Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS207598.roa
File: AS207598.roa (raw, json)
Hash identifier: F479pcBX1jiUefQI16vnlbNXsyiCosvscaV80tapcfQ=
Subject key identifier: 4F:96:D6:1D:D9:D4:8F:75:1E:16:49:38:6B:23:E6:6C:07:A8:34:50
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 06DEE3C117380AE52D5C93713B7DEC47561EDF14
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS207598.roa
Signing time: Wed 26 Jun 2024 17:28:42 +0000
ROA not before: Wed 26 Jun 2024 17:23:42 +0000
ROA not after: Wed 25 Jun 2025 17:28:42 +0000
asID: 207598
IP address blocks: 2a07:54c4:73d1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:de:e3:c1:17:38:0a:e5:2d:5c:93:71:3b:7d:ec:47:56:1e:df:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jun 26 17:23:42 2024 GMT
Not After : Jun 25 17:28:42 2025 GMT
Subject: CN=4F96D61DD9D48F751E1649386B23E66C07A83450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:9a:42:de:f3:b2:97:84:f9:ee:d1:c1:00:
10:5d:59:62:70:ce:24:a1:73:b2:21:a6:85:e9:56:
94:3e:97:df:58:66:25:1a:4e:5c:91:6c:17:33:fd:
86:8f:c3:de:89:0f:76:fa:69:07:a9:34:3c:17:1b:
4b:65:af:6c:f2:13:b5:3f:78:9d:7d:cc:0a:c3:aa:
45:fb:d3:aa:ea:39:00:25:aa:92:bd:dd:f7:73:a8:
e1:ec:ea:de:dc:54:04:8b:7c:0b:60:ac:20:f7:dc:
eb:cc:d6:4e:4a:69:a9:d9:10:2f:8b:44:12:7b:d2:
c2:9b:bf:c2:13:97:85:ac:12:af:62:f2:ee:71:69:
5b:48:97:93:6a:e0:63:70:45:19:49:0b:49:c6:06:
f6:a4:8c:f3:b8:8b:42:fd:35:6d:74:32:d5:f8:1e:
e1:11:e7:ff:86:6d:6f:e2:9b:30:7e:45:d2:df:10:
a8:d7:2b:c8:89:43:fd:62:0b:f7:ab:25:a5:64:08:
c7:ce:df:24:6e:7f:e8:39:c0:4c:80:84:0b:ee:b6:
bc:78:fb:e0:2c:9e:09:f7:44:19:2b:2a:e2:08:49:
11:6d:07:a3:70:4a:60:8a:65:a1:ee:4d:2a:04:c7:
27:28:cc:4e:9c:e9:47:8d:6f:d6:d8:c3:85:c4:b8:
fb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:96:D6:1D:D9:D4:8F:75:1E:16:49:38:6B:23:E6:6C:07:A8:34:50
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS207598.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:73d1::/48
Signature Algorithm: sha256WithRSAEncryption
71:6c:a3:7d:18:ed:ae:8b:90:81:99:d0:75:d4:d2:79:1d:49:
9e:b7:3c:5b:5f:f8:64:1d:ed:c3:2d:64:c0:89:68:a1:6c:86:
4f:cd:62:1f:aa:22:9d:26:e7:53:0a:25:10:a8:f8:71:d9:7e:
f8:fe:ca:5e:1d:a9:e9:e1:d6:50:1b:bf:9d:55:2a:7d:90:26:
19:01:c0:a4:05:fe:ea:d9:98:91:e8:fc:6e:4a:f1:54:48:24:
e7:25:e5:59:60:44:87:ca:d6:fb:56:09:da:97:b7:0b:1d:26:
dc:7d:b9:7f:b9:24:c1:52:2f:20:69:e7:4d:f5:12:18:c4:c3:
8a:91:53:99:75:76:d4:65:06:57:cd:09:42:87:cd:26:f1:8f:
82:19:89:6a:59:d4:b2:66:bd:41:ac:39:1f:38:94:50:33:e3:
d7:d3:40:21:41:61:e9:a3:b2:fa:2b:09:c8:7d:f6:a1:56:6a:
98:d6:57:6e:6a:cb:05:07:2a:96:f7:6e:0f:b0:04:1c:33:1e:
23:35:7f:41:87:0f:29:2f:21:76:1c:12:ba:03:c8:b3:45:06:
21:77:7a:92:97:83:f4:da:09:19:fd:77:72:28:44:91:58:70:
de:6f:d9:9a:8b:3d:2c:f6:dc:68:6a:59:13:bd:b0:4e:5d:af:
dd:4e:1a:68
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUBt7jwRc4CuUtXJNxO33sR1Ye3xQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA2MjYxNzIzNDJaFw0yNTA2MjUxNzI4NDJaMDMxMTAvBgNV
BAMTKDRGOTZENjFERDlENDhGNzUxRTE2NDkzODZCMjNFNjZDMDdBODM0NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAQppC3vOyl4T57tHBABBdWWJw
ziShc7IhpoXpVpQ+l99YZiUaTlyRbBcz/YaPw96JD3b6aQepNDwXG0tlr2zyE7U/
eJ19zArDqkX706rqOQAlqpK93fdzqOHs6t7cVASLfAtgrCD33OvM1k5KaanZEC+L
RBJ70sKbv8ITl4WsEq9i8u5xaVtIl5Nq4GNwRRlJC0nGBvakjPO4i0L9NW10MtX4
HuER5/+GbW/imzB+RdLfEKjXK8iJQ/1iC/erJaVkCMfO3yRuf+g5wEyAhAvutrx4
++Asngn3RBkrKuIISRFtB6NwSmCKZaHuTSoExycozE6c6UeNb9bYw4XEuPvRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUT5bWHdnUj3UeFkk4ayPmbAeoNFAwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA3NTk4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
xHPRMA0GCSqGSIb3DQEBCwUAA4IBAQBxbKN9GO2ui5CBmdB11NJ5HUmetzxbX/hk
He3DLWTAiWihbIZPzWIfqiKdJudTCiUQqPhx2X74/speHanp4dZQG7+dVSp9kCYZ
AcCkBf7q2ZiR6PxuSvFUSCTnJeVZYESHytb7Vgnal7cLHSbcfbl/uSTBUi8gaedN
9RIYxMOKkVOZdXbUZQZXzQlCh80m8Y+CGYlqWdSyZr1BrDkfOJRQM+PX00AhQWHp
o7L6KwnIffahVmqY1lduassFByqW924PsAQcMx4jNX9Bhw8pLyF2HBK6A8izRQYh
d3qSl4P02gkZ/XdyKESRWHDeb9maiz0s9txoalkTvbBOXa/dThpo
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:55 2025 by rpki-client