Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS212276.roa
File: AS212276.roa (raw, json)
Hash identifier: H3DV2wp+oINWGLIzlxsym42ZL+DCTSkgvlS2ujbsQpg=
Subject key identifier: B8:BE:3C:FE:19:7F:09:C1:11:26:B0:7E:CB:C2:9E:C3:32:D0:7C:0B
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 35C43DB5F992102F10481D5E2DF8D2D87C56725D
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS212276.roa
Signing time: Tue 20 Aug 2024 02:31:55 +0000
ROA not before: Tue 20 Aug 2024 02:26:55 +0000
ROA not after: Tue 19 Aug 2025 02:31:55 +0000
asID: 212276
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:c4:3d:b5:f9:92:10:2f:10:48:1d:5e:2d:f8:d2:d8:7c:56:72:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:55 2024 GMT
Not After : Aug 19 02:31:55 2025 GMT
Subject: CN=B8BE3CFE197F09C11126B07ECBC29EC332D07C0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c6:90:a8:7c:6d:9f:07:46:d5:22:46:e0:25:
ff:9e:c7:1a:6d:ea:90:af:cc:b9:06:6b:fc:bf:eb:
5d:2b:2d:8d:53:09:79:66:97:ef:96:8b:a4:e2:90:
51:98:72:f5:57:da:59:9d:c0:77:ea:d4:15:e1:f8:
fe:e9:01:96:fd:95:19:6e:dd:e6:18:86:39:2b:db:
81:21:4f:f4:0b:3e:d4:33:c7:eb:46:f2:4a:1d:b1:
04:b3:28:d6:05:cf:57:50:e9:f7:5c:3c:87:25:39:
9f:99:a4:d3:ef:7a:ea:7c:e4:ad:f2:44:5b:ba:e8:
5a:07:9c:b8:c4:47:0a:a4:b5:eb:dd:49:54:a9:fa:
84:d8:0d:fc:9b:d9:28:bd:46:4b:07:6b:24:ab:09:
e9:d7:9c:1e:ca:60:6e:64:45:f7:97:9e:6f:73:11:
16:b9:5b:50:47:82:15:c8:86:87:67:90:13:8e:a5:
8d:b1:df:f1:67:b0:c8:bc:c1:84:5c:f3:33:af:c6:
66:2a:b1:06:c3:f1:f0:54:0b:92:88:8f:02:0c:9a:
6c:18:7e:4d:39:a7:39:d6:6b:22:6f:22:a8:a0:13:
78:28:90:47:44:24:1d:79:bc:e8:03:a1:96:14:bf:
48:fe:09:ca:37:69:68:f6:b3:81:26:1e:4e:0b:b5:
6f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:BE:3C:FE:19:7F:09:C1:11:26:B0:7E:CB:C2:9E:C3:32:D0:7C:0B
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS212276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
4a:3e:03:4b:6d:b3:7c:9d:18:a1:7b:ca:3c:cb:53:7f:4d:88:
1d:91:bf:f6:99:a5:85:25:80:f0:9f:3c:cc:36:a4:28:6d:b8:
fc:af:3c:4e:5b:88:d2:e9:57:3c:b2:de:30:79:35:22:aa:7a:
8b:30:04:f5:b1:bd:53:c9:64:a9:27:45:f7:28:57:a7:1f:8c:
8f:d5:9a:e0:a2:66:7f:87:49:59:29:06:cb:70:77:4a:fb:40:
49:98:e3:01:32:52:95:3f:05:46:96:9b:9d:43:90:2e:7e:a6:
c7:59:5c:fe:07:96:07:67:18:30:01:13:3b:2d:4c:81:02:9f:
df:df:b1:25:73:ff:57:2b:24:29:a2:b8:7c:27:44:db:c7:b5:
e8:53:9f:9b:69:99:6d:4c:08:57:98:ef:7c:07:1d:c3:90:67:
0d:04:fb:a0:52:95:62:21:0f:0a:16:1d:24:47:fd:91:db:49:
76:90:eb:b5:99:c8:6c:e1:d0:28:92:2b:b5:83:6d:0e:a7:84:
59:83:28:0d:0a:88:37:85:e6:22:c7:97:44:95:96:f2:91:b5:
7f:ad:0d:58:cf:74:ea:1e:2d:d6:ae:99:6d:b9:ab:b7:22:5d:
f7:98:5b:9f:61:a6:fd:39:44:3e:d6:a6:0a:ba:8b:2d:56:ea:
c2:2b:6b:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUNcQ9tfmSEC8QSB1eLfjS2HxWcl0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTVaFw0yNTA4MTkwMjMxNTVaMDMxMTAvBgNV
BAMTKEI4QkUzQ0ZFMTk3RjA5QzExMTI2QjA3RUNCQzI5RUMzMzJEMDdDMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgxpCofG2fB0bVIkbgJf+exxpt
6pCvzLkGa/y/610rLY1TCXlml++Wi6TikFGYcvVX2lmdwHfq1BXh+P7pAZb9lRlu
3eYYhjkr24EhT/QLPtQzx+tG8kodsQSzKNYFz1dQ6fdcPIclOZ+ZpNPveup85K3y
RFu66FoHnLjERwqktevdSVSp+oTYDfyb2Si9RksHaySrCenXnB7KYG5kRfeXnm9z
ERa5W1BHghXIhodnkBOOpY2x3/FnsMi8wYRc8zOvxmYqsQbD8fBUC5KIjwIMmmwY
fk05pznWayJvIqigE3gokEdEJB15vOgDoZYUv0j+Cco3aWj2s4EmHk4LtW8VAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUuL48/hl/CcERJrB+y8KewzLQfAswHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjEyMjc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgdU
wrALMA0GCSqGSIb3DQEBCwUAA4IBAQBKPgNLbbN8nRihe8o8y1N/TYgdkb/2maWF
JYDwnzzMNqQobbj8rzxOW4jS6Vc8st4weTUiqnqLMAT1sb1TyWSpJ0X3KFenH4yP
1ZrgomZ/h0lZKQbLcHdK+0BJmOMBMlKVPwVGlpudQ5AufqbHWVz+B5YHZxgwARM7
LUyBAp/f37Elc/9XKyQporh8J0Tbx7XoU5+baZltTAhXmO98Bx3DkGcNBPugUpVi
IQ8KFh0kR/2R20l2kOu1mchs4dAokiu1g20Op4RZgygNCog3heYix5dElZbykbV/
rQ1Yz3TqHi3Wrpltuau3Il33mFufYab9OUQ+1qYKuostVurCK2tf
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:48 2025 by rpki-client