Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205431.roa
File: AS205431.roa (raw, json)
Hash identifier: vqDvVVCxEZd8lvjhrtaaWO6yI/TAIv5+hquIPEb6xRQ=
Subject key identifier: 93:8A:AF:7D:44:8C:84:7A:C5:7F:27:CA:78:8A:D9:06:60:29:77:7E
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 5A9AC76DA7165C3C7009E7E2609B0197B219C63D
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205431.roa
Signing time: Sun 01 Jan 2023 23:59:23 +0000
ROA not before: Sun 01 Jan 2023 23:54:23 +0000
ROA not after: Sun 31 Dec 2023 23:59:23 +0000
asID: 205431
IP address blocks: 2a06:a002::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:9a:c7:6d:a7:16:5c:3c:70:09:e7:e2:60:9b:01:97:b2:19:c6:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:23 2023 GMT
Not After : Dec 31 23:59:23 2023 GMT
Subject: CN=938AAF7D448C847AC57F27CA788AD9066029777E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d9:64:7d:f7:a5:cc:16:b7:e2:22:fb:8f:1f:
90:00:d8:9f:80:8d:3e:33:2a:42:3f:65:10:7e:d3:
05:a4:74:c0:a7:91:1b:66:85:8e:38:ca:e8:a8:54:
30:d7:3c:47:d1:e0:cd:26:10:e4:b0:c0:f0:a5:bf:
7c:69:f0:c4:2b:c2:db:32:5a:aa:56:59:a2:fd:65:
63:5f:51:dc:f3:3d:f9:06:d7:9a:78:df:92:32:ca:
56:f3:43:96:e6:eb:c1:07:ed:df:63:0f:b4:b3:6c:
15:63:98:f1:7e:19:c3:26:57:6b:b3:6b:0b:71:a8:
46:9f:53:e3:aa:fb:c7:c2:d3:72:77:af:7f:7a:79:
0f:10:b1:18:bd:2d:a6:50:a9:64:5a:97:1c:d6:7d:
31:2b:75:63:1c:4a:c3:2b:09:ca:31:ab:1b:77:55:
b1:0c:9f:17:b1:53:4f:5e:51:1e:6b:54:2c:cd:83:
7b:6a:dd:ce:4e:dd:a3:50:5d:01:a8:6a:b9:93:5c:
e6:42:42:30:8e:75:de:b9:5f:56:8d:47:c2:2e:7d:
ef:34:14:a4:43:53:41:ea:c3:9a:84:f8:ac:6b:5a:
dd:e6:27:12:da:5b:60:3c:9a:58:f3:d1:5a:fd:70:
cf:5b:df:7d:d1:81:02:a7:fa:95:20:66:4a:4e:86:
fa:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:8A:AF:7D:44:8C:84:7A:C5:7F:27:CA:78:8A:D9:06:60:29:77:7E
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a002::/32
Signature Algorithm: sha256WithRSAEncryption
09:33:05:52:76:63:33:22:ee:79:0a:30:0e:6f:7e:66:62:55:
14:4d:b9:17:6d:a8:67:32:73:fb:e6:4e:4d:3d:e6:47:a1:53:
25:35:e0:32:33:05:54:94:52:39:47:23:1f:3a:5b:e9:f0:96:
c5:93:91:d6:b3:10:95:3d:af:d2:44:69:97:32:09:2c:60:f5:
0a:04:8b:05:53:83:55:0d:ad:01:64:6e:ad:e3:2e:56:cf:75:
64:84:02:aa:6d:4c:0a:e7:92:64:d6:ad:ac:a2:13:65:42:53:
8c:bb:b7:19:24:20:ea:49:d4:d7:f0:46:1f:64:cc:2f:d4:30:
22:84:4e:47:02:8d:7b:88:d5:7f:fc:05:09:58:94:3b:12:38:
75:ea:23:11:ec:5b:8c:53:4d:27:5c:c5:2d:b9:9e:28:d3:da:
b4:e2:78:61:3d:95:46:0c:de:b0:d1:58:55:5c:78:a7:76:ef:
b6:58:32:db:27:50:fe:b5:f8:51:7d:0c:a9:a3:ce:82:fa:f8:
53:f7:d7:a7:85:a4:33:c6:b1:02:49:92:ad:0e:f4:f7:ae:9d:
8b:84:46:c1:d9:1c:19:f3:1f:2c:86:f0:da:92:93:77:51:cb:
85:fc:37:17:cb:23:4a:60:da:62:ec:48:e3:2e:9b:f9:ae:27:
0e:86:eb:d5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIUWprHbacWXDxwCefiYJsBl7IZxj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MjNaFw0yMzEyMzEyMzU5MjNaMDMxMTAvBgNV
BAMTKDkzOEFBRjdENDQ4Qzg0N0FDNTdGMjdDQTc4OEFEOTA2NjAyOTc3N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM2WR996XMFrfiIvuPH5AA2J+A
jT4zKkI/ZRB+0wWkdMCnkRtmhY44yuioVDDXPEfR4M0mEOSwwPClv3xp8MQrwtsy
WqpWWaL9ZWNfUdzzPfkG15p435IyylbzQ5bm68EH7d9jD7SzbBVjmPF+GcMmV2uz
awtxqEafU+Oq+8fC03J3r396eQ8QsRi9LaZQqWRalxzWfTErdWMcSsMrCcoxqxt3
VbEMnxexU09eUR5rVCzNg3tq3c5O3aNQXQGoarmTXOZCQjCOdd65X1aNR8Iufe80
FKRDU0Hqw5qE+KxrWt3mJxLaW2A8mljz0Vr9cM9b333RgQKn+pUgZkpOhvrlAgMB
AAGjggILMIICBzAdBgNVHQ4EFgQUk4qvfUSMhHrFfyfKeIrZBmApd34wHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjA1NDMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgag
AjANBgkqhkiG9w0BAQsFAAOCAQEACTMFUnZjMyLueQowDm9+ZmJVFE25F22oZzJz
++ZOTT3mR6FTJTXgMjMFVJRSOUcjHzpb6fCWxZOR1rMQlT2v0kRplzIJLGD1CgSL
BVODVQ2tAWRureMuVs91ZIQCqm1MCueSZNatrKITZUJTjLu3GSQg6knU1/BGH2TM
L9QwIoRORwKNe4jVf/wFCViUOxI4deojEexbjFNNJ1zFLbmeKNPatOJ4YT2VRgze
sNFYVVx4p3bvtlgy2ydQ/rX4UX0MqaPOgvr4U/fXp4WkM8axAkmSrQ70966di4RG
wdkcGfMfLIbw2pKTd1HLhfw3F8sjSmDaYuxI4y6b+a4nDobr1Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-fra.rpki-client.org