Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa
File: AS60639.roa (raw, json)
Hash identifier: 4qQkqwoqL+uwuNCeg9nxk8mQ3oTxKJwjt9SfQ3FB9Do=
Subject key identifier: 32:D7:2E:84:E9:08:F0:96:63:DF:83:DA:77:29:4C:44:B1:85:BF:16
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 530A2AFB77674F159BDA323877285BF754593230
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa
Signing time: Sat 11 Jan 2025 22:30:34 +0000
ROA not before: Sat 11 Jan 2025 22:25:34 +0000
ROA not after: Sat 10 Jan 2026 22:30:34 +0000
asID: 60639
IP address blocks: 2a07:54c7:7000::/36 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:0a:2a:fb:77:67:4f:15:9b:da:32:38:77:28:5b:f7:54:59:32:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Jan 11 22:25:34 2025 GMT
Not After : Jan 10 22:30:34 2026 GMT
Subject: CN=32D72E84E908F09663DF83DA77294C44B185BF16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:24:df:23:13:1b:1a:5b:90:ba:50:49:13:d5:
9b:f1:63:c5:11:ec:b1:bc:b1:d8:55:01:b1:d8:64:
1d:0d:7b:0f:ff:37:e5:27:bf:2b:9a:41:9a:26:3e:
99:ac:cc:8b:7a:33:65:64:d8:ea:72:65:33:98:e4:
7e:cb:43:d9:22:a0:63:3e:2c:22:3a:cf:a4:04:45:
06:7c:0f:37:9e:df:d4:e8:28:1e:46:c2:30:28:c8:
8c:a6:dd:8a:c3:03:0b:d1:9b:dd:a9:45:c9:eb:53:
4f:e5:21:91:2d:9e:eb:e0:05:06:c4:9e:db:84:e1:
f1:80:b4:ec:a4:65:c2:6b:e2:40:48:ea:5a:64:57:
84:18:b7:d3:1c:aa:e3:25:3f:2e:f1:e2:62:dd:96:
a5:71:a9:5f:5d:09:48:6c:3a:41:4d:d2:50:b2:7b:
9f:5b:06:df:2e:46:36:4a:43:3f:d6:8d:45:0a:66:
f3:54:3e:22:6c:85:9e:8c:70:2d:b5:35:26:8e:6d:
11:df:4d:2d:6d:2d:b5:51:b5:52:0f:f3:bb:db:37:
a4:7d:8c:d3:d2:50:39:75:d3:35:61:57:35:30:2a:
1e:01:24:47:7b:8b:4f:26:fa:3b:ea:70:2a:da:85:
ca:d7:00:48:70:e1:81:5b:f6:10:b9:ff:ab:d2:52:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D7:2E:84:E9:08:F0:96:63:DF:83:DA:77:29:4C:44:B1:85:BF:16
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS60639.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c7:7000::/36
Signature Algorithm: sha256WithRSAEncryption
8b:85:1e:5e:fb:d7:76:1e:c6:88:e8:58:64:28:ec:ab:78:38:
ac:6e:21:63:66:a0:dd:a8:66:08:1e:22:64:00:cd:6f:6c:8a:
bf:b7:9b:16:d6:6a:c6:ec:3e:00:7a:1c:36:c3:c4:04:ad:2b:
5a:01:89:23:29:b0:8e:fb:d3:fd:e2:ab:1b:62:a1:7b:e9:31:
28:d3:46:a8:47:42:fd:09:5e:f9:1a:6b:2d:5e:a2:66:3b:04:
f8:2e:e2:ff:87:00:ce:48:b6:fb:d0:6a:bc:15:1e:8c:be:1f:
26:69:60:29:44:a7:67:57:d1:78:31:3f:28:9a:1a:94:e7:d8:
e6:84:73:7b:5f:b4:22:5b:60:99:83:dc:bb:79:6a:fa:31:7b:
3a:19:6c:b3:05:db:50:92:b6:d3:0b:1f:79:10:49:24:89:90:
aa:65:c1:72:71:72:f2:17:65:5e:89:08:fe:db:63:d4:60:3e:
68:f5:cc:a9:cb:56:5f:72:b7:0e:90:6f:a0:c5:88:0a:d7:e6:
3b:03:a6:6c:7f:d6:87:e2:ca:31:b4:f6:59:76:c0:fe:6e:90:
40:97:66:c0:60:81:6a:2d:3d:ea:6d:e7:f2:f2:37:0c:33:05:
16:f5:15:93:93:26:61:6e:ca:3a:4f:7e:00:2e:70:4e:e8:a5:
c7:2b:ab:c7
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUUwoq+3dnTxWb2jI4dyhb91RZMjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTAxMTEyMjI1MzRaFw0yNjAxMTAyMjMwMzRaMDMxMTAvBgNV
BAMTKDMyRDcyRTg0RTkwOEYwOTY2M0RGODNEQTc3Mjk0QzQ0QjE4NUJGMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEJN8jExsaW5C6UEkT1ZvxY8UR
7LG8sdhVAbHYZB0New//N+UnvyuaQZomPpmszIt6M2Vk2OpyZTOY5H7LQ9kioGM+
LCI6z6QERQZ8Dzee39ToKB5GwjAoyIym3YrDAwvRm92pRcnrU0/lIZEtnuvgBQbE
ntuE4fGAtOykZcJr4kBI6lpkV4QYt9McquMlPy7x4mLdlqVxqV9dCUhsOkFN0lCy
e59bBt8uRjZKQz/WjUUKZvNUPiJshZ6McC21NSaObRHfTS1tLbVRtVIP87vbN6R9
jNPSUDl10zVhVzUwKh4BJEd7i08m+jvqcCrahcrXAEhw4YFb9hC5/6vSUk3fAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUMtcuhOkI8JZj34PadylMRLGFvxYwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTNjA2Mzkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqB1TH
cDANBgkqhkiG9w0BAQsFAAOCAQEAi4UeXvvXdh7GiOhYZCjsq3g4rG4hY2ag3ahm
CB4iZADNb2yKv7ebFtZqxuw+AHocNsPEBK0rWgGJIymwjvvT/eKrG2Khe+kxKNNG
qEdC/Qle+RprLV6iZjsE+C7i/4cAzki2+9BqvBUejL4fJmlgKUSnZ1fReDE/KJoa
lOfY5oRze1+0IltgmYPcu3lq+jF7OhlsswXbUJK20wsfeRBJJImQqmXBcnFy8hdl
XokI/ttj1GA+aPXMqctWX3K3DpBvoMWICtfmOwOmbH/Wh+LKMbT2WXbA/m6QQJdm
wGCBai096m3n8vI3DDMFFvUVk5MmYW7KOk9+AC5wTuilxyurxw==
-----END CERTIFICATE-----
Generated at Fri Apr 4 17:04:43 2025 by rpki-client