Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211380.roa
File: AS211380.roa (raw, json)
Hash identifier: RooAyO7avC4ohwMwdDiXshJseLWWF+mGFrEcZKVzgKs=
Subject key identifier: 40:12:99:79:3B:3D:9D:84:4A:07:F4:52:0A:68:77:53:45:2B:65:3F
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 57EC6084D97A2DCB78A7104771ABF9690A52D5C6
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211380.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 211380
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:ec:60:84:d9:7a:2d:cb:78:a7:10:47:71:ab:f9:69:0a:52:d5:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=401299793B3D9D844A07F4520A687753452B653F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:be:45:c0:d7:52:72:fc:df:d7:87:70:20:4d:
2d:d3:4d:9f:98:b6:c6:75:50:6f:d3:1c:b7:6d:ea:
55:27:8a:12:15:ef:ad:99:f8:a8:29:9c:1a:ae:b3:
53:8a:d8:a1:82:e5:09:3c:d3:9f:54:4a:ce:78:34:
65:37:a2:d8:2f:05:a6:c3:86:c3:ef:9e:81:4b:00:
11:a1:e5:b8:02:07:c9:05:0d:ac:9f:35:c5:2b:e5:
fb:b9:33:2b:3e:13:c2:6b:11:33:1e:bd:f0:a6:4d:
c1:74:69:37:3a:53:7d:c2:4b:11:31:e9:8a:6f:27:
d3:3b:62:be:0c:95:58:04:3d:f1:69:ff:08:fb:d6:
14:d7:17:dc:09:e1:94:00:de:f3:78:e0:bb:cf:55:
94:a2:b4:89:a5:e8:54:6d:bb:46:3d:4d:cd:48:b0:
70:44:12:f1:ec:6f:47:4e:9a:33:e5:29:82:8a:b9:
45:fc:c2:3e:35:f1:b1:69:86:b9:be:b5:30:f2:13:
c8:0f:e9:78:12:e9:bc:70:d9:68:8b:64:3f:cb:ce:
b4:eb:58:9d:4b:8b:03:0a:4e:00:d5:5d:6e:a5:a1:
04:df:dc:74:f3:fb:89:68:e8:5f:b2:c6:96:8a:79:
0c:af:ee:6f:22:f9:3d:d9:c9:cf:c3:99:9c:6f:c0:
fe:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:12:99:79:3B:3D:9D:84:4A:07:F4:52:0A:68:77:53:45:2B:65:3F
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS211380.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
02:5e:2c:07:4a:c8:bb:ac:f1:2c:60:12:76:07:5f:94:fa:67:
08:c8:0a:ae:8e:3c:3e:df:7a:2d:a0:5c:30:11:fa:28:38:93:
66:1d:08:5d:b1:40:17:4d:80:5b:b4:c6:43:be:d8:22:03:e7:
fa:05:ac:77:af:81:54:23:43:ce:0e:b1:e2:fb:c3:f6:45:56:
e4:a9:37:d7:b1:0b:1e:17:01:89:f7:66:78:12:16:60:7d:a7:
d2:a8:d6:d2:5e:37:29:33:76:d7:29:a2:cd:47:d7:e3:a0:83:
8e:28:dd:8f:9c:46:99:cd:f8:33:2c:23:89:1a:b2:21:21:33:
53:c0:38:46:6b:9e:bc:c9:1c:ed:63:29:12:3b:96:99:c9:ae:
f5:ae:6c:dc:af:6f:e6:f7:7e:05:d3:5c:91:09:e4:4c:31:32:
43:a1:8e:e2:5b:09:ca:50:db:dd:fe:42:d8:e4:77:16:f0:6d:
23:8c:a9:68:53:3a:14:f5:f6:55:9d:d0:75:df:c7:8d:fd:4b:
ec:88:ef:b8:bd:db:3e:27:58:b4:c2:a4:bc:d0:96:ac:fe:4c:
18:f8:ed:81:7c:71:78:51:65:4d:ec:2c:f3:9a:f7:82:74:0c:
43:e4:d4:ea:2f:7b:69:d9:e5:5d:49:91:5b:fe:a5:62:35:a3:
f2:b7:e4:d7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUV+xghNl6Lct4pxBHcav5aQpS1cYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKDQwMTI5OTc5M0IzRDlEODQ0QTA3RjQ1MjBBNjg3NzUzNDUyQjY1M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDevkXA11Jy/N/Xh3AgTS3TTZ+Y
tsZ1UG/THLdt6lUnihIV762Z+KgpnBqus1OK2KGC5Qk8059USs54NGU3otgvBabD
hsPvnoFLABGh5bgCB8kFDayfNcUr5fu5Mys+E8JrETMevfCmTcF0aTc6U33CSxEx
6YpvJ9M7Yr4MlVgEPfFp/wj71hTXF9wJ4ZQA3vN44LvPVZSitIml6FRtu0Y9Tc1I
sHBEEvHsb0dOmjPlKYKKuUX8wj418bFphrm+tTDyE8gP6XgS6bxw2WiLZD/LzrTr
WJ1LiwMKTgDVXW6loQTf3HTz+4lo6F+yxpaKeQyv7m8i+T3Zyc/DmZxvwP7ZAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQBKZeTs9nYRKB/RSCmh3U0UrZT8wHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjExMzgwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQACXiwHSsi7rPEsYBJ2B1+U+mcIyAqujjw+
33otoFwwEfooOJNmHQhdsUAXTYBbtMZDvtgiA+f6Bax3r4FUI0PODrHi+8P2RVbk
qTfXsQseFwGJ92Z4EhZgfafSqNbSXjcpM3bXKaLNR9fjoIOOKN2PnEaZzfgzLCOJ
GrIhITNTwDhGa568yRztYykSO5aZya71rmzcr2/m934F01yRCeRMMTJDoY7iWwnK
UNvd/kLY5HcW8G0jjKloUzoU9fZVndB138eN/UvsiO+4vds+J1i0wqS80Jas/kwY
+O2BfHF4UWVN7CzzmveCdAxD5NTqL3tp2eVdSZFb/qViNaPyt+TX
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:47 2025 by rpki-client