Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS45772.roa
File: AS45772.roa (raw, json)
Hash identifier: jBvaBmfJTRSnTNaSoOP0Uj5UMy5xOJ59yIvT5kyNkfg=
Subject key identifier: CA:BE:28:B2:97:D6:30:D2:51:62:5F:E2:ED:2E:86:C4:4A:C1:9A:4F
Certificate issuer: /CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Certificate serial: 36FD918AC4B1D5276B02562ECA0F451248386DCE
Authority key identifier: D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS45772.roa
Signing time: Sun 01 Jan 2023 23:59:22 +0000
ROA not before: Sun 01 Jan 2023 23:54:22 +0000
ROA not after: Sun 31 Dec 2023 23:59:22 +0000
asID: 45772
IP address blocks: 2a06:a005:1ee0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:fd:91:8a:c4:b1:d5:27:6b:02:56:2e:ca:0f:45:12:48:38:6d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d12ea65dee9873b5dcf3c6c0224faea6fcb8aea6
Validity
Not Before: Jan 1 23:54:22 2023 GMT
Not After : Dec 31 23:59:22 2023 GMT
Subject: CN=CABE28B297D630D251625FE2ED2E86C44AC19A4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:6c:f3:fc:c9:6f:b5:c4:36:2d:a6:73:0f:39:
b8:e4:75:c1:6b:bb:c5:cc:1e:43:3d:bf:45:46:b8:
cb:bc:8b:91:9c:7a:fe:34:7a:5e:da:f2:cb:1c:c6:
9d:fb:29:a3:83:0d:71:cd:61:99:5f:71:03:6e:fc:
ed:a7:9b:ac:42:ac:90:48:ff:55:a7:80:45:98:84:
9d:6e:38:b9:da:8e:e1:e3:48:a7:2c:0c:67:e6:79:
c7:21:4e:4c:ac:18:d4:3d:64:b4:fc:87:5b:a4:38:
41:f9:8f:97:03:67:f5:90:98:61:33:77:75:3e:c3:
73:cf:7c:4d:ef:81:85:77:17:a0:02:dc:4a:5b:f7:
5c:a2:ee:81:d7:02:3f:68:02:f3:7d:cb:f6:b1:1e:
fa:c0:d9:b1:af:98:c8:72:8e:9d:3f:d3:8c:1d:2b:
e2:59:34:f7:b3:6e:e7:3c:7a:40:fd:59:c8:b1:c7:
4e:e4:d6:3a:19:a1:1b:04:77:aa:cb:25:22:4b:61:
4b:e7:fc:b6:7a:ba:6b:4f:82:c0:92:56:35:d5:db:
78:c3:95:eb:9a:b4:76:8a:ed:6a:e2:70:13:7d:fc:
f3:b2:98:a8:cf:16:32:28:b9:f0:21:d1:1a:07:92:
78:4d:e4:d4:87:a5:bd:39:a6:98:7b:97:01:c7:b3:
77:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BE:28:B2:97:D6:30:D2:51:62:5F:E2:ED:2E:86:C4:4A:C1:9A:4F
X509v3 Authority Key Identifier:
keyid:D1:2E:A6:5D:EE:98:73:B5:DC:F3:C6:C0:22:4F:AE:A6:FC:B8:AE:A6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/D12EA65DEE9873B5DCF3C6C0224FAEA6FCB8AEA6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0S6mXe6Yc7Xc88bAIk-upvy4rqY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f8e7d867-c35e-4e69-a815-ba1e9b336d62/2/AS45772.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:1ee0::/44
Signature Algorithm: sha256WithRSAEncryption
59:19:31:0c:89:83:eb:a5:5c:54:d3:05:81:f4:62:fd:48:af:
