b:4f:8a:3f:bd:6d:74:b5:5b:0d:31:03:32:3d:
c5:b4:c7:f9:d7:bb:64:b2:cc:c7:1b:20:e6:ad:52:
39:fe:57:88:21:39:fd:fe:de:56:5b:fe:e4:ab:ac:
cd:b6:dc:ea:e8:0f:cd:fc:89:ec:01:b4:b6:0c:6d:
35:02:26:41:22:09:ca:3f:9e:ac:85:3b:38:f2:1c:
04:6b:d3:02:35:0e:fc:55:8c:cd:f9:76:02:35:6f:
c6:83:1d:47:d2:aa:d6:00:b4:f9:b8:81:d8:24:60:
ce:99:65:2a:53:4c:e7:b8:99:fd:98:d5:55:95:c7:
ae:bc:cf:3a:2b:93:2a:63:0c:a0:03:f0:39:1e:5b:
44:4e:b5:75:7f:b0:9a:80:d9:af:26:9d:91:d4:2a:
42:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:B0:E1:E5:E7:59:84:AE:F8:12:3A:E4:01:C7:0C:B5:30:44:67:7D
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS206125.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
37:39:1f:ea:61:84:47:ee:36:0c:17:94:81:8b:6b:f3:4b:c2:
62:48:d3:01:96:91:cc:92:7a:51:4a:f7:59:b5:d7:e0:c7:b7:
02:c5:fa:c6:a3:54:a8:01:04:cf:89:67:e5:73:82:72:5c:2e:
ce:1f:f1:3e:d0:0e:82:85:d3:ab:99:72:e6:4a:41:f7:9a:bb:
1f:8c:a4:27:2a:e8:23:36:4b:57:61:82:99:c7:f3:85:65:71:
57:15:f5:ed:7a:87:1c:d6:20:19:0e:bd:aa:d5:ae:ec:40:e8:
60:37:01:85:3a:8d:11:5b:7a:69:bc:46:b7:e7:2f:d2:18:02:
ab:c4:84:20:1c:a4:36:c9:b2:d0:3e:5e:b9:73:d1:8d:03:6b:
2f:be:ee:9c:03:83:c1:64:4f:88:a9:30:c8:25:0d:04:dc:8a:
95:78:82:96:4b:eb:4e:7b:1a:97:30:11:08:d2:8a:74:1c:99:
ed:2c:16:69:b4:4f:d5:3c:7b:5f:76:8a:5b:3a:0c:7c:a6:00:
12:44:f2:6b:5e:10:fc:55:1c:8b:94:c8:a6:d5:c4:e0:e0:79:
7a:dc:18:78:c5:eb:e4:ad:a3:8b:8f:5a:91:40:09:86:68:f7:
87:24:e5:1d:53:3d:3c:ad:c7:08:d7:00:d1:d9:9a:af:a5:dd:
bd:de:21:68
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUGlYppcA4TOeZTy92LZYuzY5D/OAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA2MjYxNzI0NDBaFw0yNTA2MjUxNzI5NDBaMDMxMTAvBgNV
BAMTKDZBQjBFMUU1RTc1OTg0QUVGODEyM0FFNDAxQzcwQ0I1MzA0NDY3N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq9ll+2wCwcAwqiv7I8CnN1KVC
JYyukRvw2khie8qdHEw1VHfDCnsZ0lnS07TtXMqEDsUZxwF3dnMtgzWap2jkMGMK
Wa/RyPTlyfYpYVSpDAql2UjZqIccSAHyu78JEJoEL36eDkAV3S4bT4o/vW10tVsN
MQMyPcW0x/nXu2SyzMcbIOatUjn+V4ghOf3+3lZb/uSrrM223OroD838iewBtLYM
bTUCJkEiCco/nqyFOzjyHARr0wI1DvxVjM35dgI1b8aDHUfSqtYAtPm4gdgkYM6Z
ZSpTTOe4mf2Y1VWVx668zzorkypjDKAD8DkeW0ROtXV/sJqA2a8mnZHUKkKBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUarDh5edZhK74EjrkAccMtTBEZ30wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA2MTI1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQA3OR/qYYRH7jYMF5SBi2vzS8JiSNMBlpHM
knpRSvdZtdfgx7cCxfrGo1SoAQTPiWflc4JyXC7OH/E+0A6ChdOrmXLmSkH3mrsf
jKQnKugjNktXYYKZx/OFZXFXFfXteocc1iAZDr2q1a7sQOhgNwGFOo0RW3ppvEa3
5y/SGAKrxIQgHKQ2ybLQPl65c9GNA2svvu6cA4PBZE+IqTDIJQ0E3IqVeIKWS+tO
exqXMBEI0op0HJntLBZptE/VPHtfdopbOgx8pgASRPJrXhD8VRyLlMim1cTg4Hl6
3Bh4xevkraOLj1qRQAmGaPeHJOUdUz08rccI1wDR2Zqvpd293iFo
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:47 2025 by rpki-client