Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS41666.roa
File: AS41666.roa (raw, json)
Hash identifier: Xwr+oG77eY7miPBv1DvogylSKPPWKzizsNOeJp4bavc=
Subject key identifier: C3:84:90:74:30:48:E2:CC:55:71:09:D9:C8:D1:C0:FE:50:95:68:2C
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 2DF4D659F38B779E1AA33CF3E2C43F2F2CF1813F
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS41666.roa
Signing time: Tue 20 Aug 2024 02:31:53 +0000
ROA not before: Tue 20 Aug 2024 02:26:53 +0000
ROA not after: Tue 19 Aug 2025 02:31:53 +0000
asID: 41666
IP address blocks: 2a07:54c2:b00b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:f4:d6:59:f3:8b:77:9e:1a:a3:3c:f3:e2:c4:3f:2f:2c:f1:81:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Aug 20 02:26:53 2024 GMT
Not After : Aug 19 02:31:53 2025 GMT
Subject: CN=C38490743048E2CC557109D9C8D1C0FE5095682C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:59:0b:b8:52:38:58:e9:d4:b4:eb:00:c2:37:
99:e9:71:41:8b:7e:e2:78:09:24:54:60:b5:ca:19:
56:06:e4:c1:75:fd:18:e1:a1:99:92:a1:a1:f4:a4:
ab:30:5a:9b:14:2d:07:00:00:19:f7:d3:9a:76:b6:
46:b8:d8:cd:7b:83:6e:99:b7:d9:03:d1:36:c7:7b:
53:5c:e9:33:3b:c3:64:4c:4f:e9:90:c8:00:bf:c2:
29:58:1f:2e:e7:9e:a1:ab:aa:64:2c:d9:77:da:6a:
a4:d6:be:ee:b3:ae:aa:8c:19:c5:6d:81:2c:76:b9:
60:bf:33:9b:45:2d:a1:7e:68:5b:8d:86:98:00:cc:
9f:86:d7:f2:94:7e:b1:6a:28:2b:d7:43:f7:7b:5b:
a2:25:b4:23:37:a9:51:d5:92:c9:1b:5a:06:0c:9c:
3d:69:e6:60:2b:8d:f4:bf:03:5b:36:f0:3d:91:4d:
bb:fc:66:f1:92:98:62:64:ba:e1:1c:86:0b:24:c9:
30:0a:42:eb:7d:a6:7e:65:8c:7e:c2:84:52:3a:fe:
15:0e:81:e1:73:6f:52:03:b0:4b:57:6b:37:8e:80:
47:f1:16:6e:b5:cb:58:bd:ec:f9:45:94:56:33:9e:
66:dc:70:36:02:a8:03:14:c4:88:54:27:11:c0:d1:
de:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:84:90:74:30:48:E2:CC:55:71:09:D9:C8:D1:C0:FE:50:95:68:2C
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS41666.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c2:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
2b:ea:26:59:2a:81:56:a4:b9:c5:0c:85:ac:39:63:45:3e:12:
84:4a:6c:aa:bf:00:23:59:f7:8a:c9:dc:a9:e0:59:fd:45:ca:
50:60:d6:34:2c:d8:6c:b8:62:4a:59:4d:10:01:40:b2:f2:83:
19:d2:b9:ca:b4:db:cd:8a:93:0a:ea:d3:4c:4d:ee:4e:7d:22:
f0:c0:49:e6:4f:58:bc:01:3f:0c:a6:28:40:99:c7:04:30:5b:
a5:8d:17:d2:c7:02:89:7e:47:3d:1e:ea:d5:b7:a7:d4:e9:6e:
c0:21:46:6e:4f:64:de:74:68:7d:65:0b:05:61:d8:19:1b:92:
23:10:de:85:97:15:92:03:1a:07:78:90:c0:d3:72:2e:8e:c5:
3a:65:43:cf:35:9f:37:d4:54:2d:64:ec:d0:69:63:4e:d6:e7:
04:43:20:c9:6c:3f:35:b5:05:92:e9:b6:4b:40:01:4c:fe:1d:
ce:d0:b1:75:a0:4f:42:d0:81:72:15:f3:30:5d:58:f8:35:e7:
ad:1d:3b:06:f9:ea:65:1a:9f:eb:51:e3:8e:94:7f:34:22:30:
57:1c:8b:56:9f:3a:ce:bd:45:ed:46:0a:73:5b:ac:b7:0d:be:
df:d1:52:44:63:df:e7:05:ad:14:0e:ca:5c:68:ca:cb:30:43:
79:1e:77:99
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIULfTWWfOLd54aozzz4sQ/LyzxgT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNDA4MjAwMjI2NTNaFw0yNTA4MTkwMjMxNTNaMDMxMTAvBgNV
BAMTKEMzODQ5MDc0MzA0OEUyQ0M1NTcxMDlEOUM4RDFDMEZFNTA5NTY4MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/WQu4UjhY6dS06wDCN5npcUGL
fuJ4CSRUYLXKGVYG5MF1/RjhoZmSoaH0pKswWpsULQcAABn305p2tka42M17g26Z
t9kD0TbHe1Nc6TM7w2RMT+mQyAC/wilYHy7nnqGrqmQs2XfaaqTWvu6zrqqMGcVt
gSx2uWC/M5tFLaF+aFuNhpgAzJ+G1/KUfrFqKCvXQ/d7W6IltCM3qVHVkskbWgYM
nD1p5mArjfS/A1s28D2RTbv8ZvGSmGJkuuEchgskyTAKQut9pn5ljH7ChFI6/hUO
geFzb1IDsEtXazeOgEfxFm61y1i97PlFlFYznmbccDYCqAMUxIhUJxHA0d5DAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUw4SQdDBI4sxVcQnZyNHA/lCVaCwwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNDE2NjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqB1TC
sAswDQYJKoZIhvcNAQELBQADggEBACvqJlkqgVakucUMhaw5Y0U+EoRKbKq/ACNZ
94rJ3KngWf1FylBg1jQs2Gy4YkpZTRABQLLygxnSucq0282Kkwrq00xN7k59IvDA
SeZPWLwBPwymKECZxwQwW6WNF9LHAol+Rz0e6tW3p9TpbsAhRm5PZN50aH1lCwVh
2BkbkiMQ3oWXFZIDGgd4kMDTci6OxTplQ881nzfUVC1k7NBpY07W5wRDIMlsPzW1
BZLptktAAUz+Hc7QsXWgT0LQgXIV8zBdWPg1560dOwb56mUan+tR446UfzQiMFcc
i1afOs69Re1GCnNbrLcNvt/RUkRj3+cFrRQOylxoysswQ3ked5k=
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:44 2025 by rpki-client