Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205432.roa
File: AS205432.roa (raw, json)
Hash identifier: arjg3vVrP3iHBUZ760C+rdKo87THE+IcPr63AhugVaQ=
Subject key identifier: 4C:C2:60:73:30:2E:D6:A9:EA:B6:B9:6D:FE:B4:10:5A:5B:86:99:B8
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 55964E8CD235D4088B8C115F4C74ACD52104187C
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205432.roa
Signing time: Sun 01 Jan 2023 23:59:20 +0000
ROA not before: Sun 01 Jan 2023 23:54:20 +0000
ROA not after: Sun 31 Dec 2023 23:59:20 +0000
asID: 205432
IP address blocks: 2a06:a005:1a::/47 maxlen: 48
2a06:a005:5e2::/48 maxlen: 48
2a06:a005:680::/44 maxlen: 48
2a06:a005:690::/44 maxlen: 48
2a06:a005:6a0::/44 maxlen: 48
2a06:a005:85c::/47 maxlen: 48
2a06:a005:9d0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:96:4e:8c:d2:35:d4:08:8b:8c:11:5f:4c:74:ac:d5:21:04:18:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:20 2023 GMT
Not After : Dec 31 23:59:20 2023 GMT
Subject: CN=4CC26073302ED6A9EAB6B96DFEB4105A5B8699B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:83:0b:85:1d:c4:aa:2c:2c:93:48:c3:64:2e:
fd:6a:5b:1b:e8:36:c3:36:4e:8e:86:fc:13:17:54:
18:aa:cd:12:9b:5a:da:2a:20:f4:b1:ad:28:66:e7:
88:ed:9f:51:8c:3e:62:1f:8b:9b:46:06:2f:ac:ae:
b7:a6:ea:d1:35:97:46:f6:39:ef:55:69:79:58:81:
25:61:ff:48:30:8e:a0:e7:81:04:e3:ac:c5:65:b6:
27:e8:1f:70:fc:cf:4a:00:34:33:af:23:39:34:13:
1e:03:89:9e:fe:c1:66:60:99:1c:06:81:e5:55:de:
7c:01:dc:a2:8e:f6:31:94:a5:70:97:85:e3:7e:e4:
bb:69:f8:63:df:88:10:a6:fb:b9:ba:5d:e4:00:5d:
70:ca:9f:00:b1:71:d4:d3:8f:49:16:1d:91:04:27:
83:50:06:3b:d6:69:57:d5:f9:bb:9c:69:aa:a7:fe:
39:c3:5d:7d:6e:3c:81:bd:34:2a:d9:65:bd:9a:b3:
44:68:e2:11:f6:33:28:d8:e1:7a:85:cd:15:74:db:
a3:23:06:cb:ed:fe:c0:9a:e2:5b:14:4c:88:7d:99:
41:03:59:fe:72:ec:f4:ad:07:06:c9:9d:f9:0b:3c:
c5:60:54:08:1a:cb:8f:a7:94:66:e1:a5:f8:9f:b1:
be:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C2:60:73:30:2E:D6:A9:EA:B6:B9:6D:FE:B4:10:5A:5B:86:99:B8
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS205432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1a::/47
2a06:a005:5e2::/48
2a06:a005:680::-2a06:a005:6af:ffff:ffff:ffff:ffff:ffff
2a06:a005:85c::/47
2a06:a005:9d0::/44
Signature Algorithm: sha256WithRSAEncryption
7d:d1:c4:f5:06:4e:c7:55:ed:23:d2:19:97:78:0b:5e:5a:11:
c0:44:e4:87:57:1b:82:6e:0f:b2:62:36:b0:0c:5b:a3:e9:20:
8b:70:58:98:93:05:34:1a:11:ae:16:c6:f0:0b:50:5d:c9:87:
9b:42:46:3f:19:1a:24:1a:27:9d:e3:0f:73:ee:98:ac:56:0f:
e0:cc:26:9e:f0:d5:43:7c:19:a9:c0:65:2d:83:f7:7a:3a:96:
2c:39:29:ca:b0:7e:5d:4a:41:33:d2:f4:e8:cf:1d:69:dc:a7:
28:ae:0a:4c:01:7c:4e:28:f3:56:d6:fa:a6:92:8b:f3:e3:77:
e9:52:42:f4:b1:27:03:75:7e:f4:09:b7:68:87:80:d1:30:d6:
e3:88:29:59:5f:37:a4:a2:99:1c:4f:33:31:dd:7e:88:c7:65:
37:b0:83:9c:61:47:21:4b:cc:17:18:7d:04:1c:4d:26:86:8a:
c6:02:2d:96:14:fc:d2:92:7e:42:eb:f9:80:32:bf:13:e1:78:
91:8b:9b:6a:85:5e:28:9f:bd:d1:13:d7:c4:6e:b4:b3:54:26:
ff:8c:f1:d1:a8:b6:d5:0d:19:e4:f0:ef:8c:2f:45:d3:6b:25:
95:cc:d6:34:ed:2a:01:69:16:d4:2d:4c:f5:09:09:37:3d:0a:
e3:e4:50:4e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUVZZOjNI11AiLjBFfTHSs1SEEGHwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MjBaFw0yMzEyMzEyMzU5MjBaMDMxMTAvBgNV
BAMTKDRDQzI2MDczMzAyRUQ2QTlFQUI2Qjk2REZFQjQxMDVBNUI4Njk5QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkgwuFHcSqLCyTSMNkLv1qWxvo
NsM2To6G/BMXVBiqzRKbWtoqIPSxrShm54jtn1GMPmIfi5tGBi+srrem6tE1l0b2
Oe9VaXlYgSVh/0gwjqDngQTjrMVltifoH3D8z0oANDOvIzk0Ex4DiZ7+wWZgmRwG
geVV3nwB3KKO9jGUpXCXheN+5Ltp+GPfiBCm+7m6XeQAXXDKnwCxcdTTj0kWHZEE
J4NQBjvWaVfV+bucaaqn/jnDXX1uPIG9NCrZZb2as0Ro4hH2MyjY4XqFzRV026Mj
Bsvt/sCa4lsUTIh9mUEDWf5y7PStBwbJnfkLPMVgVAgay4+nlGbhpfifsb4RAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUTMJgczAu1qnqtrlt/rQQWluGmbgwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjA1NDMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAAjA4AwcBKgag
BQAaAwcAKgagBQXiMBIDBwcqBqAFBoADBwQqBqAFBqADBwEqBqAFCFwDBwQqBqAF
CdAwDQYJKoZIhvcNAQELBQADggEBAH3RxPUGTsdV7SPSGZd4C15aEcBE5IdXG4Ju
D7JiNrAMW6PpIItwWJiTBTQaEa4WxvALUF3Jh5tCRj8ZGiQaJ53jD3PumKxWD+DM
Jp7w1UN8GanAZS2D93o6liw5Kcqwfl1KQTPS9OjPHWncpyiuCkwBfE4o81bW+qaS
i/Pjd+lSQvSxJwN1fvQJt2iHgNEw1uOIKVlfN6SimRxPMzHdfojHZTewg5xhRyFL
zBcYfQQcTSaGisYCLZYU/NKSfkLr+YAyvxPheJGLm2qFXiifvdET18RutLNUJv+M
8dGottUNGeTw74wvRdNrJZXM1jTtKgFpFtQtTPUJCTc9CuPkUE4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:41:29 2025 by rpki-client