Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216212.roa
File: AS216212.roa (raw, json)
Hash identifier: xBidpyG5cgHDV8h51XcSl9HcMkT00nLrSsMJbVMKKW8=
Subject key identifier: 17:E4:51:5D:9F:D6:E3:5A:4F:33:FB:91:E6:B1:8E:62:C9:E9:C5:03
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 5D9A755C203F4030395F1BA19843149A3E848E1A
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216212.roa
Signing time: Thu 05 Sep 2024 19:32:06 +0000
ROA not before: Thu 05 Sep 2024 19:27:06 +0000
ROA not after: Thu 04 Sep 2025 19:32:06 +0000
asID: 216212
IP address blocks: 2a07:54c4:b10::/44 maxlen: 48
2a07:54c4:1080::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:9a:75:5c:20:3f:40:30:39:5f:1b:a1:98:43:14:9a:3e:84:8e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Sep 5 19:27:06 2024 GMT
Not After : Sep 4 19:32:06 2025 GMT
Subject: CN=17E4515D9FD6E35A4F33FB91E6B18E62C9E9C503
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:eb:b7:41:c6:f6:24:b9:70:e4:03:b2:fc:65:
fd:12:d0:c8:4e:f7:7c:6d:cf:41:e4:39:87:3b:2f:
c9:61:cb:71:4f:56:68:1a:34:b5:28:7d:ce:11:35:
49:1f:3d:37:28:6e:59:eb:8e:c4:36:3f:41:88:ce:
02:23:78:c2:41:09:56:4c:c3:9b:9f:7b:9c:fb:5d:
8d:3a:0f:60:67:a6:3b:55:d5:8a:5f:21:00:98:b2:
90:50:12:ee:50:f7:31:e2:43:6e:ae:31:cd:26:6d:
1b:d3:57:e4:38:f7:fd:f6:bc:4b:15:64:5a:50:cc:
6f:78:65:9c:ab:13:53:a2:1d:9b:44:1c:a3:40:8d:
34:69:df:2d:07:b6:22:31:cb:0d:d6:c6:ae:be:40:
55:a5:75:d1:60:ba:28:f8:9a:f5:ec:68:15:54:39:
ab:64:da:af:c6:7d:a7:8e:fb:05:2f:f4:5d:9a:c1:
93:f9:32:58:67:df:a4:24:40:43:67:21:a1:ec:78:
71:e1:14:c6:d3:77:5f:29:bf:15:3a:48:f0:dd:88:
a2:e0:5f:70:e4:8a:6f:05:be:5b:aa:d8:20:a8:80:
3c:bf:d9:8f:37:8d:20:eb:6b:8a:18:e6:fe:14:6b:
a9:99:9f:75:26:0f:f3:c7:1a:bf:03:ec:15:d2:9f:
10:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E4:51:5D:9F:D6:E3:5A:4F:33:FB:91:E6:B1:8E:62:C9:E9:C5:03
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS216212.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c4:b10::/44
2a07:54c4:1080::/44
Signature Algorithm: sha256WithRSAEncryption
09:34:4b:cd:6e:48:c3:d6:27:fc:30:ab:34:c8:8b:0b:cd:aa:
c3:9e:d2:74:9f:08:d4:38:4b:45:ed:68:30:bf:2f:8a:39:ef:
ac:06:a0:1b:8f:ef:ba:f8:06:3a:55:fe:2b:b9:78:0d:5a:0e:
19:a6:fc:15:2d:a0:40:5a:4c:98:52:a5:30:8a:44:9f:92:2c:
70:70:15:2e:62:4f:4b:86:48:2e:4c:9a:b7:e6:89:88:4a:de:
dd:c2:46:a9:24:57:4f:87:6d:c4:31:0c:1d:1c:2d:0e:7f:cb:
9f:d1:fa:ba:43:7a:72:ce:60:82:ec:90:c1:53:04:84:0c:0e:
2c:cc:a1:18:64:00:58:ff:ea:47:70:b1:a8:92:e4:95:5d:e6:
be:ac:ca:a6:39:48:fa:e4:26:ca:7b:b5:80:11:6c:8e:c7:a2:
5e:f0:44:09:20:4d:29:3d:fb:1a:ae:30:e3:ae:d3:ef:e4:37:
b7:cc:d4:ff:69:e4:f5:07:9e:52:74:d4:05:4a:6a:e8:dd:57:
c2:43:b2:42:16:39:ab:51:5a:87:9f:bb:87:77:4c:93:2e:92:
20:5a:34:ab:d2:c8:0d:19:6d:ed:c6:0d:c9:d2:6e:d8:8d:9e:
a4:ac:1f:01:8e:6a:b2:8f:1f:53:71:82:45:6e:01:a3:54:cc:
19:28:9f:ca
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUXZp1XCA/QDA5XxuhmEMUmj6EjhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA5MDUxOTI3MDZaFw0yNTA5MDQxOTMyMDZaMDMxMTAvBgNV
BAMTKDE3RTQ1MTVEOUZENkUzNUE0RjMzRkI5MUU2QjE4RTYyQzlFOUM1MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDi67dBxvYkuXDkA7L8Zf0S0MhO
93xtz0HkOYc7L8lhy3FPVmgaNLUofc4RNUkfPTcoblnrjsQ2P0GIzgIjeMJBCVZM
w5ufe5z7XY06D2BnpjtV1YpfIQCYspBQEu5Q9zHiQ26uMc0mbRvTV+Q49/32vEsV
ZFpQzG94ZZyrE1OiHZtEHKNAjTRp3y0HtiIxyw3Wxq6+QFWlddFguij4mvXsaBVU
Oatk2q/GfaeO+wUv9F2awZP5Mlhn36QkQENnIaHseHHhFMbTd18pvxU6SPDdiKLg
X3Dkim8Fvluq2CCogDy/2Y83jSDra4oY5v4Ua6mZn3UmD/PHGr8D7BXSnxDrAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUF+RRXZ/W41pPM/uR5rGOYsnpxQMwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE2MjEyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcEKgdU
xAsQAwcEKgdUxBCAMA0GCSqGSIb3DQEBCwUAA4IBAQAJNEvNbkjD1if8MKs0yIsL
zarDntJ0nwjUOEtF7Wgwvy+KOe+sBqAbj++6+AY6Vf4ruXgNWg4ZpvwVLaBAWkyY
UqUwikSfkixwcBUuYk9LhkguTJq35omISt7dwkapJFdPh23EMQwdHC0Of8uf0fq6
Q3pyzmCC7JDBUwSEDA4szKEYZABY/+pHcLGokuSVXea+rMqmOUj65CbKe7WAEWyO
x6Je8EQJIE0pPfsarjDjrtPv5De3zNT/aeT1B55SdNQFSmro3VfCQ7JCFjmrUVqH
n7uHd0yTLpIgWjSr0sgNGW3txg3J0m7YjZ6krB8Bjmqyjx9TcYJFbgGjVMwZKJ/K
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:05:55 2025 by rpki-client