Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201217.roa
File: AS201217.roa (raw, json)
Hash identifier: uqlCGOf6GXoeM1+sVfW2BEDuPYmLP4SQ/VcE/6WakVg=
Subject key identifier: 38:03:27:29:A5:97:C5:8D:3C:8B:2A:25:72:F3:6A:36:F0:BB:21:51
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 6B3122BB6C798CEA6B9F3D0E4688A00F43C1B904
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201217.roa
Signing time: Sun 01 Jan 2023 23:59:18 +0000
ROA not before: Sun 01 Jan 2023 23:54:18 +0000
ROA not after: Sun 31 Dec 2023 23:59:18 +0000
asID: 201217
IP address blocks: 2a06:a005:8a0::/44 maxlen: 48
2a06:a005:1870::/48 maxlen: 48
2a06:a005:1c78::/48 maxlen: 48
2a06:a005:2470::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:31:22:bb:6c:79:8c:ea:6b:9f:3d:0e:46:88:a0:0f:43:c1:b9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:18 2023 GMT
Not After : Dec 31 23:59:18 2023 GMT
Subject: CN=38032729A597C58D3C8B2A2572F36A36F0BB2151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:62:c7:16:4f:b1:d7:d6:69:be:e4:cc:12:1e:
f0:29:84:33:49:24:32:eb:50:9e:2a:0e:6c:26:25:
ed:01:61:ef:00:bf:d7:a4:6f:82:64:fe:fb:58:26:
47:a5:4c:72:2b:b4:29:52:ae:53:eb:47:15:33:d4:
d6:17:09:db:43:c4:23:05:62:36:31:27:2c:bf:68:
dd:fe:27:6b:f7:1b:44:c8:c7:c0:d6:36:ea:54:4f:
c8:e3:fb:56:ee:f8:67:12:e1:48:fd:e4:4d:0f:6c:
69:6c:a2:67:85:cf:bd:bd:38:be:f0:21:ca:04:f3:
50:5d:6d:30:6c:bb:5e:30:b2:80:9d:ea:ec:37:53:
d9:19:45:83:b6:dc:3d:d1:81:62:9a:dc:1f:15:85:
ba:a0:9f:d1:14:4f:e3:f1:1e:92:9d:e5:db:d5:f5:
d8:41:7d:2d:dd:d9:e6:f7:6f:77:2c:ca:0b:59:1e:
6a:c9:ba:5f:0f:ea:7d:41:29:5f:41:0e:e8:0f:0e:
61:c8:63:f9:bc:21:b6:5d:d2:05:76:b5:f3:b2:6f:
50:a9:60:2b:00:c0:4e:bf:5c:b6:ad:77:fc:62:57:
34:bf:ee:77:d8:0f:9f:52:29:d2:a5:52:bb:d7:58:
55:43:fe:a0:7e:ee:9e:6c:c5:2b:c2:81:65:5b:86:
21:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:03:27:29:A5:97:C5:8D:3C:8B:2A:25:72:F3:6A:36:F0:BB:21:51
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201217.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:8a0::/44
2a06:a005:1870::/48
2a06:a005:1c78::/48
2a06:a005:2470::/44
Signature Algorithm: sha256WithRSAEncryption
5e:b3:ac:6f:7e:f3:b0:d9:c2:ea:ff:9c:5d:1d:28:0f:82:42:
c7:0e:95:fb:65:16:8b:41:ed:6b:3b:1f:4d:bb:29:a9:95:79:
7c:70:55:b7:de:96:3a:20:0c:07:78:40:74:87:ec:83:30:e9:
d7:65:31:a4:16:26:b0:0e:ca:81:65:60:12:02:4a:6d:3a:56:
8f:cd:e5:3d:f1:ee:c9:e5:1d:2f:14:93:ae:3d:ac:f2:52:b1:
ce:f3:9b:13:da:a6:71:ad:82:72:0b:84:c6:ca:f1:dd:d1:d4:
1b:4b:e0:7d:c9:8a:8c:50:ee:3d:6d:e2:c5:bf:23:c5:69:12:
0e:4e:df:67:d5:77:14:28:6e:a3:4b:12:87:b5:86:c2:7f:59:
1c:5a:a2:df:74:9e:52:08:15:20:f5:71:71:f8:42:ca:4a:11:
65:5b:c5:bc:ad:92:f4:23:ea:4e:3d:9f:33:fc:6f:c0:2e:81:
f7:5a:ca:31:85:73:82:f2:7d:c9:34:10:25:e4:18:3e:9a:10:
77:ca:8d:88:d6:83:3f:aa:38:38:64:fe:95:16:ab:06:9b:ae:
02:04:45:35:1e:77:79:81:2f:d8:c8:5e:1f:bd:31:73:25:9c:
1c:b6:2e:8d:a8:45:de:ee:32:33:76:80:03:94:53:51:f0:46:
1c:41:0c:2a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIUazEiu2x5jOprnz0ORoigD0PBuQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MThaFw0yMzEyMzEyMzU5MThaMDMxMTAvBgNV
BAMTKDM4MDMyNzI5QTU5N0M1OEQzQzhCMkEyNTcyRjM2QTM2RjBCQjIxNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhYscWT7HX1mm+5MwSHvAphDNJ
JDLrUJ4qDmwmJe0BYe8Av9ekb4Jk/vtYJkelTHIrtClSrlPrRxUz1NYXCdtDxCMF
YjYxJyy/aN3+J2v3G0TIx8DWNupUT8jj+1bu+GcS4Uj95E0PbGlsomeFz729OL7w
IcoE81BdbTBsu14wsoCd6uw3U9kZRYO23D3RgWKa3B8Vhbqgn9EUT+PxHpKd5dvV
9dhBfS3d2eb3b3csygtZHmrJul8P6n1BKV9BDugPDmHIY/m8IbZd0gV2tfOyb1Cp
YCsAwE6/XLatd/xiVzS/7nfYD59SKdKlUrvXWFVD/qB+7p5sxSvCgWVbhiHhAgMB
AAGjggIoMIICJDAdBgNVHQ4EFgQUOAMnKaWXxY08iyolcvNqNvC7IVEwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjAxMjE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkAwcEKgag
BQigAwcAKgagBRhwAwcAKgagBRx4AwcEKgagBSRwMA0GCSqGSIb3DQEBCwUAA4IB
AQBes6xvfvOw2cLq/5xdHSgPgkLHDpX7ZRaLQe1rOx9NuymplXl8cFW33pY6IAwH
eEB0h+yDMOnXZTGkFiawDsqBZWASAkptOlaPzeU98e7J5R0vFJOuPazyUrHO85sT
2qZxrYJyC4TGyvHd0dQbS+B9yYqMUO49beLFvyPFaRIOTt9n1XcUKG6jSxKHtYbC
f1kcWqLfdJ5SCBUg9XFx+ELKShFlW8W8rZL0I+pOPZ8z/G/ALoH3WsoxhXOC8n3J
NBAl5Bg+mhB3yo2I1oM/qjg4ZP6VFqsGm64CBEU1Hnd5gS/YyF4fvTFzJZwcti6N
qEXe7jIzdoADlFNR8EYcQQwq
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:08 2024 by rpki-client on console-ams.rpki-client.org