Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209806.roa
File: AS209806.roa (raw, json)
Hash identifier: 8KY1DBZUQ8iCbHUfCoKXxXq1feo1ysD96cKvqKI3Fd8=
Subject key identifier: B5:9E:CD:37:F9:EC:DC:EA:74:A9:BB:3D:43:1A:32:3A:82:EE:AF:19
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 063AED20D2AF7F181A8BDBF96569AA1E28A94274
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209806.roa
Signing time: Sat 14 Dec 2024 15:30:34 +0000
ROA not before: Sat 14 Dec 2024 15:25:34 +0000
ROA not after: Sat 13 Dec 2025 15:30:34 +0000
asID: 209806
IP address blocks: 2a07:54c4:d100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:3a:ed:20:d2:af:7f:18:1a:8b:db:f9:65:69:aa:1e:28:a9:42:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Dec 14 15:25:34 2024 GMT
Not After : Dec 13 15:30:34 2025 GMT
Subject: CN=B59ECD37F9ECDCEA74A9BB3D431A323A82EEAF19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e8:7c:12:c7:d5:2e:cd:21:ce:46:e4:af:5c:
aa:eb:a0:60:53:55:1d:d1:fe:eb:ba:20:51:34:b8:
f4:58:94:72:19:71:ce:b5:76:aa:6b:39:2b:fb:fc:
55:88:e7:d1:f1:02:fb:ce:7f:c6:38:45:ed:5c:86:
9d:01:7e:0b:5c:6e:4b:25:2c:a6:9f:03:3b:59:e1:
cf:7a:dd:d6:9c:4f:49:e5:f1:55:78:37:cd:ab:cc:
4d:2f:7f:8d:06:65:00:71:e6:2a:a4:1d:0e:67:44:
a9:6b:ba:6f:a6:15:b4:1c:ab:44:9e:36:66:99:03:
71:b0:f9:08:37:79:2f:47:c0:d6:72:09:c6:43:d2:
03:10:c6:d7:82:62:b8:98:b8:f0:97:78:bf:d0:28:
b7:ed:00:e3:60:3f:f3:19:6d:05:9a:34:17:e8:e6:
49:01:c4:dd:c9:d9:8a:04:52:f8:1b:ab:97:f3:60:
87:e5:f5:7a:1a:5b:bb:dd:82:5a:ae:41:7d:1d:ea:
83:cd:e8:f9:cc:b1:2c:f2:5b:21:8d:82:9a:a9:b8:
ac:8a:8c:29:93:88:f2:df:d4:0f:ac:10:26:68:a6:
0d:4a:de:27:8f:46:e7:5b:09:f2:64:9c:40:5e:2a:
18:36:9a:a7:d7:64:f8:9b:7f:80:b6:d1:23:64:fd:
fe:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9E:CD:37:F9:EC:DC:EA:74:A9:BB:3D:43:1A:32:3A:82:EE:AF:19
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS209806.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:d100::/40
Signature Algorithm: sha256WithRSAEncryption
09:0a:c2:73:78:bb:29:b5:e9:3d:3c:c4:34:a5:b9:dd:d5:46:
3a:b8:45:42:19:da:61:d3:90:0b:dc:e7:99:7c:a0:42:a5:82:
cc:b1:c6:bd:c2:29:09:52:81:b7:36:86:d5:47:cd:74:58:25:
92:17:62:0f:4e:01:47:b1:b9:88:36:f3:60:21:ce:1a:fd:11:
31:c6:36:63:fe:b1:4e:94:e2:5c:e9:4f:e8:4c:45:d6:6f:fe:
a5:37:7d:82:3d:07:80:2c:04:b1:d1:e9:ed:2c:c2:50:6d:50:
ef:9d:36:8b:7d:28:25:44:5c:10:98:a8:7b:d8:63:c6:ed:19:
d7:ac:6d:43:d5:97:b8:1d:36:2a:99:4d:ae:d5:e5:6c:a2:17:
63:f7:f9:c8:7f:18:71:22:f1:3b:31:30:e6:a0:f6:eb:4b:28:
19:95:df:d3:cc:62:fc:e0:6e:63:62:05:2f:34:a2:8b:8c:e2:
0c:14:db:fa:13:0f:dd:8b:79:d0:12:46:cd:e0:01:40:c6:a4:
ba:76:72:7e:3c:02:04:73:79:cd:44:f7:9c:eb:3d:b0:17:dc:
86:9e:93:a1:52:29:87:7d:b7:0f:05:50:a4:e8:ec:3b:8f:68:
e0:e3:57:48:b7:a6:74:92:0d:f1:d5:da:d8:9f:26:76:24:a9:
e3:8f:a4:31
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUBjrtINKvfxgai9v5ZWmqHiipQnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDEyMTQxNTI1MzRaFw0yNTEyMTMxNTMwMzRaMDMxMTAvBgNV
BAMTKEI1OUVDRDM3RjlFQ0RDRUE3NEE5QkIzRDQzMUEzMjNBODJFRUFGMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC36HwSx9UuzSHORuSvXKrroGBT
VR3R/uu6IFE0uPRYlHIZcc61dqprOSv7/FWI59HxAvvOf8Y4Re1chp0Bfgtcbksl
LKafAztZ4c963dacT0nl8VV4N82rzE0vf40GZQBx5iqkHQ5nRKlrum+mFbQcq0Se
NmaZA3Gw+Qg3eS9HwNZyCcZD0gMQxteCYriYuPCXeL/QKLftAONgP/MZbQWaNBfo
5kkBxN3J2YoEUvgbq5fzYIfl9XoaW7vdglquQX0d6oPN6PnMsSzyWyGNgpqpuKyK
jCmTiPLf1A+sECZopg1K3iePRudbCfJknEBeKhg2mqfXZPibf4C20SNk/f7vAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUtZ7NN/ns3Op0qbs9QxoyOoLurxkwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjA5ODA2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
xNEwDQYJKoZIhvcNAQELBQADggEBAAkKwnN4uym16T08xDSlud3VRjq4RUIZ2mHT
kAvc55l8oEKlgsyxxr3CKQlSgbc2htVHzXRYJZIXYg9OAUexuYg282Ahzhr9ETHG
NmP+sU6U4lzpT+hMRdZv/qU3fYI9B4AsBLHR6e0swlBtUO+dNot9KCVEXBCYqHvY
Y8btGdesbUPVl7gdNiqZTa7V5WyiF2P3+ch/GHEi8TsxMOag9utLKBmV39PMYvzg
bmNiBS80oouM4gwU2/oTD92LedASRs3gAUDGpLp2cn48AgRzec1E95zrPbAX3Iae
k6FSKYd9tw8FUKTo7DuPaODjV0i3pnSSDfHV2tifJnYkqeOPpDE=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:45 2025 by rpki-client