Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS140641.roa
File: AS140641.roa (raw, json)
Hash identifier: yaVyFIJjhQrEWiUDw2ueO23/wymSeVIQPZDh+R5DkYU=
Subject key identifier: 5D:D4:CE:62:A3:34:6B:E1:21:B6:F3:F0:8F:25:ED:20:F1:11:4C:B6
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 75F7C8C730D1F4A442B8A391F79A7CC45115B70F
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS140641.roa
Signing time: Fri 12 Jul 2024 03:32:35 +0000
ROA not before: Fri 12 Jul 2024 03:27:35 +0000
ROA not after: Fri 11 Jul 2025 03:32:35 +0000
asID: 140641
IP address blocks: 2a0f:85c1:3d7::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f7:c8:c7:30:d1:f4:a4:42:b8:a3:91:f7:9a:7c:c4:51:15:b7:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 12 03:27:35 2024 GMT
Not After : Jul 11 03:32:35 2025 GMT
Subject: CN=5DD4CE62A3346BE121B6F3F08F25ED20F1114CB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:15:e6:e3:79:e4:8e:b3:32:b0:8d:fd:cb:da:
83:df:9f:26:a7:d8:51:1c:7f:00:7f:ab:1f:bf:f4:
4a:1a:4b:00:43:f8:64:06:21:5d:8f:a3:04:b1:11:
1c:84:5d:84:86:f8:6a:2e:26:e9:e4:74:1c:bb:dc:
35:f0:00:35:fa:21:13:3c:63:05:6b:3c:12:81:bf:
b3:5a:6e:de:58:af:da:0a:ce:d7:65:cb:bb:f5:18:
0a:88:69:86:5b:31:82:51:32:6d:fa:47:34:c1:dd:
0e:89:3f:f6:5f:ce:a1:dd:e0:41:27:f5:bc:e9:bc:
69:40:48:12:d6:45:d4:1f:4f:de:20:8f:8b:1b:ce:
69:e3:7c:20:d6:92:4e:25:cb:72:36:1d:19:e0:b9:
68:39:9d:56:a4:da:f3:95:bb:ec:01:2f:a6:1f:e0:
af:c9:57:35:ce:aa:94:92:d7:49:38:31:9b:1c:7e:
90:84:b9:8f:cb:9d:6d:73:31:34:f4:a6:67:3f:59:
fa:ec:83:88:7a:bb:08:73:8a:55:d6:90:d1:bd:43:
a2:60:73:a9:01:45:95:d4:0e:d4:74:85:e5:c5:3b:
0e:61:47:24:fc:fa:bb:cf:ae:15:cc:e9:07:2c:f4:
51:2b:fa:35:b5:fe:26:f3:b4:c1:52:5c:9f:22:71:
1c:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D4:CE:62:A3:34:6B:E1:21:B6:F3:F0:8F:25:ED:20:F1:11:4C:B6
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS140641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3d7::/48
Signature Algorithm: sha256WithRSAEncryption
21:c1:e1:14:a2:50:b3:6f:5e:46:f0:ea:78:38:bc:de:14:c4:
19:d7:87:9e:9b:dc:fb:26:4e:33:63:68:0b:0d:1c:80:8e:0a:
a3:54:21:3b:dc:4c:73:85:4f:a0:93:b3:79:ec:df:a5:8e:d6:
0a:ae:3b:6a:31:5a:08:a6:60:b3:fe:4f:06:44:dd:cc:2d:7d:
e3:80:fb:7f:67:2a:89:10:de:76:62:b6:9a:16:b0:fd:94:13:
5b:07:52:8b:91:94:61:3c:69:a9:93:ca:c1:27:37:d2:7f:1b:
9d:63:c6:2f:1f:b4:1c:dd:cc:e1:15:f6:71:67:58:3d:44:8e:
4d:20:c5:9c:a0:04:c0:7b:0f:16:5d:6f:45:02:30:4d:db:03:
4a:e2:fa:36:d7:73:28:21:b3:79:2e:bb:f0:e9:20:d9:a3:77:
95:82:18:3a:41:5c:94:7c:1e:7b:6b:a0:db:f2:0a:6d:ec:1b:
5f:70:70:cd:b0:b1:11:fb:7e:32:f9:bd:b0:32:4b:65:54:b0:
09:ea:24:cf:31:ea:dc:52:4b:38:d9:fd:17:23:37:0a:bc:95:
c8:23:e7:f5:d6:02:58:81:2b:7e:b8:b5:67:00:c8:33:f2:eb:
c0:d5:fb:79:e2:14:ff:b1:41:99:82:f6:19:7a:85:72:af:85:
06:2a:d0:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUdffIxzDR9KRCuKOR95p8xFEVtw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MTIwMzI3MzVaFw0yNTA3MTEwMzMyMzVaMDMxMTAvBgNV
BAMTKDVERDRDRTYyQTMzNDZCRTEyMUI2RjNGMDhGMjVFRDIwRjExMTRDQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfFebjeeSOszKwjf3L2oPfnyan
2FEcfwB/qx+/9EoaSwBD+GQGIV2PowSxERyEXYSG+GouJunkdBy73DXwADX6IRM8
YwVrPBKBv7Nabt5Yr9oKztdly7v1GAqIaYZbMYJRMm36RzTB3Q6JP/ZfzqHd4EEn
9bzpvGlASBLWRdQfT94gj4sbzmnjfCDWkk4ly3I2HRnguWg5nVak2vOVu+wBL6Yf
4K/JVzXOqpSS10k4MZscfpCEuY/LnW1zMTT0pmc/Wfrsg4h6uwhzilXWkNG9Q6Jg
c6kBRZXUDtR0heXFOw5hRyT8+rvPrhXM6Qcs9FEr+jW1/ibztMFSXJ8icRy5AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUXdTOYqM0a+EhtvPwjyXtIPERTLYwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMTQwNjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPXMA0GCSqGSIb3DQEBCwUAA4IBAQAhweEUolCzb15G8Op4OLzeFMQZ14eem9z7
Jk4zY2gLDRyAjgqjVCE73ExzhU+gk7N57N+ljtYKrjtqMVoIpmCz/k8GRN3MLX3j
gPt/ZyqJEN52YraaFrD9lBNbB1KLkZRhPGmpk8rBJzfSfxudY8YvH7Qc3czhFfZx
Z1g9RI5NIMWcoATAew8WXW9FAjBN2wNK4vo213MoIbN5Lrvw6SDZo3eVghg6QVyU
fB57a6Db8gpt7BtfcHDNsLER+34y+b2wMktlVLAJ6iTPMercUks42f0XIzcKvJXI
I+f11gJYgSt+uLVnAMgz8uvA1ft54hT/sUGZgvYZeoVyr4UGKtBu
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org