Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS23428.roa
File: AS23428.roa (raw, json)
Hash identifier: 1PS3wsoPeimvghYWcVyq9s6/ATNPN1a50/VjIWu6isY=
Subject key identifier: 63:70:26:18:03:7E:DA:E9:12:15:BF:24:7C:F3:93:4D:F9:34:84:4A
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 25CD823DCA998313205E8BA652A82D585C47014F
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS23428.roa
Signing time: Tue 20 Aug 2024 02:31:57 +0000
ROA not before: Tue 20 Aug 2024 02:26:57 +0000
ROA not after: Tue 19 Aug 2025 02:31:57 +0000
asID: 23428
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:cd:82:3d:ca:99:83:13:20:5e:8b:a6:52:a8:2d:58:5c:47:01:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:57 2024 GMT
Not After : Aug 19 02:31:57 2025 GMT
Subject: CN=63702618037EDAE91215BF247CF3934DF934844A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:59:e4:84:0a:7a:9c:d1:f0:7a:f9:4f:d8:ba:
d2:e8:9a:13:91:73:4c:f2:81:5d:82:fe:e7:3b:03:
f2:1f:bd:80:9d:83:33:d1:db:56:7a:1e:1a:18:6d:
28:9b:b4:22:4a:f0:cc:53:5e:97:b6:08:12:70:fe:
a0:55:ab:a0:de:fc:24:fc:4d:10:32:db:9d:22:67:
a2:72:6c:ff:70:ff:e4:43:a6:4e:f4:fe:11:c4:b6:
db:22:1f:a8:4e:41:6e:6c:dd:3d:3c:b1:0c:6f:6d:
3d:6b:ff:80:3e:80:09:e4:22:16:0f:ce:62:19:f0:
bd:68:44:79:29:3d:73:8f:f8:46:47:5c:75:48:83:
59:87:09:89:97:4e:c0:97:85:11:f4:5e:9f:29:6f:
b5:6c:39:46:93:88:7b:f7:1c:66:f8:e1:5d:0d:f1:
9f:f9:4d:aa:5a:8a:3e:14:ab:af:98:49:8b:88:98:
a1:a5:f1:c1:51:0a:8b:16:f3:5d:81:e3:5d:7a:4f:
43:ff:96:51:e5:49:bc:3b:8e:89:36:7a:77:82:d0:
42:1b:5e:38:fc:5b:02:77:e6:ae:cb:8e:98:b0:b1:
46:b1:2a:13:97:ae:c6:c2:c2:e5:c3:ee:b9:93:46:
97:a9:ba:cc:2d:d6:d3:04:e3:52:5e:cb:c4:8c:b1:
ea:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:70:26:18:03:7E:DA:E9:12:15:BF:24:7C:F3:93:4D:F9:34:84:4A
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS23428.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
65:36:17:c5:04:ca:2a:17:f0:a5:c6:e8:71:1d:37:39:2a:ed:
b0:e8:8e:81:e6:14:08:a5:3b:3f:28:6a:dc:2f:a8:18:34:fe:
7d:fa:00:5b:d9:5e:50:8e:f6:47:57:42:af:ec:c5:51:40:58:
7c:5a:a7:af:8c:64:97:89:22:cd:59:0e:c1:db:7a:af:48:aa:
1e:9c:76:d2:f6:02:1b:8b:e8:4e:be:6c:7e:68:4f:f6:c8:72:
16:c7:88:b4:1e:1e:bf:67:ab:59:7f:c0:03:34:5a:0d:be:cf:
02:56:2c:1c:9f:0f:70:14:ce:4d:19:d1:90:e9:30:5d:a5:c2:
e6:ef:3a:91:1d:2b:9e:ec:65:bb:3b:9f:eb:ba:3b:17:fb:13:
e8:fb:9a:df:fa:3f:66:76:23:61:e5:99:3e:55:0b:82:71:dd:
8c:cf:20:b8:2e:26:a1:0b:9d:6a:fa:dd:10:7d:9a:b0:93:ec:
b1:c2:d3:26:29:82:11:03:44:8e:1b:a5:ca:91:82:f2:80:b7:
53:ac:0c:27:a1:41:cc:cd:33:79:0e:47:20:f7:f5:24:ca:83:
ce:bf:48:ae:04:21:da:e9:6e:94:1e:6c:b8:3a:cc:00:f6:27:
43:8a:88:bb:0d:30:70:83:5d:75:91:a4:d2:02:fb:19:55:f0:
4f:ae:13:54
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUJc2CPcqZgxMgXoumUqgtWFxHAU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTdaFw0yNTA4MTkwMjMxNTdaMDMxMTAvBgNV
BAMTKDYzNzAyNjE4MDM3RURBRTkxMjE1QkYyNDdDRjM5MzRERjkzNDg0NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaWeSECnqc0fB6+U/YutLomhOR
c0zygV2C/uc7A/IfvYCdgzPR21Z6HhoYbSibtCJK8MxTXpe2CBJw/qBVq6De/CT8
TRAy250iZ6JybP9w/+RDpk70/hHEttsiH6hOQW5s3T08sQxvbT1r/4A+gAnkIhYP
zmIZ8L1oRHkpPXOP+EZHXHVIg1mHCYmXTsCXhRH0Xp8pb7VsOUaTiHv3HGb44V0N
8Z/5Tapaij4Uq6+YSYuImKGl8cFRCosW812B4116T0P/llHlSbw7jok2eneC0EIb
Xjj8WwJ35q7LjpiwsUaxKhOXrsbCwuXD7rmTRpepuswt1tME41Jey8SMseqlAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUY3AmGAN+2ukSFb8kfPOTTfk0hEowHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjM0Mjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBAGU2F8UEyioX8KXG6HEdNzkq7bDojoHmFAil
Oz8oatwvqBg0/n36AFvZXlCO9kdXQq/sxVFAWHxap6+MZJeJIs1ZDsHbeq9Iqh6c
dtL2AhuL6E6+bH5oT/bIchbHiLQeHr9nq1l/wAM0Wg2+zwJWLByfD3AUzk0Z0ZDp
MF2lwubvOpEdK57sZbs7n+u6Oxf7E+j7mt/6P2Z2I2HlmT5VC4Jx3YzPILguJqEL
nWr63RB9mrCT7LHC0yYpghEDRI4bpcqRgvKAt1OsDCehQczNM3kORyD39STKg86/
SK4EIdrpbpQebLg6zAD2J0OKiLsNMHCDXXWRpNIC+xlV8E+uE1Q=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:25:27 2025 by rpki-client