Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS204789.roa
File: AS204789.roa (raw, json)
Hash identifier: OxMNtqvUW4VZ4Sr7UD3mGt+3MMEJwr7ztck2Ncdn53c=
Subject key identifier: 4D:4F:9D:E2:23:2A:84:8E:77:E2:77:66:2C:71:C6:B2:81:0A:1F:64
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 5E4A213E3CEB6FC3C6297F5B1D00765A986CD560
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS204789.roa
Signing time: Sun 01 Jan 2023 23:59:20 +0000
ROA not before: Sun 01 Jan 2023 23:54:20 +0000
ROA not after: Sun 31 Dec 2023 23:59:20 +0000
asID: 204789
IP address blocks: 2a06:1286::/32 maxlen: 48
2a06:a005:1db0::/44 maxlen: 48
2a06:a005:1dd0::/44 maxlen: 48
2a06:a005:1de0::/44 maxlen: 48
2a06:a005:1df0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:4a:21:3e:3c:eb:6f:c3:c6:29:7f:5b:1d:00:76:5a:98:6c:d5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:20 2023 GMT
Not After : Dec 31 23:59:20 2023 GMT
Subject: CN=4D4F9DE2232A848E77E277662C71C6B2810A1F64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8c:b9:7d:a5:5c:b6:3c:0a:fd:46:b3:e8:7f:
7c:1a:3a:a5:80:1e:cf:5e:c6:21:ea:56:49:cd:ec:
28:c5:4b:16:09:2f:7c:b8:e1:0b:67:8c:c5:f9:37:
e7:eb:06:1c:98:d0:f3:8e:6c:51:6c:bc:92:9a:39:
ed:9b:44:88:85:96:56:10:cd:90:f3:4d:92:fc:f0:
2c:bc:db:f7:e8:f6:39:ef:bf:7f:06:6c:a8:73:57:
c0:c4:74:b5:f4:b0:18:a2:8f:a0:c8:ad:cf:b1:f8:
5d:24:84:88:b2:89:7f:47:bc:42:c9:ce:bb:40:b2:
e3:6b:9d:e6:23:ae:5e:a6:f8:ba:f9:7b:4e:88:38:
aa:44:d4:e3:c3:74:38:16:db:42:56:db:c6:12:b4:
96:9f:88:22:44:9c:16:7a:6e:25:24:e0:50:09:b3:
31:2b:48:26:65:23:22:21:57:48:5f:40:ef:4e:4d:
3a:ac:64:1d:6c:e0:c5:70:c9:1b:27:23:7e:b5:f6:
a2:a7:07:98:76:c2:cc:f7:7f:e4:b8:f8:78:03:25:
7f:96:01:f3:cf:8d:12:aa:b1:35:f8:58:0c:28:ef:
a9:6a:a7:e4:5a:67:95:6d:5b:b8:8d:a5:09:58:32:
c3:92:13:6c:39:38:da:3c:34:d7:00:8e:25:72:41:
f9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4F:9D:E2:23:2A:84:8E:77:E2:77:66:2C:71:C6:B2:81:0A:1F:64
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS204789.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1286::/32
2a06:a005:1db0::/44
2a06:a005:1dd0::-2a06:a005:1dff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
38:d8:2d:17:4b:00:8a:48:d4:61:10:a8:a8:e7:99:17:f9:02:
8e:a7:46:53:6b:82:7d:0d:48:5d:22:67:c1:5d:ca:50:62:9f:
32:f9:5e:e1:b2:f6:6c:b9:e0:b8:28:22:61:bc:a4:a0:69:a6:
7a:51:fa:bd:f4:81:31:fc:b0:4a:a3:62:74:5e:3e:e9:4c:c0:
37:6e:e5:88:63:cd:31:b1:bd:59:27:7c:5e:bc:c9:2a:97:fa:
66:79:bd:63:90:d6:de:49:5e:71:a7:5e:49:36:13:29:03:ee:
40:ac:1f:c9:1d:0e:10:59:0e:b1:36:1a:0f:6e:4d:72:1c:f9:
3a:bb:49:d9:55:7d:e2:37:46:81:db:74:24:85:d0:b6:2a:25:
5a:d7:2e:00:30:e3:e2:a9:19:78:f3:ae:82:35:cb:03:4c:c7:
ec:4e:d4:06:20:9d:5a:4c:7c:34:1a:0d:a1:ba:42:c0:f1:1f:
67:5f:72:ad:a0:da:f4:ef:87:76:23:30:04:46:33:d6:7a:52:
17:80:31:8f:34:cb:48:d5:47:c0:c6:7b:25:b3:85:ee:8f:a0:
36:42:6d:3d:9b:5d:21:67:4e:97:55:09:5c:86:3d:30:ba:f1:
3a:ea:19:7b:eb:0e:7e:18:45:1d:49:90:42:f7:84:8e:34:bc:
12:af:3a:36
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUXkohPjzrb8PGKX9bHQB2Wphs1WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MjBaFw0yMzEyMzEyMzU5MjBaMDMxMTAvBgNV
BAMTKDRENEY5REUyMjMyQTg0OEU3N0UyNzc2NjJDNzFDNkIyODEwQTFGNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjjLl9pVy2PAr9RrPof3waOqWA
Hs9exiHqVknN7CjFSxYJL3y44QtnjMX5N+frBhyY0POObFFsvJKaOe2bRIiFllYQ
zZDzTZL88Cy82/fo9jnvv38GbKhzV8DEdLX0sBiij6DIrc+x+F0khIiyiX9HvELJ
zrtAsuNrneYjrl6m+Lr5e06IOKpE1OPDdDgW20JW28YStJafiCJEnBZ6biUk4FAJ
szErSCZlIyIhV0hfQO9OTTqsZB1s4MVwyRsnI3619qKnB5h2wsz3f+S4+HgDJX+W
AfPPjRKqsTX4WAwo76lqp+RaZ5VtW7iNpQlYMsOSE2w5ONo8NNcAjiVyQfkhAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUTU+d4iMqhI534ndmLHHGsoEKH2QwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjA0Nzg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUAKgYS
hgMHBCoGoAUdsDARAwcEKgagBR3QAwYBKgagBRwwDQYJKoZIhvcNAQELBQADggEB
ADjYLRdLAIpI1GEQqKjnmRf5Ao6nRlNrgn0NSF0iZ8FdylBinzL5XuGy9my54Lgo
ImG8pKBppnpR+r30gTH8sEqjYnRePulMwDdu5YhjzTGxvVknfF68ySqX+mZ5vWOQ
1t5JXnGnXkk2EykD7kCsH8kdDhBZDrE2Gg9uTXIc+Tq7SdlVfeI3RoHbdCSF0LYq
JVrXLgAw4+KpGXjzroI1ywNMx+xO1AYgnVpMfDQaDaG6QsDxH2dfcq2g2vTvh3Yj
MARGM9Z6UheAMY80y0jVR8DGeyWzhe6PoDZCbT2bXSFnTpdVCVyGPTC68TrqGXvr
Dn4YRR1JkEL3hI40vBKvOjY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:08 2024 by rpki-client on console-ams.rpki-client.org