Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215243.roa
File: AS215243.roa (raw, json)
Hash identifier: eS6pRZzv/zdFB4Uc4bifAump07O/2QyvM+StBOCy2U4=
Subject key identifier: 71:A4:71:CB:D4:D3:D7:F7:DA:76:48:3A:FE:BA:D4:17:20:01:40:87
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 0E440CF4A56AA79267E35E93E7F1D901AD92C72B
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215243.roa
Signing time: Tue 25 Feb 2025 19:06:18 +0000
ROA not before: Tue 25 Feb 2025 19:01:18 +0000
ROA not after: Tue 24 Feb 2026 19:06:18 +0000
asID: 215243
IP address blocks: 2a07:54c4:18a0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:44:0c:f4:a5:6a:a7:92:67:e3:5e:93:e7:f1:d9:01:ad:92:c7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Feb 25 19:01:18 2025 GMT
Not After : Feb 24 19:06:18 2026 GMT
Subject: CN=71A471CBD4D3D7F7DA76483AFEBAD41720014087
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:f6:b6:1b:cd:d8:2e:16:60:05:60:26:a2:8c:
46:ac:eb:aa:c2:50:62:e4:75:94:bc:9f:a5:ec:63:
88:61:8d:eb:9f:84:cd:4e:97:ec:46:4d:3e:b1:c9:
7b:6d:70:36:b5:05:ba:02:c9:d9:2a:2c:3f:ce:6e:
66:9f:59:05:a8:f2:98:87:01:a9:cc:99:37:7a:b9:
5c:89:a1:71:73:05:1f:6d:29:96:7c:a8:2b:ff:63:
b0:6c:c8:38:31:9a:b7:09:95:52:0d:68:b2:4c:40:
84:0e:97:4d:a4:7d:2b:18:f4:b2:2f:20:c2:c2:cf:
55:92:d4:e7:a7:cc:8d:64:a0:d1:69:f6:f8:a3:06:
be:f1:de:bc:e6:c0:33:a0:b6:37:c4:7a:bd:a3:5c:
f0:fb:62:c5:a6:99:ef:84:b3:76:d0:21:2e:a7:1d:
cc:84:8a:56:08:41:d9:91:04:54:05:2b:9a:bb:30:
43:1f:c4:f0:9c:6e:19:64:20:c5:96:ba:d8:8b:d1:
b4:e2:18:b0:67:f4:8d:b8:1f:93:0f:d8:75:c3:b7:
75:4b:f3:fe:27:12:0f:d0:a5:3a:91:5e:c2:91:e4:
c9:45:a7:ea:95:77:56:d2:f6:73:27:de:b9:f2:c2:
8f:6f:01:d5:6a:7f:ea:9d:1e:c0:ff:83:e0:48:b1:
8e:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A4:71:CB:D4:D3:D7:F7:DA:76:48:3A:FE:BA:D4:17:20:01:40:87
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215243.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:18a0::/44
Signature Algorithm: sha256WithRSAEncryption
4d:90:eb:85:28:6b:71:32:66:ab:fb:c3:67:80:03:96:25:8c:
77:53:91:30:04:48:3f:ff:79:dc:23:7c:d3:47:36:fd:87:64:
e2:24:a2:23:b1:43:a1:37:c2:6d:3c:05:9f:88:3a:3c:7c:b9:
0e:15:37:4f:d2:9b:9a:fd:8f:c1:e4:b6:c2:44:76:35:c3:fb:
6f:36:70:80:a2:74:93:ed:ad:22:68:95:b4:e9:82:09:f0:70:
94:b8:6b:93:32:ae:ca:8c:70:b5:f3:2d:2a:85:0a:d6:f2:c4:
b0:1d:37:49:48:c2:09:4f:da:2b:70:fd:28:42:a9:33:18:85:
74:08:d6:48:e5:73:02:d3:5d:9c:41:5a:b7:85:b9:ae:13:e6:
f5:22:06:9a:01:05:a8:b0:9b:b5:e5:51:d1:4c:ad:4b:b9:85:
d2:fd:6e:67:22:05:75:1a:7e:1f:8c:17:30:1e:dd:5c:f0:92:
2b:b2:59:9e:3e:20:3d:3e:e1:ee:06:21:fe:91:26:f7:d6:78:
79:cc:e9:30:8a:99:25:93:bc:ec:e9:52:fb:7a:07:fb:66:4e:
f4:41:9d:68:bf:d0:65:54:51:aa:dd:c7:78:0b:b2:57:62:56:
f6:b9:4a:d9:26:56:69:78:b3:2f:54:b0:38:6f:cc:13:4d:10:
9e:a1:7c:27
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDkQM9KVqp5Jn416T5/HZAa2SxyswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAyMjUxOTAxMThaFw0yNjAyMjQxOTA2MThaMDMxMTAvBgNV
BAMTKDcxQTQ3MUNCRDREM0Q3RjdEQTc2NDgzQUZFQkFENDE3MjAwMTQwODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp9rYbzdguFmAFYCaijEas66rC
UGLkdZS8n6XsY4hhjeufhM1Ol+xGTT6xyXttcDa1BboCydkqLD/ObmafWQWo8piH
AanMmTd6uVyJoXFzBR9tKZZ8qCv/Y7BsyDgxmrcJlVINaLJMQIQOl02kfSsY9LIv
IMLCz1WS1OenzI1koNFp9vijBr7x3rzmwDOgtjfEer2jXPD7YsWmme+Es3bQIS6n
HcyEilYIQdmRBFQFK5q7MEMfxPCcbhlkIMWWutiL0bTiGLBn9I24H5MP2HXDt3VL
8/4nEg/QpTqRXsKR5MlFp+qVd1bS9nMn3rnywo9vAdVqf+qdHsD/g+BIsY5FAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcaRxy9TT1/fadkg6/rrUFyABQIcwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1MjQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgdU
xBigMA0GCSqGSIb3DQEBCwUAA4IBAQBNkOuFKGtxMmar+8NngAOWJYx3U5EwBEg/
/3ncI3zTRzb9h2TiJKIjsUOhN8JtPAWfiDo8fLkOFTdP0pua/Y/B5LbCRHY1w/tv
NnCAonST7a0iaJW06YIJ8HCUuGuTMq7KjHC18y0qhQrW8sSwHTdJSMIJT9orcP0o
QqkzGIV0CNZI5XMC012cQVq3hbmuE+b1IgaaAQWosJu15VHRTK1LuYXS/W5nIgV1
Gn4fjBcwHt1c8JIrslmePiA9PuHuBiH+kSb31nh5zOkwipklk7zs6VL7egf7Zk70
QZ1ov9BlVFGq3cd4C7JXYlb2uUrZJlZpeLMvVLA4b8wTTRCeoXwn
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:57 2025 by rpki-client