Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215192.roa
File: AS215192.roa (raw, json)
Hash identifier: AwlY2DjOEWqMyydXtstFokDI8tTiXnJ15OfJiKcl/vk=
Subject key identifier: 37:5D:6C:2F:6B:F4:85:80:F4:B1:66:B9:0E:9E:A4:0A:CE:06:BB:D2
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 0DF5CF7031BAE3196DF82D4D909044CC9C78D608
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215192.roa
Signing time: Wed 19 Mar 2025 18:06:26 +0000
ROA not before: Wed 19 Mar 2025 18:01:26 +0000
ROA not after: Wed 18 Mar 2026 18:06:26 +0000
asID: 215192
IP address blocks: 2a07:54c1:c200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:f5:cf:70:31:ba:e3:19:6d:f8:2d:4d:90:90:44:cc:9c:78:d6:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Mar 19 18:01:26 2025 GMT
Not After : Mar 18 18:06:26 2026 GMT
Subject: CN=375D6C2F6BF48580F4B166B90E9EA40ACE06BBD2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:60:66:d9:ff:30:a3:05:a3:ed:4c:15:23:09:
09:b7:49:d0:c8:74:83:2f:58:b9:f1:b6:46:12:42:
39:af:89:9f:77:a5:a4:34:a2:5b:64:8d:7c:37:aa:
a7:0e:97:d9:da:c6:b4:c0:06:64:f1:64:bb:f4:a1:
f2:34:a8:80:84:25:17:19:94:99:af:6b:4b:7b:fb:
99:3b:c8:2f:a5:95:9a:a3:a7:1e:80:92:36:66:24:
b2:f7:95:ea:b5:84:b9:83:5a:ff:6b:c4:ef:7e:d6:
37:2c:6b:df:ca:19:79:2c:8c:b3:6e:cd:39:63:df:
b2:bb:45:0d:a1:0d:f0:0e:df:ed:9d:fc:88:9b:91:
7c:be:d9:4c:09:72:b2:c0:ba:af:2f:f7:69:1a:0a:
c5:a8:01:03:ca:7e:cd:7d:61:07:cb:20:d1:da:e5:
30:41:75:7b:18:91:08:78:67:b4:cf:3b:46:b2:72:
f7:77:4a:36:9f:c0:f3:ef:e3:3b:f7:ab:f7:e1:e9:
1e:fb:d9:2c:ac:bf:96:26:0d:10:ce:d7:45:21:74:
7e:8b:8b:f2:a1:94:be:c8:11:aa:1b:0c:bb:df:3b:
c7:ec:70:7c:47:1e:70:8f:ec:4b:04:a9:94:4d:6d:
b8:9a:c5:e3:19:ee:18:dc:1d:08:aa:d7:6e:ed:e9:
7f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5D:6C:2F:6B:F4:85:80:F4:B1:66:B9:0E:9E:A4:0A:CE:06:BB:D2
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215192.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:c200::/40
Signature Algorithm: sha256WithRSAEncryption
16:c5:87:a1:c9:8c:5e:13:86:1e:a7:1f:55:0b:23:3e:89:7d:
f1:35:e1:1f:4b:db:1c:f9:9e:62:56:ee:4e:c7:54:9e:79:32:
b2:44:0e:80:3a:ad:c3:f7:d0:fb:9d:9e:2b:f4:4f:56:05:b8:
42:4c:1e:4c:67:82:44:f4:45:bc:95:01:ea:e7:1a:85:ce:0c:
a3:39:c2:4b:5f:d8:a9:07:d9:54:06:43:d5:a3:0c:16:b7:48:
21:f9:89:3c:f1:42:84:c7:b4:d5:d8:76:68:eb:88:48:0b:a6:
92:1d:09:1d:01:d9:de:3a:6c:59:e6:60:6c:56:85:75:98:0d:
2f:4b:83:64:84:f5:b0:c7:9e:ee:d2:54:7f:10:ae:ff:e2:24:
8e:cf:6c:79:15:27:43:8f:38:ad:67:a6:5f:ab:3a:07:60:c0:
95:a5:aa:e2:d1:47:f6:0b:e0:8e:0a:96:96:ba:fa:0e:ef:7f:
a2:35:85:2c:23:37:25:45:94:da:f0:12:60:f4:9b:3e:63:0f:
aa:99:63:05:ba:d6:34:9a:c9:e8:8c:10:17:a4:9e:4b:17:93:
ff:1d:f7:e5:fb:63:cb:ae:c0:9e:39:af:45:b0:62:50:aa:c8:
4c:3f:3b:80:3b:71:cd:94:89:49:b6:6a:a9:10:87:84:65:24:
f2:01:e4:57
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUDfXPcDG64xlt+C1NkJBEzJx41ggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAzMTkxODAxMjZaFw0yNjAzMTgxODA2MjZaMDMxMTAvBgNV
BAMTKDM3NUQ2QzJGNkJGNDg1ODBGNEIxNjZCOTBFOUVBNDBBQ0UwNkJCRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBYGbZ/zCjBaPtTBUjCQm3SdDI
dIMvWLnxtkYSQjmviZ93paQ0oltkjXw3qqcOl9naxrTABmTxZLv0ofI0qICEJRcZ
lJmva0t7+5k7yC+llZqjpx6AkjZmJLL3leq1hLmDWv9rxO9+1jcsa9/KGXksjLNu
zTlj37K7RQ2hDfAO3+2d/IibkXy+2UwJcrLAuq8v92kaCsWoAQPKfs19YQfLINHa
5TBBdXsYkQh4Z7TPO0aycvd3SjafwPPv4zv3q/fh6R772Sysv5YmDRDO10UhdH6L
i/KhlL7IEaobDLvfO8fscHxHHnCP7EsEqZRNbbiaxeMZ7hjcHQiq127t6X9LAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUN11sL2v0hYD0sWa5Dp6kCs4Gu9IwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1MTkyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wcIwDQYJKoZIhvcNAQELBQADggEBABbFh6HJjF4Thh6nH1ULIz6JffE14R9L2xz5
nmJW7k7HVJ55MrJEDoA6rcP30Pudniv0T1YFuEJMHkxngkT0RbyVAernGoXODKM5
wktf2KkH2VQGQ9WjDBa3SCH5iTzxQoTHtNXYdmjriEgLppIdCR0B2d46bFnmYGxW
hXWYDS9Lg2SE9bDHnu7SVH8Qrv/iJI7PbHkVJ0OPOK1npl+rOgdgwJWlquLRR/YL
4I4Klpa6+g7vf6I1hSwjNyVFlNrwEmD0mz5jD6qZYwW61jSayeiMEBeknksXk/8d
9+X7Y8uuwJ45r0WwYlCqyEw/O4A7cc2UiUm2aqkQh4RlJPIB5Fc=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:54 2025 by rpki-client