Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS211358.roa
File: AS211358.roa (raw, json)
Hash identifier: LCyso92vNf7e+rf1b7QT0XfoVEEQcm6chfWU0rHyB3Q=
Subject key identifier: EF:9D:98:EC:CE:1F:EE:BB:FE:76:24:A6:26:0B:36:52:9E:A9:E8:22
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 5BB5F4BADC20E71D1FB31A82EC6F5FB336A7110F
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS211358.roa
Signing time: Sun 01 Jan 2023 23:59:18 +0000
ROA not before: Sun 01 Jan 2023 23:54:18 +0000
ROA not after: Sun 31 Dec 2023 23:59:18 +0000
asID: 211358
IP address blocks: 2a06:a005:e0::/44 maxlen: 48
2a06:a005:240::/44 maxlen: 48
2a06:a005:250::/44 maxlen: 48
2a06:a005:400::/44 maxlen: 48
2a06:a005:6c0::/44 maxlen: 48
2a06:a005:730::/44 maxlen: 48
2a06:a005:750::/44 maxlen: 48
2a06:a005:790::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:b5:f4:ba:dc:20:e7:1d:1f:b3:1a:82:ec:6f:5f:b3:36:a7:11:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:18 2023 GMT
Not After : Dec 31 23:59:18 2023 GMT
Subject: CN=EF9D98ECCE1FEEBBFE7624A6260B36529EA9E822
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:90:b0:65:46:c7:5a:15:c3:5f:1d:b7:33:25:
dc:94:43:e7:f4:8d:3d:bc:2c:43:5f:91:dd:0b:1b:
3f:a6:b5:c7:42:77:89:ad:b5:e4:8c:fb:69:48:60:
a0:d0:87:9f:7a:6a:0c:b5:8e:c2:22:09:3f:49:e4:
67:5e:90:3e:96:34:c9:94:59:ec:98:d0:bf:cd:bd:
66:5f:6a:3f:b0:81:21:4e:a9:2d:73:4c:ea:38:5a:
ec:bd:26:58:89:b9:cf:a1:4c:6b:00:0c:c4:6b:60:
6c:c6:f9:41:61:49:e0:1d:3c:b5:95:f0:f0:3f:3b:
7b:51:25:d2:03:ed:a9:f6:7a:51:e1:49:73:55:e3:
41:13:d1:a4:41:ad:1b:28:3f:89:66:e2:d0:a6:4f:
df:69:21:ad:39:33:f2:72:55:4e:17:60:7e:5a:e5:
12:4c:88:84:af:c4:27:ad:1f:f8:1c:21:f3:a8:a7:
39:50:bc:d8:cb:41:cd:ab:b8:b0:ea:a1:c5:91:63:
31:c1:d9:90:ef:00:58:3c:87:32:81:0d:6b:78:e2:
e9:74:61:51:44:08:22:15:8e:a5:b8:50:2f:62:c9:
cb:8c:1b:f3:c8:4f:e4:c2:f6:e0:63:de:f5:aa:fd:
f0:eb:6d:99:7f:92:e9:19:0a:2f:fe:13:35:2d:e3:
a1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:9D:98:EC:CE:1F:EE:BB:FE:76:24:A6:26:0B:36:52:9E:A9:E8:22
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS211358.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:e0::/44
2a06:a005:240::/43
2a06:a005:400::/44
2a06:a005:6c0::/44
2a06:a005:730::/44
2a06:a005:750::/44
