Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS23428.roa
File: AS23428.roa (raw, json)
Hash identifier: ejbmalAIeEcG8YZngoXqO8h/dY6w9vr6uJ601/ME+Ho=
Subject key identifier: 72:BA:6B:2E:52:5D:B3:9F:B4:21:7A:04:3A:DD:1B:2B:59:97:C3:01
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 1A792392E33F3FDA6CB1479DFBC2E42EE52089B7
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS23428.roa
Signing time: Sun 01 Jan 2023 23:59:21 +0000
ROA not before: Sun 01 Jan 2023 23:54:21 +0000
ROA not after: Sun 31 Dec 2023 23:59:21 +0000
asID: 23428
IP address blocks: 2a06:a005:a17::/48 maxlen: 48
2a06:a005:d20::/48 maxlen: 48
2a06:a005:1180::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:79:23:92:e3:3f:3f:da:6c:b1:47:9d:fb:c2:e4:2e:e5:20:89:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:21 2023 GMT
Not After : Dec 31 23:59:21 2023 GMT
Subject: CN=72BA6B2E525DB39FB4217A043ADD1B2B5997C301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:85:1e:9e:ad:e4:ba:0e:c1:2a:d5:07:10:08:
e0:cf:6c:2d:b7:37:97:6b:d0:0e:fb:d0:d9:d1:7f:
69:1f:d6:da:f8:47:39:fc:ef:df:fb:fe:8b:2d:8f:
77:55:1c:93:43:23:73:cb:c7:6d:5e:a0:0b:1b:8f:
4b:00:e3:02:72:33:81:c4:c4:0b:a3:36:6c:70:b7:
30:0f:94:83:bb:a7:84:b1:22:aa:8b:83:3c:5b:73:
74:73:67:22:b8:84:02:3b:17:a9:ea:38:ab:81:44:
75:d5:bd:ec:6d:9e:1d:71:65:b3:7e:4a:72:81:9b:
6c:b9:12:0d:7a:24:37:f3:f5:b3:c4:cc:8c:33:0a:
66:eb:1d:8a:a6:1e:76:b8:d5:ff:71:a5:43:dc:7a:
28:e7:7e:56:82:67:b3:05:6c:e1:a9:ba:70:86:da:
27:c4:dd:a3:8a:66:4f:1b:da:78:36:fe:e2:72:b8:
7b:27:3a:9d:1a:7b:da:dc:7b:18:1e:5a:55:04:da:
5e:7b:59:f0:fd:ff:02:8a:ba:48:56:db:7e:dc:a3:
44:9c:6b:f2:4a:cd:f3:68:4b:32:86:5b:05:96:4f:
fa:69:a9:a5:ca:a0:e9:4e:34:ba:e1:0c:7e:41:17:
0d:a0:cd:0b:fe:a3:40:bb:a9:0e:0f:99:21:25:29:
9c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:BA:6B:2E:52:5D:B3:9F:B4:21:7A:04:3A:DD:1B:2B:59:97:C3:01
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS23428.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:a17::/48
2a06:a005:d20::/48
2a06:a005:1180::/44
Signature Algorithm: sha256WithRSAEncryption
92:c6:26:37:96:75:72:33:36:1a:75:f1:36:3d:76:02:65:d7:
8d:c7:32:db:5a:2c:44:c1:60:97:2d:15:23:68:e2:d3:48:f8:
db:84:af:51:16:8e:28:b4:ae:cf:1f:0e:fb:e8:60:6f:90:17:
98:fc:71:69:15:e8:cd:62:7b:2c:e7:a9:6b:68:ac:ef:23:50:
0a:15:b3:d3:fe:d4:9a:6e:11:b7:57:da:ff:fd:ec:71:88:1a:
e7:76:3d:0e:92:af:48:83:6f:24:d4:14:dd:ea:e6:f0:25:7b:
5c:95:2a:e8:11:9c:45:2b:91:0f:68:7f:02:c2:ba:5f:07:35:
40:17:9f:44:47:a9:cb:35:ef:d4:b4:ac:32:71:3b:fc:9d:46:
56:97:fd:70:0f:6a:98:76:9f:d7:e0:80:53:21:77:7e:ab:0e:
33:10:a5:d1:56:64:9f:39:8a:02:51:f3:99:cd:95:1c:12:40:
8d:80:f3:02:b6:6a:92:9c:0b:4b:1b:1c:79:8b:03:0e:6b:dc:
d2:dd:48:d6:91:0c:3e:e1:8c:0d:a8:d9:89:3c:8f:3c:38:58:
af:19:c9:af:e6:cf:4a:78:02:22:25:11:b6:72:ae:0b:24:6b:
f2:81:11:9c:f6:c4:1c:a8:62:96:27:6c:de:e2:3c:61:4c:c3:
15:8d:d1:dc
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUGnkjkuM/P9pssUed+8LkLuUgibcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MjFaFw0yMzEyMzEyMzU5MjFaMDMxMTAvBgNV
BAMTKDcyQkE2QjJFNTI1REIzOUZCNDIxN0EwNDNBREQxQjJCNTk5N0MzMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnhR6ereS6DsEq1QcQCODPbC23
N5dr0A770NnRf2kf1tr4Rzn879/7/ostj3dVHJNDI3PLx21eoAsbj0sA4wJyM4HE
xAujNmxwtzAPlIO7p4SxIqqLgzxbc3RzZyK4hAI7F6nqOKuBRHXVvextnh1xZbN+
SnKBm2y5Eg16JDfz9bPEzIwzCmbrHYqmHna41f9xpUPceijnflaCZ7MFbOGpunCG
2ifE3aOKZk8b2ng2/uJyuHsnOp0ae9rcexgeWlUE2l57WfD9/wKKukhW237co0Sc
a/JKzfNoSzKGWwWWT/ppqaXKoOlONLrhDH5BFw2gzQv+o0C7qQ4PmSElKZwrAgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQUcrprLlJds5+0IXoEOt0bK1mXwwEwHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTMjM0Mjgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMCEEAgACMBsDBwAqBqAF
ChcDBwAqBqAFDSADBwQqBqAFEYAwDQYJKoZIhvcNAQELBQADggEBAJLGJjeWdXIz
Nhp18TY9dgJl143HMttaLETBYJctFSNo4tNI+NuEr1EWjii0rs8fDvvoYG+QF5j8
cWkV6M1ieyznqWtorO8jUAoVs9P+1JpuEbdX2v/97HGIGud2PQ6Sr0iDbyTUFN3q
5vAle1yVKugRnEUrkQ9ofwLCul8HNUAXn0RHqcs179S0rDJxO/ydRlaX/XAPaph2
n9fggFMhd36rDjMQpdFWZJ85igJR85nNlRwSQI2A8wK2apKcC0sbHHmLAw5r3NLd
SNaRDD7hjA2o2Yk8jzw4WK8Zya/mz0p4AiIlEbZyrgska/KBEZz2xByoYpYnbN7i
PGFMwxWN0dw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:21 2024 by rpki-client on console-fra.rpki-client.org