Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa
File: AS215665.roa (raw, json)
Hash identifier: Nm7xtK1JfZMTpTSFTTBICT1bGIFnkdGuWpSHwuAxbU0=
Subject key identifier: A8:5E:00:5C:E2:9F:12:D2:15:97:BA:66:AA:08:27:C1:36:22:CA:C3
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 66479C06631699018050A7868358D2AF36C05354
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa
Signing time: Wed 25 Dec 2024 14:30:34 +0000
ROA not before: Wed 25 Dec 2024 14:25:34 +0000
ROA not after: Wed 24 Dec 2025 14:30:34 +0000
asID: 215665
IP address blocks: 2a07:54c1:4700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:47:9c:06:63:16:99:01:80:50:a7:86:83:58:d2:af:36:c0:53:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Dec 25 14:25:34 2024 GMT
Not After : Dec 24 14:30:34 2025 GMT
Subject: CN=A85E005CE29F12D21597BA66AA0827C13622CAC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:26:54:ac:ec:06:2e:59:86:ea:1f:00:72:
0f:c6:df:fa:4f:6f:88:a8:6e:31:f7:50:fd:f5:07:
dd:81:2b:83:c4:fe:9e:8e:66:9b:6e:60:d2:a2:65:
93:4e:41:04:4c:af:6f:5f:66:c3:c2:ce:2c:f1:3c:
75:01:07:fb:bb:f1:53:9d:21:3b:de:75:6f:2a:59:
49:a2:b6:f2:5a:c3:42:53:ce:82:dc:4c:69:00:cb:
97:49:f0:42:ff:80:b7:77:8e:ca:b6:d7:e3:ee:c3:
27:7d:6f:99:61:e1:f2:62:75:fd:b9:73:ab:95:e0:
dd:78:37:79:67:8e:70:0b:82:59:fe:21:47:4a:53:
2a:56:61:2d:c7:09:ce:dd:44:60:85:80:54:2c:83:
6d:6a:0a:c1:ef:ed:25:72:5f:88:ec:10:04:58:27:
ec:fc:3d:ac:e2:3e:ac:e8:da:0e:89:28:ad:8b:a4:
02:3a:2a:9c:36:b8:a9:e3:53:bf:c7:c9:c9:d1:02:
24:81:15:2a:f4:79:2b:9f:46:09:94:c4:4d:20:6b:
f6:be:77:38:02:17:b7:ed:0c:fe:b1:76:f0:28:28:
de:cb:03:3e:c7:10:56:1e:a1:ca:b4:f4:58:9f:fc:
0f:13:c8:a3:db:63:46:bd:9b:f9:46:10:fa:39:01:
19:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5E:00:5C:E2:9F:12:D2:15:97:BA:66:AA:08:27:C1:36:22:CA:C3
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS215665.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:4700::/40
Signature Algorithm: sha256WithRSAEncryption
b5:52:22:74:7a:98:89:d9:93:fa:0b:55:eb:d3:6f:5c:eb:aa:
f4:cb:4b:ea:07:f2:3b:db:da:e4:d1:41:fd:dd:57:d0:4a:38:
76:89:3b:22:3a:d2:0e:ce:d0:8d:d2:0e:ac:db:8c:64:4f:ff:
ad:0b:f0:12:57:c1:1e:d9:02:74:a3:75:e3:f3:00:3f:05:d2:
4f:64:ac:ea:f7:17:54:c2:12:0d:dd:9d:a4:e6:6b:6b:9f:43:
ab:4a:32:9a:60:34:c7:bb:8d:bc:5a:06:85:e6:2f:20:0c:42:
ea:65:c7:b4:7f:ac:7f:4a:9b:1b:47:a0:e4:b0:49:82:46:c0:
d6:f3:7b:8c:20:1b:f0:52:9d:b0:8d:09:ca:a9:90:03:08:4e:
92:d9:c8:aa:03:f9:7d:78:e2:04:c0:ef:d0:ea:fc:6a:4e:45:
53:76:30:0b:04:18:c9:ac:e2:85:fc:93:1a:db:87:3e:83:31:
f6:c0:6d:38:eb:12:e1:fc:c4:33:f7:7f:ea:50:99:c9:c5:c6:
81:a4:99:f8:48:45:a9:f6:11:63:6a:c0:0b:68:29:63:03:5e:
54:d9:57:bb:0e:81:40:ff:8c:cb:55:96:5f:c7:cd:0f:40:40:
67:c0:40:a0:2e:5a:bc:a7:18:09:f1:72:4c:4a:92:10:1b:d5:
6c:b2:36:d8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUZkecBmMWmQGAUKeGg1jSrzbAU1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDEyMjUxNDI1MzRaFw0yNTEyMjQxNDMwMzRaMDMxMTAvBgNV
BAMTKEE4NUUwMDVDRTI5RjEyRDIxNTk3QkE2NkFBMDgyN0MxMzYyMkNBQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCi4SZUrOwGLlmG6h8Acg/G3/pP
b4iobjH3UP31B92BK4PE/p6OZptuYNKiZZNOQQRMr29fZsPCzizxPHUBB/u78VOd
ITvedW8qWUmitvJaw0JTzoLcTGkAy5dJ8EL/gLd3jsq21+Puwyd9b5lh4fJidf25
c6uV4N14N3lnjnALgln+IUdKUypWYS3HCc7dRGCFgFQsg21qCsHv7SVyX4jsEARY
J+z8PaziPqzo2g6JKK2LpAI6Kpw2uKnjU7/HycnRAiSBFSr0eSufRgmUxE0ga/a+
dzgCF7ftDP6xdvAoKN7LAz7HEFYeocq09Fif/A8TyKPbY0a9m/lGEPo5ARlvAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUqF4AXOKfEtIVl7pmqggnwTYiysMwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE1NjY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wUcwDQYJKoZIhvcNAQELBQADggEBALVSInR6mInZk/oLVevTb1zrqvTLS+oH8jvb
2uTRQf3dV9BKOHaJOyI60g7O0I3SDqzbjGRP/60L8BJXwR7ZAnSjdePzAD8F0k9k
rOr3F1TCEg3dnaTma2ufQ6tKMppgNMe7jbxaBoXmLyAMQuplx7R/rH9KmxtHoOSw
SYJGwNbze4wgG/BSnbCNCcqpkAMITpLZyKoD+X144gTA79Dq/GpORVN2MAsEGMms
4oX8kxrbhz6DMfbAbTjrEuH8xDP3f+pQmcnFxoGkmfhIRan2EWNqwAtoKWMDXlTZ
V7sOgUD/jMtVll/HzQ9AQGfAQKAuWrynGAnxckxKkhAb1WyyNtg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:07:13 2025 by rpki-client