2a06:a005:790::/44
Signature Algorithm: sha256WithRSAEncryption
06:4d:24:73:1d:97:45:bf:d5:6f:4f:a0:d9:ec:0f:6a:f6:45:
b3:6e:36:a7:b2:93:74:c3:3f:2f:b6:09:bb:0c:76:6a:fe:c7:
64:8d:23:a0:af:47:a4:30:81:f6:3a:f8:cd:0d:37:db:84:a3:
dc:ce:03:6a:4b:f5:80:b2:63:88:22:1a:5c:5e:43:c4:f1:05:
2e:d5:c6:b5:ec:e2:8d:47:ad:29:e7:b8:ab:3b:ce:b1:b9:44:
e2:01:e2:59:5e:2a:51:b4:7c:02:67:73:a9:a9:2a:67:14:64:
29:da:a8:ee:cf:54:1b:09:29:b1:f7:5f:94:6b:fd:60:9e:b9:
f3:22:a9:91:21:f8:93:df:c8:1a:b5:54:9b:68:27:8b:b6:ca:
c6:d9:bd:ac:41:ce:5f:7d:9d:1d:88:11:2c:f1:e9:1b:da:50:
a9:ab:aa:53:c9:2b:d8:dd:8f:10:27:88:7d:03:8f:5e:67:53:
bf:4d:d6:8e:69:f1:eb:d5:a9:0d:f0:8a:f2:9d:1b:24:64:09:
71:f9:a0:ce:16:32:39:dc:e2:52:21:d6:52:6e:36:ab:d0:9d:
07:0e:2a:c3:cb:a5:bc:e0:f3:2e:9e:ee:80:f5:a5:ea:9b:de:
2a:9f:e7:c3:c3:b1:84:53:9a:d0:72:92:2e:e3:f7:43:bb:08:
12:74:ac:6f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgIUW7X0utwg5x0fsxqC7G9fszanEQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MThaFw0yMzEyMzEyMzU5MThaMDMxMTAvBgNV
BAMTKEVGOUQ5OEVDQ0UxRkVFQkJGRTc2MjRBNjI2MEIzNjUyOUVBOUU4MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvkLBlRsdaFcNfHbczJdyUQ+f0
jT28LENfkd0LGz+mtcdCd4mtteSM+2lIYKDQh596agy1jsIiCT9J5GdekD6WNMmU
WeyY0L/NvWZfaj+wgSFOqS1zTOo4Wuy9JliJuc+hTGsADMRrYGzG+UFhSeAdPLWV
8PA/O3tRJdID7an2elHhSXNV40ET0aRBrRsoP4lm4tCmT99pIa05M/JyVU4XYH5a
5RJMiISvxCetH/gcIfOopzlQvNjLQc2ruLDqocWRYzHB2ZDvAFg8hzKBDWt44ul0
YVFECCIVjqW4UC9iycuMG/PIT+TC9uBj3vWq/fDrbZl/kukZCi/+EzUt46EhAgMB
AAGjggJDMIICPzAdBgNVHQ4EFgQU752Y7M4f7rv+diSmJgs2Up6p6CIwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjExMzU4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzBFBAIAAjA/AwcEKgag
BQDgAwcFKgagBQJAAwcEKgagBQQAAwcEKgagBQbAAwcEKgagBQcwAwcEKgagBQdQ
AwcEKgagBQeQMA0GCSqGSIb3DQEBCwUAA4IBAQAGTSRzHZdFv9VvT6DZ7A9q9kWz
bjanspN0wz8vtgm7DHZq/sdkjSOgr0ekMIH2OvjNDTfbhKPczgNqS/WAsmOIIhpc
XkPE8QUu1ca17OKNR60p57irO86xuUTiAeJZXipRtHwCZ3OpqSpnFGQp2qjuz1Qb
CSmx91+Ua/1gnrnzIqmRIfiT38gatVSbaCeLtsrG2b2sQc5ffZ0diBEs8ekb2lCp
q6pTySvY3Y8QJ4h9A49eZ1O/TdaOafHr1akN8IrynRskZAlx+aDOFjI53OJSIdZS
bjar0J0HDirDy6W84PMunu6A9aXqm94qn+fDw7GEU5rQcpIu4/dDuwgSdKxv
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:01:08 2024 by rpki-client on console-ams.rpki-client.org