Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211350.roa
File: AS211350.roa (raw, json)
Hash identifier: O/wM3KXj3ix/xdQXuDHwhNyO4QXp7ZW1esVYcPoZ2Vs=
Subject key identifier: C3:CB:AB:45:B5:18:A9:62:58:7C:4D:C6:0A:1E:CE:0D:F6:C0:1B:97
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 6CEB51CB37AB3B15925D06E7F469017E97F22673
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211350.roa
Signing time: Fri 29 Nov 2024 22:30:34 +0000
ROA not before: Fri 29 Nov 2024 22:25:34 +0000
ROA not after: Fri 28 Nov 2025 22:30:34 +0000
asID: 211350
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
2a07:54c4:1755::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:eb:51:cb:37:ab:3b:15:92:5d:06:e7:f4:69:01:7e:97:f2:26:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Nov 29 22:25:34 2024 GMT
Not After : Nov 28 22:30:34 2025 GMT
Subject: CN=C3CBAB45B518A962587C4DC60A1ECE0DF6C01B97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:42:46:b0:7f:d6:71:dc:44:ef:e8:d1:48:2f:
91:06:c4:7e:d0:20:b8:1b:ed:2e:07:63:b8:cf:78:
2c:8b:22:e3:53:5e:2f:da:b5:1f:5d:b0:66:8a:02:
89:70:ee:c8:dd:5f:46:a6:3e:e3:cd:b4:ce:58:cd:
67:08:98:5d:f4:02:4a:21:17:94:64:80:7a:66:4f:
39:95:42:af:d4:62:0f:74:e9:67:45:22:84:25:66:
36:68:7b:1e:e0:11:d8:75:66:d0:d3:cf:eb:b3:a1:
26:97:de:fd:84:fd:07:ca:11:df:1c:fd:2f:20:30:
ac:7a:68:90:7c:04:30:de:a7:64:63:1d:0d:fe:62:
05:d2:b6:74:7e:87:84:2f:93:ec:b4:b1:1c:ff:15:
97:23:fb:35:11:e7:ba:96:42:e3:c3:36:2b:70:45:
f0:44:17:b7:76:58:50:73:05:2c:53:f9:37:9e:10:
01:f9:e2:59:49:58:d5:96:67:80:a1:76:67:15:e5:
24:25:f6:63:91:05:dc:18:8a:27:d9:38:df:8d:a2:
fd:65:0a:64:2a:ac:00:ea:71:c7:f1:da:0e:35:3a:
55:a4:4c:2d:35:6f:07:c3:e9:20:85:83:e0:40:4b:
0d:ac:d6:3c:e8:c5:ba:c7:e9:2b:06:7a:49:b5:7b:
5c:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:CB:AB:45:B5:18:A9:62:58:7C:4D:C6:0A:1E:CE:0D:F6:C0:1B:97
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211350.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
2a07:54c4:1755::/48
Signature Algorithm: sha256WithRSAEncryption
81:5f:68:51:bb:f9:4f:a3:ca:03:78:0c:f9:22:aa:52:01:4c:
95:53:ee:cb:b8:33:7b:e6:a9:88:b1:5f:80:9f:c9:e8:58:b5:
18:a0:39:88:b7:30:f0:b6:d3:62:8e:5d:54:d3:69:7c:b9:5c:
a0:45:53:84:79:5d:3b:0f:a1:47:4b:98:3a:5d:2e:23:44:98:
50:97:dc:36:e4:8f:07:ef:c1:9d:92:61:2f:ee:fc:06:03:89:
25:dc:7c:25:f1:86:65:b1:1e:31:ab:29:2a:5b:a4:88:aa:7e:
c5:3a:10:73:e1:50:cf:e2:57:7c:d9:98:b6:9f:d9:78:89:eb:
9e:b6:6e:d5:4b:18:a2:93:28:41:81:11:9d:33:e7:10:12:29:
c3:42:d3:5a:41:81:62:0d:fa:2d:51:95:77:f3:56:c2:a7:01:
58:49:51:fe:4a:62:f8:41:67:46:00:8a:0b:ff:60:87:4b:42:
cd:9e:56:d5:af:8b:74:14:7a:63:25:93:85:f8:d4:2d:45:6f:
3b:9e:80:81:69:b9:03:fb:6d:42:f1:ee:fd:2f:ce:2b:79:f7:
c7:b9:51:cc:32:c4:c7:0f:b2:12:38:ea:f7:17:1d:62:d1:42:
f2:30:72:bc:a0:0b:35:c4:8a:9e:e2:99:22:f1:62:da:0a:59:
b1:06:6e:a1
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUbOtRyzerOxWSXQbn9GkBfpfyJnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDExMjkyMjI1MzRaFw0yNTExMjgyMjMwMzRaMDMxMTAvBgNV
BAMTKEMzQ0JBQjQ1QjUxOEE5NjI1ODdDNERDNjBBMUVDRTBERjZDMDFCOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPQkawf9Zx3ETv6NFIL5EGxH7Q
ILgb7S4HY7jPeCyLIuNTXi/atR9dsGaKAolw7sjdX0amPuPNtM5YzWcImF30Akoh
F5RkgHpmTzmVQq/UYg906WdFIoQlZjZoex7gEdh1ZtDTz+uzoSaX3v2E/QfKEd8c
/S8gMKx6aJB8BDDep2RjHQ3+YgXStnR+h4Qvk+y0sRz/FZcj+zUR57qWQuPDNitw
RfBEF7d2WFBzBSxT+TeeEAH54llJWNWWZ4ChdmcV5SQl9mORBdwYiifZON+Nov1l
CmQqrADqccfx2g41OlWkTC01bwfD6SCFg+BASw2s1jzoxbrH6SsGekm1e1wFAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUw8urRbUYqWJYfE3GCh7ODfbAG5cwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjExMzUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgdU
wrALAwcAKgdUxBdVMA0GCSqGSIb3DQEBCwUAA4IBAQCBX2hRu/lPo8oDeAz5IqpS
AUyVU+7LuDN75qmIsV+An8noWLUYoDmItzDwttNijl1U02l8uVygRVOEeV07D6FH
S5g6XS4jRJhQl9w25I8H78GdkmEv7vwGA4kl3Hwl8YZlsR4xqykqW6SIqn7FOhBz
4VDP4ld82Zi2n9l4ieuetm7VSxiikyhBgRGdM+cQEinDQtNaQYFiDfotUZV381bC
pwFYSVH+SmL4QWdGAIoL/2CHS0LNnlbVr4t0FHpjJZOF+NQtRW87noCBabkD+21C
8e79L84reffHuVHMMsTHD7ISOOr3Fx1i0ULyMHK8oAs1xIqe4pki8WLaClmxBm6h
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:58 2025 by rpki-client