Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215382.roa
File: AS215382.roa (raw, json)
Hash identifier: EX2ADaTH2y57fys5wX4uQJ9A3ZBJ1kqALOn6eshZf1Q=
Subject key identifier: CB:E7:2D:FE:45:FA:4A:F9:54:23:1A:C2:D8:30:70:9F:3C:D0:4B:CA
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 1F93A76F26BA5890D5E7412BC3F9D9B8084E32B4
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215382.roa
Signing time: Thu 13 Feb 2025 20:06:18 +0000
ROA not before: Thu 13 Feb 2025 20:01:18 +0000
ROA not after: Thu 12 Feb 2026 20:06:18 +0000
asID: 215382
IP address blocks: 2a07:54c1:2100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:93:a7:6f:26:ba:58:90:d5:e7:41:2b:c3:f9:d9:b8:08:4e:32:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Feb 13 20:01:18 2025 GMT
Not After : Feb 12 20:06:18 2026 GMT
Subject: CN=CBE72DFE45FA4AF954231AC2D830709F3CD04BCA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ac:30:1d:63:69:25:ce:ec:48:5b:0b:77:72:
d1:b3:6e:ef:2c:1e:7d:2b:d0:67:2c:9e:83:94:6a:
28:1b:69:1d:00:ef:d4:26:a6:73:43:2c:9e:4a:8d:
8e:ae:1d:10:63:79:cf:ed:bb:90:36:ca:f7:8a:2c:
f9:78:df:c8:fd:99:b4:e7:c2:df:74:19:64:d3:47:
e7:5c:25:fb:fd:1d:b4:b1:3b:71:88:57:52:ce:98:
83:45:c8:c9:29:8f:19:dd:8b:ac:2a:64:8d:b7:c7:
80:4d:7e:a8:bf:bb:20:c0:f8:e3:c1:38:b4:24:93:
e8:5e:98:ec:48:e4:49:5d:66:18:bc:ca:cf:66:06:
a0:b1:70:a4:77:26:18:0f:94:03:a7:b8:43:78:d3:
26:26:97:1d:b6:8c:ad:3d:74:a9:fa:d5:49:12:21:
66:f3:97:3a:90:91:43:39:fa:09:d1:77:aa:f2:1d:
c7:2b:8e:93:d3:a3:20:ca:12:46:da:8b:6a:58:8d:
e1:f5:12:c9:b3:91:6d:64:c6:35:29:cc:60:b7:2e:
0d:73:b4:c8:f4:d3:45:02:ff:a3:2d:44:3b:12:4f:
a5:aa:79:79:b9:5d:cd:f5:8c:f9:6c:77:7b:02:2e:
d8:57:55:d7:a7:29:e1:f6:c9:9a:8a:50:5a:54:51:
87:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:E7:2D:FE:45:FA:4A:F9:54:23:1A:C2:D8:30:70:9F:3C:D0:4B:CA
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215382.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:2100::/40
Signature Algorithm: sha256WithRSAEncryption
25:a9:16:8b:ac:c9:d1:75:c8:73:a0:e9:aa:98:3d:8e:02:c4:
0a:48:97:ff:bb:9d:bc:93:32:84:95:02:2e:ef:40:30:4a:81:
41:8c:2c:e5:19:5a:11:86:c8:91:f7:42:12:f9:51:cc:09:24:
e3:94:48:32:c5:fe:a5:4c:cb:85:d4:fe:55:ea:3d:bb:78:ac:
cc:e0:9c:eb:94:0b:b8:e2:3b:8b:b9:4e:01:96:67:3c:02:21:
a2:12:d8:61:03:d6:db:98:ec:07:6f:68:bf:7a:29:5f:5e:5e:
44:e6:cc:b0:24:bf:17:34:58:2b:b1:36:37:fc:c2:3b:2a:f9:
82:1c:b3:ab:98:dd:3b:5b:fd:59:84:f4:ad:8b:8d:23:03:3f:
13:99:94:99:81:07:8a:64:a4:1d:2c:d2:79:2a:43:52:7c:99:
62:1f:23:92:f4:4b:1d:75:06:0d:a0:e2:c0:32:68:61:e0:da:
8d:14:14:7b:08:71:51:86:5f:2e:01:ea:e8:56:69:c4:80:78:
19:84:f7:e6:31:66:fd:95:83:24:dd:06:7e:da:ad:d4:a0:22:
69:5c:d1:ae:6e:06:b4:8d:c9:ad:1b:b8:aa:e8:78:6d:13:b6:
67:35:87:56:5c:31:23:36:ba:e9:70:db:75:94:8a:92:16:01:
d4:48:df:53
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUH5Onbya6WJDV50Erw/nZuAhOMrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAyMTMyMDAxMThaFw0yNjAyMTIyMDA2MThaMDMxMTAvBgNV
BAMTKENCRTcyREZFNDVGQTRBRjk1NDIzMUFDMkQ4MzA3MDlGM0NEMDRCQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHrDAdY2klzuxIWwt3ctGzbu8s
Hn0r0GcsnoOUaigbaR0A79QmpnNDLJ5KjY6uHRBjec/tu5A2yveKLPl438j9mbTn
wt90GWTTR+dcJfv9HbSxO3GIV1LOmINFyMkpjxndi6wqZI23x4BNfqi/uyDA+OPB
OLQkk+hemOxI5EldZhi8ys9mBqCxcKR3JhgPlAOnuEN40yYmlx22jK09dKn61UkS
IWbzlzqQkUM5+gnRd6ryHccrjpPToyDKEkbai2pYjeH1EsmzkW1kxjUpzGC3Lg1z
tMj000UC/6MtRDsST6WqeXm5Xc31jPlsd3sCLthXVdenKeH2yZqKUFpUUYf3AgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUy+ct/kX6SvlUIxrC2DBwnzzQS8owHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1MzgyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wSEwDQYJKoZIhvcNAQELBQADggEBACWpFousydF1yHOg6aqYPY4CxApIl/+7nbyT
MoSVAi7vQDBKgUGMLOUZWhGGyJH3QhL5UcwJJOOUSDLF/qVMy4XU/lXqPbt4rMzg
nOuUC7jiO4u5TgGWZzwCIaIS2GED1tuY7AdvaL96KV9eXkTmzLAkvxc0WCuxNjf8
wjsq+YIcs6uY3Ttb/VmE9K2LjSMDPxOZlJmBB4pkpB0s0nkqQ1J8mWIfI5L0Sx11
Bg2g4sAyaGHg2o0UFHsIcVGGXy4B6uhWacSAeBmE9+YxZv2VgyTdBn7ardSgImlc
0a5uBrSNya0buKroeG0Ttmc1h1ZcMSM2uulw23WUipIWAdRI31M=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:13 2025 by rpki-client