Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS17138.roa
File: AS17138.roa (raw, json)
Hash identifier: 1eHwDrGUcmHFwMBgEIuRxU9B+jWe3kSF2p5mStxeY4w=
Subject key identifier: 25:F1:7B:04:D2:A4:E2:6B:DA:DD:F2:11:25:23:47:B4:CF:D4:7A:69
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 2AA341027A91208ECBB06F4F6B36F23A745072BB
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS17138.roa
Signing time: Sun 01 Jan 2023 23:59:18 +0000
ROA not before: Sun 01 Jan 2023 23:54:18 +0000
ROA not after: Sun 31 Dec 2023 23:59:18 +0000
asID: 17138
IP address blocks: 2a06:a005:b10::/44 maxlen: 48
2a06:a005:b20::/44 maxlen: 48
2a06:a005:b30::/44 maxlen: 48
2a06:a005:b40::/44 maxlen: 48
2a06:a005:b50::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:a3:41:02:7a:91:20:8e:cb:b0:6f:4f:6b:36:f2:3a:74:50:72:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:18 2023 GMT
Not After : Dec 31 23:59:18 2023 GMT
Subject: CN=25F17B04D2A4E26BDADDF211252347B4CFD47A69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:20:4f:cb:66:c1:88:3e:4a:18:2b:5d:dc:
73:82:f6:22:c2:0d:9a:ca:f0:96:8d:5a:08:00:2c:
29:c8:d3:19:dd:79:fa:53:1e:99:63:91:54:20:7f:
74:c5:22:32:ad:7b:0b:d8:0e:eb:1e:d7:b1:88:5c:
5f:b6:53:3a:4e:77:79:c1:8d:42:16:29:d0:3a:49:
83:0e:dd:d2:9f:8e:3f:af:a8:b2:ac:b0:3b:a9:5c:
a3:99:0e:d0:ad:be:2b:c1:df:bf:57:62:ae:1b:5d:
59:97:29:f4:5a:60:27:5e:61:d3:05:98:d6:e0:4d:
7b:ff:99:ce:3f:95:f4:5c:a5:4d:15:67:b9:48:aa:
b9:7f:59:b3:7d:1b:72:81:11:1a:71:a9:76:8e:6c:
3a:70:66:8c:55:e8:72:20:82:23:32:1e:e3:25:86:
e6:fd:8f:c5:59:2c:96:3c:35:70:47:0c:fb:b4:79:
f1:a2:58:fc:71:d2:5f:03:d5:f9:e5:91:11:88:a2:
ed:c7:03:99:dd:e7:15:04:e0:d0:76:f4:69:85:72:
1f:3b:e3:b5:00:94:ea:bb:05:5f:db:29:e1:08:f3:
54:7b:fd:67:e3:98:9f:70:b9:55:f0:4c:23:df:e9:
1b:81:33:ee:64:0b:66:a1:96:c6:78:66:7d:3e:9e:
dc:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F1:7B:04:D2:A4:E2:6B:DA:DD:F2:11:25:23:47:B4:CF:D4:7A:69
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS17138.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:b10::-2a06:a005:b5f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1c:15:f6:2f:2e:ca:32:ee:de:35:c4:39:68:f2:e1:57:00:65:
e1:2c:7d:81:7f:81:0c:63:7f:71:52:ed:e4:42:19:b3:c1:c0:
7f:7c:06:59:28:df:10:33:9c:b4:d5:fd:8f:cf:fc:ab:2c:95:
a9:85:ff:9f:9e:ee:1a:06:d2:82:b0:70:23:7e:0b:cf:5e:42:
4a:00:40:fd:ae:3b:23:41:04:bd:b3:07:da:d3:0c:3c:f1:0a:
14:13:87:45:bf:12:6c:1e:55:4e:bc:25:d8:6e:c3:32:31:6d:
11:f4:23:5b:65:85:4e:d4:ae:b4:ae:c1:b3:07:80:45:05:a5:
e3:01:13:10:05:c3:90:2a:05:18:f2:a7:03:d9:ca:aa:fe:dd:
20:1b:b5:c7:13:b8:7d:c8:5c:c6:7d:5d:1e:4b:d4:b8:af:40:
32:98:52:ad:84:3c:e2:8b:80:91:3f:e3:8f:58:23:b1:ec:02:
26:01:fb:7f:dd:67:77:1f:f2:bd:ac:01:45:7d:9d:a7:48:b3:
82:4d:00:7c:5c:fd:e5:82:28:1d:1d:54:98:45:7b:94:30:bf:
55:fd:27:ee:53:18:48:ee:cf:84:8c:7b:b6:83:83:1d:8e:c1:
a2:b5:b8:11:8c:6a:fb:71:a7:4a:19:ae:dc:a8:4c:46:85:b7:
7c:59:45:2c
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIUKqNBAnqRII7LsG9PazbyOnRQcrswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MThaFw0yMzEyMzEyMzU5MThaMDMxMTAvBgNV
BAMTKDI1RjE3QjA0RDJBNEUyNkJEQURERjIxMTI1MjM0N0I0Q0ZENDdBNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChviBPy2bBiD5KGCtd3HOC9iLC
DZrK8JaNWggALCnI0xndefpTHpljkVQgf3TFIjKtewvYDuse17GIXF+2UzpOd3nB
jUIWKdA6SYMO3dKfjj+vqLKssDupXKOZDtCtvivB379XYq4bXVmXKfRaYCdeYdMF
mNbgTXv/mc4/lfRcpU0VZ7lIqrl/WbN9G3KBERpxqXaObDpwZoxV6HIggiMyHuMl
hub9j8VZLJY8NXBHDPu0efGiWPxx0l8D1fnlkRGIou3HA5nd5xUE4NB29GmFch87
47UAlOq7BV/bKeEI81R7/WfjmJ9wuVXwTCPf6RuBM+5kC2ahlsZ4Zn0+ntxBAgMB
AAGjggIXMIICEzAdBgNVHQ4EFgQUJfF7BNKk4mva3fIRJSNHtM/UemkwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMTcxMzgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHBCoG
oAULEAMHBSoGoAULQDANBgkqhkiG9w0BAQsFAAOCAQEAHBX2Ly7KMu7eNcQ5aPLh
VwBl4Sx9gX+BDGN/cVLt5EIZs8HAf3wGWSjfEDOctNX9j8/8qyyVqYX/n57uGgbS
grBwI34Lz15CSgBA/a47I0EEvbMH2tMMPPEKFBOHRb8SbB5VTrwl2G7DMjFtEfQj
W2WFTtSutK7BsweARQWl4wETEAXDkCoFGPKnA9nKqv7dIBu1xxO4fchcxn1dHkvU
uK9AMphSrYQ84ouAkT/jj1gjsewCJgH7f91ndx/yvawBRX2dp0izgk0AfFz95YIo
HR1UmEV7lDC/Vf0n7lMYSO7PhIx7toODHY7BorW4EYxq+3GnShmu3KhMRoW3fFlF
LA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:43:42 2025 by rpki-client