Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209718.roa
File: AS209718.roa (raw, json)
Hash identifier: rgjjobmCrpN5Zp1CN4pq36INjqoHrV1/X0U+ZWUtL+Y=
Subject key identifier: B8:10:9C:24:1F:33:85:8C:5A:F7:A7:6A:F9:FB:93:59:BB:A8:9F:16
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 33AC84113C4A8CDB7203F854B5E4536FDD07675E
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209718.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 209718
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ac:84:11:3c:4a:8c:db:72:03:f8:54:b5:e4:53:6f:dd:07:67:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=B8109C241F33858C5AF7A76AF9FB9359BBA89F16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a3:d2:23:df:48:60:20:01:c7:d9:9e:a3:7f:
cc:f4:76:36:48:f0:24:92:3f:d8:bb:cc:57:27:31:
39:09:65:ab:f5:8b:2e:0a:50:0b:29:d7:98:c0:86:
76:df:5b:10:77:7a:f0:cb:75:fd:83:0d:3b:d3:56:
fe:77:b5:c4:aa:46:f0:49:d6:26:e7:50:15:3f:6a:
a8:8f:e4:76:47:1d:71:ae:a4:f1:ac:ee:89:8d:df:
41:77:45:09:cd:8b:f2:53:69:1f:3a:8d:e2:8d:64:
65:bd:d5:9c:66:ba:ec:f4:d1:60:e7:86:4c:93:b0:
67:f2:f8:ac:0f:37:e4:84:38:66:2f:e3:f5:e6:b2:
4e:b0:1c:25:f7:b9:3a:cf:a9:19:67:65:12:30:32:
41:c9:a3:7e:52:0a:13:89:3e:ee:1e:85:a4:72:4f:
32:37:ae:f3:43:24:ae:8c:8a:3b:59:3e:d5:69:d0:
b8:a9:44:53:da:f6:ef:69:10:53:69:af:90:f9:0a:
24:5d:4b:4e:66:8e:39:61:f4:a6:ae:52:51:36:be:
ab:67:a3:4c:7b:2f:8a:5e:b0:59:c1:77:d0:24:d4:
8f:5b:66:e1:dd:be:02:10:86:6b:77:f8:e4:8b:9e:
62:a8:ea:ac:ca:fd:0a:71:1a:f7:b6:aa:bf:1f:5d:
35:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:10:9C:24:1F:33:85:8C:5A:F7:A7:6A:F9:FB:93:59:BB:A8:9F:16
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209718.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
45:6a:c3:e3:2c:68:24:79:94:01:cf:68:2f:03:10:78:ca:85:
64:e5:ad:1b:6f:66:5a:9a:a4:ef:4c:c7:e3:a7:63:d0:50:b7:
fb:e2:7d:1b:2e:a3:a8:31:38:91:40:11:1a:32:d5:d9:86:fe:
4c:63:eb:63:0c:5e:98:b3:db:c2:91:cc:81:c2:e8:3b:83:32:
ad:bc:4d:71:71:82:94:a0:fe:f4:0b:f0:a7:29:f0:c0:40:3a:
c5:1f:e4:c2:2f:17:fe:31:05:41:a3:60:63:97:3c:b5:ae:08:
97:6d:6f:cb:ad:ad:6b:fa:18:16:f0:85:76:e8:de:4f:cd:80:
d3:54:d7:dc:c8:30:a3:67:9b:4e:23:e6:8f:d4:99:51:f1:f3:
73:a1:2d:46:c2:e1:f1:4c:64:68:2a:64:b1:2b:76:55:8f:ba:
71:fc:06:3d:70:3e:f8:87:f6:ae:84:b7:6f:60:65:36:12:f1:
86:66:cb:d8:35:c3:87:2e:96:35:c9:6a:4f:f9:f0:d5:14:56:
02:55:11:19:82:d7:bb:d1:2d:4d:1c:1b:84:f3:d6:7b:be:af:
1d:df:ab:af:55:75:ae:d0:92:44:c4:24:79:43:db:3b:c9:86:
7c:91:83:04:2a:b4:3c:2a:dc:56:e9:e0:17:56:e6:9d:0a:4a:
70:b1:9c:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUM6yEETxKjNtyA/hUteRTb90HZ14wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKEI4MTA5QzI0MUYzMzg1OEM1QUY3QTc2QUY5RkI5MzU5QkJBODlGMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKo9Ij30hgIAHH2Z6jf8z0djZI
8CSSP9i7zFcnMTkJZav1iy4KUAsp15jAhnbfWxB3evDLdf2DDTvTVv53tcSqRvBJ
1ibnUBU/aqiP5HZHHXGupPGs7omN30F3RQnNi/JTaR86jeKNZGW91Zxmuuz00WDn
hkyTsGfy+KwPN+SEOGYv4/Xmsk6wHCX3uTrPqRlnZRIwMkHJo35SChOJPu4ehaRy
TzI3rvNDJK6MijtZPtVp0LipRFPa9u9pEFNpr5D5CiRdS05mjjlh9KauUlE2vqtn
o0x7L4pesFnBd9Ak1I9bZuHdvgIQhmt3+OSLnmKo6qzK/QpxGve2qr8fXTUlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuBCcJB8zhYxa96dq+fuTWbuonxYwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA5NzE4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBFasPjLGgkeZQBz2gvAxB4yoVk5a0bb2Za
mqTvTMfjp2PQULf74n0bLqOoMTiRQBEaMtXZhv5MY+tjDF6Ys9vCkcyBwug7gzKt
vE1xcYKUoP70C/CnKfDAQDrFH+TCLxf+MQVBo2Bjlzy1rgiXbW/Lra1r+hgW8IV2
6N5PzYDTVNfcyDCjZ5tOI+aP1JlR8fNzoS1GwuHxTGRoKmSxK3ZVj7px/AY9cD74
h/auhLdvYGU2EvGGZsvYNcOHLpY1yWpP+fDVFFYCVREZgte70S1NHBuE89Z7vq8d
36uvVXWu0JJExCR5Q9s7yYZ8kYMEKrQ8KtxW6eAXVuadCkpwsZyd
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:55 2025 by rpki-client