a1:5b:b4:c1:af:ef:f3:f3:40:4f:08:80:1e:e1:81:80:0e:f7:
bc:c7:57:82:74:d8:11:6b:aa:9a:20:ab:ee:07:a9:a5:ac:5a:
e7:6b:92:10:ea:18:77:6d:67:4f:d9:1e:d2:4d:31:35:32:86:
d3:85:bc:b2:79:08:57:24:b6:ef:63:74:7e:b3:cc:8d:a7:42:
83:9b:6f:97:63:ed:59:78:04:a1:8d:80:39:80:5f:0e:a7:bf:
b3:a2:a6:cf:2c:5b:76:3c:fe:fd:e9:e9:f4:49:c2:57:24:83:
55:79:c5:74:97:e2:d7:8b:bb:c5:de:8f:d5:13:81:4c:f7:32:
35:26:13:13:1f:38:55:14:b2:5e:2b:9a:6e:be:0e:2f:b7:a8:
df:bb:53:77:23:bd:0b:3f:7c:96:b5:2e:43:76:50:f3:cd:9f:
ee:96:10:57:e4:0a:b7:88:ee:e7:af:27:e3:46:54:ac:67:d0:
9d:96:47:b0:ea:a1:c6:cc:5e:9a:8e:ba:06:ac:96:50:5d:ac:
7a:6e:06:97:f8:0a:0e:86:fe:02:68:38:ec:46:08:5a:21:d6:
65:c1:ac:92:41:8e:be:c8:b5:e1:df:fb:2f:65:7a:91:31:b3:
8c:50:03:59
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUNv2RisSx1SdrAlYuyg9FEkg4bc4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDEyZWE2NWRlZTk4NzNiNWRjZjNjNmMwMjI0ZmFlYTZm
Y2I4YWVhNjAeFw0yMzAxMDEyMzU0MjJaFw0yMzEyMzEyMzU5MjJaMDMxMTAvBgNV
BAMTKENBQkUyOEIyOTdENjMwRDI1MTYyNUZFMkVEMkU4NkM0NEFDMTlBNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRbPP8yW+1xDYtpnMPObjkdcFr
u8XMHkM9v0VGuMu8i5Gcev40el7a8sscxp37KaODDXHNYZlfcQNu/O2nm6xCrJBI
/1WngEWYhJ1uOLnajuHjSKcsDGfmecchTkysGNQ9ZLT8h1ukOEH5j5cDZ/WQmGEz
d3U+w3PPfE3vgYV3F6AC3Epb91yi7oHXAj9oAvN9y/axHvrA2bGvmMhyjp0/04wd
K+JZNPezbuc8ekD9Wcixx07k1joZoRsEd6rLJSJLYUvn/LZ6umtPgsCSVjXV23jD
leuatHaK7WricBN9/POymKjPFjIoufAh0RoHknhN5NSHpb05pph7lwHHs3dPAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUyr4ospfWMNJRYl/i7S6GxErBmk8wHwYDVR0j
BBgwFoAU0S6mXe6Yc7Xc88bAIk+upvy4rqYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjhlN2Q4NjctYzM1ZS00ZTY5LWE4MTUtYmExZTliMzM2
ZDYyLzIvRDEyRUE2NURFRTk4NzNCNURDRjNDNkMwMjI0RkFFQTZGQ0I4QUVBNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBTNm1YZTZZYzdYYzg4YkFJay11cHZ5
NHJxWS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y4ZTdkODY3LWMzNWUt
NGU2OS1hODE1LWJhMWU5YjMzNmQ2Mi8yL0FTNDU3NzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqBqAF
HuAwDQYJKoZIhvcNAQELBQADggEBAFkZMQyJg+ulXFTTBYH0Yv1Ir6FbtMGv7/Pz
QE8IgB7hgYAO97zHV4J02BFrqpogq+4HqaWsWudrkhDqGHdtZ0/ZHtJNMTUyhtOF
vLJ5CFcktu9jdH6zzI2nQoObb5dj7Vl4BKGNgDmAXw6nv7Oips8sW3Y8/v3p6fRJ
wlckg1V5xXSX4teLu8Xej9UTgUz3MjUmExMfOFUUsl4rmm6+Di+3qN+7U3cjvQs/
fJa1LkN2UPPNn+6WEFfkCreI7uevJ+NGVKxn0J2WR7DqocbMXpqOugasllBdrHpu
Bpf4Cg6G/gJoOOxGCFoh1mXBrJJBjr7IteHf+y9lepExs4xQA1k=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:46 2025 by rpki-client