Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201733.roa
File: AS201733.roa (raw, json)
Hash identifier: 2n3aMeT3UPYOK8jf6LBUdK2lC7IZn0nNNvtET7agiq8=
Subject key identifier: EE:97:63:A9:83:3B:90:C2:A7:C6:4A:CA:82:7D:EA:CC:AB:74:57:98
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 5C32AA5EDB6ED424A8CB4F570BFB58F7DC1AC905
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201733.roa
Signing time: Sun 01 Jan 2023 23:59:14 +0000
ROA not before: Sun 01 Jan 2023 23:54:14 +0000
ROA not after: Sun 31 Dec 2023 23:59:14 +0000
asID: 201733
IP address blocks: 2a06:a005:2360::/44 maxlen: 48
2a06:a005:23c0::/44 maxlen: 48
2a06:a005:2460::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:32:aa:5e:db:6e:d4:24:a8:cb:4f:57:0b:fb:58:f7:dc:1a:c9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:14 2023 GMT
Not After : Dec 31 23:59:14 2023 GMT
Subject: CN=EE9763A9833B90C2A7C64ACA827DEACCAB745798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d3:0e:4b:be:2f:cb:d1:da:d3:5f:9d:c9:62:
54:08:39:d2:a6:dc:db:a1:ec:3e:63:96:69:89:9e:
f0:b0:c2:39:58:b6:90:54:a0:83:7f:43:a9:f0:aa:
8d:0d:1e:71:40:30:1c:6a:b2:81:73:d1:01:47:85:
fa:a2:59:8b:a0:9d:72:87:ec:a4:7f:03:e3:5e:5a:
de:a1:9a:7f:01:21:ac:85:91:16:ec:1b:8a:a1:25:
f6:6c:ef:eb:58:0a:f4:b2:f3:13:76:1c:6b:ee:70:
0c:21:02:08:c8:8c:d5:05:74:f7:4b:92:89:21:be:
da:2f:1e:cc:55:c7:34:67:81:1e:89:94:9e:1f:08:
3c:01:96:09:a5:9d:14:5a:ad:3e:be:da:e9:85:ee:
59:86:0a:b6:db:85:e4:93:df:e4:94:82:36:d3:46:
40:a0:66:cd:ab:07:2f:74:83:77:f9:a8:21:26:d1:
48:88:d8:ac:36:ca:f5:11:2e:f8:91:06:9e:a6:04:
ad:de:a9:9c:a3:63:09:20:63:2f:a9:03:a3:6e:0d:
61:ac:b4:a1:7d:ff:72:cc:68:99:2d:ce:88:48:d1:
f8:48:f3:28:c8:c5:1e:d5:e9:f4:90:66:d5:1d:a6:
7b:c2:1f:e6:b7:92:f9:ae:31:b5:00:b1:e9:49:93:
ae:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:97:63:A9:83:3B:90:C2:A7:C6:4A:CA:82:7D:EA:CC:AB:74:57:98
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS201733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:2360::/44
2a06:a005:23c0::/44
2a06:a005:2460::/44
Signature Algorithm: sha256WithRSAEncryption
28:eb:0f:96:85:3c:31:41:b8:2a:17:42:cc:19:e2:de:ae:a7:
00:89:da:ce:c3:7e:30:76:23:bb:92:d5:58:b6:99:85:04:2c:
c4:01:60:5b:90:8c:28:6d:46:ca:45:b7:c8:43:14:38:eb:11:
54:9a:f2:59:ca:50:2d:2e:28:ef:74:6a:5e:f6:22:a8:df:d7:
69:65:0e:40:bc:70:f1:e7:61:4f:76:e7:38:87:eb:ae:45:0d:
34:04:f5:08:a9:ff:b0:7e:73:99:0f:95:dc:e3:db:48:16:0b:
4a:e3:5f:95:16:7a:a1:0d:76:59:c9:37:b7:f2:16:c0:25:d0:
49:55:52:e2:c5:00:99:c8:d8:b4:d7:8b:ae:af:05:21:54:58:
7b:39:dc:49:e8:9d:f2:d7:8f:e3:50:73:ec:46:06:9f:88:61:
05:2d:b7:db:90:f0:0b:5d:24:d6:a0:cc:8c:f3:09:8b:f3:7d:
91:f2:1e:04:7a:dc:e2:6e:11:f2:f5:08:ad:45:eb:52:12:ee:
45:f7:4a:99:24:f9:54:0b:97:44:53:5f:8c:03:71:49:bc:45:
75:36:e6:52:32:9e:fc:0a:f0:61:6a:77:6e:15:2b:2e:31:83:
51:a9:d1:6b:cf:89:d9:ac:47:f2:e6:db:90:4c:31:85:0d:b4:
3d:c7:ca:6e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIUXDKqXttu1CSoy09XC/tY99wayQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MTRaFw0yMzEyMzEyMzU5MTRaMDMxMTAvBgNV
BAMTKEVFOTc2M0E5ODMzQjkwQzJBN0M2NEFDQTgyN0RFQUNDQUI3NDU3OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN0w5Lvi/L0drTX53JYlQIOdKm
3Nuh7D5jlmmJnvCwwjlYtpBUoIN/Q6nwqo0NHnFAMBxqsoFz0QFHhfqiWYugnXKH
7KR/A+NeWt6hmn8BIayFkRbsG4qhJfZs7+tYCvSy8xN2HGvucAwhAgjIjNUFdPdL
kokhvtovHsxVxzRngR6JlJ4fCDwBlgmlnRRarT6+2umF7lmGCrbbheST3+SUgjbT
RkCgZs2rBy90g3f5qCEm0UiI2Kw2yvURLviRBp6mBK3eqZyjYwkgYy+pA6NuDWGs
tKF9/3LMaJktzohI0fhI8yjIxR7V6fSQZtUdpnvCH+a3kvmuMbUAselJk65vAgMB
AAGjggIfMIICGzAdBgNVHQ4EFgQU7pdjqYM7kMKnxkrKgn3qzKt0V5gwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjAxNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcEKgag
BSNgAwcEKgagBSPAAwcEKgagBSRgMA0GCSqGSIb3DQEBCwUAA4IBAQAo6w+WhTwx
QbgqF0LMGeLerqcAidrOw34wdiO7ktVYtpmFBCzEAWBbkIwobUbKRbfIQxQ46xFU
mvJZylAtLijvdGpe9iKo39dpZQ5AvHDx52FPduc4h+uuRQ00BPUIqf+wfnOZD5Xc
49tIFgtK41+VFnqhDXZZyTe38hbAJdBJVVLixQCZyNi014uurwUhVFh7OdxJ6J3y
14/jUHPsRgafiGEFLbfbkPALXSTWoMyM8wmL832R8h4EetzibhHy9QitRetSEu5F
90qZJPlUC5dEU1+MA3FJvEV1NuZSMp78CvBhanduFSsuMYNRqdFrz4nZrEfy5tuQ
TDGFDbQ9x8pu
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-fra.rpki-client.org