Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS203619.roa
File: AS203619.roa (raw, json)
Hash identifier: 2Gb8qfoTcY7U1XmdcWFqdMZV7o63JPKumHXeaNlAw2k=
Subject key identifier: CD:3E:B6:2D:CC:59:DC:D2:D9:2B:A5:25:E2:25:5B:46:97:C3:A6:50
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 15157CA3D4FE6B9042F792DFE1DB66AA5C97EDAC
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS203619.roa
Signing time: Sun 01 Jan 2023 23:59:14 +0000
ROA not before: Sun 01 Jan 2023 23:54:14 +0000
ROA not after: Sun 31 Dec 2023 23:59:14 +0000
asID: 203619
IP address blocks: 2a06:a005:1410::/44 maxlen: 48
2a06:a005:1420::/44 maxlen: 48
2a06:a005:1430::/44 maxlen: 48
2a06:a005:1440::/44 maxlen: 48
2a06:a005:1450::/44 maxlen: 48
2a06:a005:2130::/44 maxlen: 48
2a06:a005:2140::/44 maxlen: 48
2a06:a005:2150::/44 maxlen: 48
2a06:a005:2160::/44 maxlen: 48
2a06:a005:2170::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:15:7c:a3:d4:fe:6b:90:42:f7:92:df:e1:db:66:aa:5c:97:ed:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:14 2023 GMT
Not After : Dec 31 23:59:14 2023 GMT
Subject: CN=CD3EB62DCC59DCD2D92BA525E2255B4697C3A650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3c:1a:21:2a:3b:09:fe:a3:de:d3:75:4f:35:
eb:c1:c5:1f:00:33:ab:6d:cb:99:c0:f0:6b:a2:e4:
00:78:f1:5a:eb:b0:cb:07:99:24:e6:04:c2:74:a0:
4a:41:45:e6:47:e8:5d:d3:e0:3a:02:bd:72:7f:df:
7f:73:b1:1f:99:28:87:ae:cf:d8:4a:d6:46:f3:5a:
c3:3f:cc:8b:10:73:ed:d3:56:67:8c:f7:dd:2c:00:
0c:d1:cc:73:a8:a4:78:54:22:27:18:a6:9b:0f:f3:
9e:1a:bd:74:79:30:e9:bc:21:47:02:7d:1e:26:b9:
7a:a0:8f:ff:24:6a:a6:ec:f7:a3:87:99:df:55:9f:
37:ee:26:35:3a:e9:55:58:e6:c3:3e:0a:ca:50:75:
f8:16:84:3c:7d:dd:ea:d6:07:d4:5f:0d:e9:68:8b:
4a:f5:9d:50:23:2e:06:73:d0:6c:54:55:e5:15:c8:
f0:0f:4c:0a:78:2f:7a:f5:ab:31:f4:1b:57:08:d4:
34:02:bc:07:1c:e5:19:63:6b:3f:f8:41:53:2a:ba:
8e:1d:0f:86:1c:73:ec:e9:02:ca:e4:c8:b7:d9:60:
c2:9f:45:8e:27:3a:57:32:2a:5d:05:7d:4d:25:1e:
26:d7:98:d9:43:cd:37:fa:82:51:48:57:20:81:3d:
75:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3E:B6:2D:CC:59:DC:D2:D9:2B:A5:25:E2:25:5B:46:97:C3:A6:50
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS203619.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1410::-2a06:a005:145f:ffff:ffff:ffff:ffff:ffff
2a06:a005:2130::-2a06:a005:217f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
57:db:ab:e3:5a:96:21:13:80:3a:f2:4e:dd:d5:7f:49:07:c3:
fa:f9:b4:5a:64:19:22:79:36:8f:41:0b:4e:a5:02:b7:33:86:
d8:35:9f:0c:a6:71:b8:93:08:d2:c5:e0:d7:b2:2e:ca:e0:e3:
c7:e2:85:17:fa:85:20:d2:3a:e9:c0:f1:b8:a4:9d:95:10:98:
75:52:3b:a4:c2:df:a3:f0:5a:48:62:00:27:41:d7:5f:46:46:
d8:11:cd:7a:33:c4:d2:68:40:9d:21:a3:14:a1:50:51:a2:d7:
94:b7:42:e4:7e:81:11:67:c0:57:fa:19:48:a9:48:b0:07:67:
3d:f8:6d:bf:b4:18:da:77:e5:0d:90:91:7f:5f:3d:43:2f:c2:
ad:88:96:34:fd:53:0f:9a:22:01:2b:0b:6b:fc:ef:03:9e:20:
40:61:a9:a2:83:dd:2b:b3:a5:bf:1c:a0:df:0b:b5:5e:6c:f7:
d9:4c:fe:7f:9f:9f:cc:92:09:59:1d:a5:5f:3e:bb:6c:ae:37:
4f:fd:7e:0a:59:ad:83:a6:24:bb:46:90:1a:22:67:42:fe:23:
76:f4:ff:7d:4c:d2:f8:2b:ad:a7:a9:fb:42:14:f0:a2:ca:87:
6a:7c:d0:44:c9:51:d4:2c:80:95:63:f1:9e:72:67:6b:ec:e3:
46:6f:15:57
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUFRV8o9T+a5BC95Lf4dtmqlyX7awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MTRaFw0yMzEyMzEyMzU5MTRaMDMxMTAvBgNV
BAMTKENEM0VCNjJEQ0M1OURDRDJEOTJCQTUyNUUyMjU1QjQ2OTdDM0E2NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYPBohKjsJ/qPe03VPNevBxR8A
M6tty5nA8Gui5AB48VrrsMsHmSTmBMJ0oEpBReZH6F3T4DoCvXJ/339zsR+ZKIeu
z9hK1kbzWsM/zIsQc+3TVmeM990sAAzRzHOopHhUIicYppsP854avXR5MOm8IUcC
fR4muXqgj/8kaqbs96OHmd9VnzfuJjU66VVY5sM+CspQdfgWhDx93erWB9RfDelo
i0r1nVAjLgZz0GxUVeUVyPAPTAp4L3r1qzH0G1cI1DQCvAcc5Rljaz/4QVMquo4d
D4Ycc+zpAsrkyLfZYMKfRY4nOlcyKl0FfU0lHibXmNlDzTf6glFIVyCBPXWrAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUzT62LcxZ3NLZK6Ul4iVbRpfDplAwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjAzNjE5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwQq
BqAFFBADBwUqBqAFFEAwEgMHBCoGoAUhMAMHByoGoAUhADANBgkqhkiG9w0BAQsF
AAOCAQEAV9ur41qWIROAOvJO3dV/SQfD+vm0WmQZInk2j0ELTqUCtzOG2DWfDKZx
uJMI0sXg17IuyuDjx+KFF/qFINI66cDxuKSdlRCYdVI7pMLfo/BaSGIAJ0HXX0ZG
2BHNejPE0mhAnSGjFKFQUaLXlLdC5H6BEWfAV/oZSKlIsAdnPfhtv7QY2nflDZCR
f189Qy/CrYiWNP1TD5oiASsLa/zvA54gQGGpooPdK7Olvxyg3wu1Xmz32Uz+f5+f
zJIJWR2lXz67bK43T/1+Clmtg6Yku0aQGiJnQv4jdvT/fUzS+Cutp6n7QhTwosqH
anzQRMlR1CyAlWPxnnJna+zjRm8VVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-fra.rpki-client.org