Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: pOpd80cRiQq0wbfNb/FdJaSHY6H6PyJouVqbWhi7B0o=
Subject key identifier: 4B:7F:1C:F2:04:C8:FD:AE:3C:4C:1A:26:0D:A6:96:6E:EA:B6:79:22
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 47C5A38F0244651AD574AFDB631649AA18CA520C
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS20473.roa
Signing time: Thu 25 Jul 2024 00:48:00 +0000
ROA not before: Thu 25 Jul 2024 00:43:00 +0000
ROA not after: Thu 24 Jul 2025 00:48:00 +0000
asID: 20473
IP address blocks: 2a0f:85c1:3c8::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:c5:a3:8f:02:44:65:1a:d5:74:af:db:63:16:49:aa:18:ca:52:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 25 00:43:00 2024 GMT
Not After : Jul 24 00:48:00 2025 GMT
Subject: CN=4B7F1CF204C8FDAE3C4C1A260DA6966EEAB67922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:b8:52:4e:dc:fb:f2:31:21:77:d2:e2:c0:26:
52:37:e9:fe:64:3d:c0:0e:21:72:86:40:08:90:55:
80:bf:9c:a4:7b:c4:c0:65:af:a7:5e:fb:75:95:f4:
fb:cf:72:ae:cc:3a:c3:d1:a2:4d:4c:09:c1:76:d0:
5c:3a:76:77:ac:c3:10:d5:64:a8:5b:40:5a:49:c2:
58:b4:e7:28:93:c5:38:b6:87:3b:3c:b8:a9:be:33:
a3:74:5f:32:a2:10:43:32:89:48:ed:f4:d6:ff:92:
6a:7a:bb:24:de:da:18:7a:24:2e:f8:6d:9a:6f:91:
15:77:47:8e:5e:a4:0b:e9:03:6a:e2:71:af:65:b7:
c1:dd:fe:b9:2a:65:a6:48:17:11:98:8f:5d:80:e5:
bd:34:7b:a4:fd:93:fd:a2:8d:66:08:6c:10:77:5d:
ab:0b:86:21:a9:7c:a4:81:25:1e:64:4f:e2:a8:26:
53:ed:0f:94:c8:a9:51:c9:6c:45:ad:d0:cc:24:c2:
62:4e:45:98:d7:e2:20:f9:bb:a9:9c:54:8c:4e:b4:
7d:be:26:3c:bc:d6:7c:22:ed:07:23:be:66:89:1e:
00:e6:cb:51:00:21:42:d3:30:79:1a:32:77:85:a4:
f9:78:2d:13:9a:1a:f7:3f:56:09:77:61:34:59:fc:
b7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7F:1C:F2:04:C8:FD:AE:3C:4C:1A:26:0D:A6:96:6E:EA:B6:79:22
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3c8::/48
Signature Algorithm: sha256WithRSAEncryption
8b:a1:94:9e:23:b9:85:1c:c1:12:59:57:f0:d6:22:f9:cb:c8:
86:a4:aa:df:01:95:d3:fd:94:94:b2:65:9c:ed:3f:e0:1d:36:
9d:f2:df:0d:97:5c:73:d7:b6:3d:e4:a3:14:3c:d7:22:da:37:
94:76:ef:af:94:8b:a7:53:f7:78:e7:bc:56:8d:20:34:73:a4:
53:ba:f7:18:e0:75:a4:ba:11:33:f7:07:0d:2d:8b:b2:b0:50:
b7:af:e9:90:17:a5:d4:a1:78:5a:89:56:ad:35:4b:cd:fd:60:
58:1e:82:b5:9f:97:48:b0:6e:e1:ff:48:83:fc:c4:af:a2:c7:
1a:28:18:b7:b4:a4:29:15:9d:54:42:ca:79:95:8b:6e:f5:0b:
3b:10:87:05:9d:78:15:21:2b:de:49:09:e9:12:54:76:63:f2:
2a:f2:8d:b3:b2:b0:04:0a:36:1a:1a:36:83:fe:35:04:27:17:
15:df:2a:45:5a:f3:e8:73:30:7d:9d:42:47:a7:8b:a8:7b:57:
9b:41:19:90:c7:61:25:ba:2b:f3:af:6d:4a:5d:24:d2:36:9d:
5f:00:e6:f4:85:5f:e6:45:4b:c4:11:60:03:04:1c:c8:ff:0f:
55:8e:57:85:4b:d0:c9:8e:24:18:4b:43:56:cd:b2:35:a7:a2:
10:4b:42:d1
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUR8WjjwJEZRrVdK/bYxZJqhjKUgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MjUwMDQzMDBaFw0yNTA3MjQwMDQ4MDBaMDMxMTAvBgNV
BAMTKDRCN0YxQ0YyMDRDOEZEQUUzQzRDMUEyNjBEQTY5NjZFRUFCNjc5MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDouFJO3PvyMSF30uLAJlI36f5k
PcAOIXKGQAiQVYC/nKR7xMBlr6de+3WV9PvPcq7MOsPRok1MCcF20Fw6dneswxDV
ZKhbQFpJwli05yiTxTi2hzs8uKm+M6N0XzKiEEMyiUjt9Nb/kmp6uyTe2hh6JC74
bZpvkRV3R45epAvpA2rica9lt8Hd/rkqZaZIFxGYj12A5b00e6T9k/2ijWYIbBB3
XasLhiGpfKSBJR5kT+KoJlPtD5TIqVHJbEWt0MwkwmJORZjX4iD5u6mcVIxOtH2+
Jjy81nwi7QcjvmaJHgDmy1EAIULTMHkaMneFpPl4LROaGvc/Vgl3YTRZ/LeXAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUS38c8gTI/a48TBomDaaWbuq2eSIwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqD4XB
A8gwDQYJKoZIhvcNAQELBQADggEBAIuhlJ4juYUcwRJZV/DWIvnLyIakqt8BldP9
lJSyZZztP+AdNp3y3w2XXHPXtj3koxQ81yLaN5R276+Ui6dT93jnvFaNIDRzpFO6
9xjgdaS6ETP3Bw0ti7KwULev6ZAXpdSheFqJVq01S839YFgegrWfl0iwbuH/SIP8
xK+ixxooGLe0pCkVnVRCynmVi271CzsQhwWdeBUhK95JCekSVHZj8iryjbOysAQK
NhoaNoP+NQQnFxXfKkVa8+hzMH2dQkeni6h7V5tBGZDHYSW6K/OvbUpdJNI2nV8A
5vSFX+ZFS8QRYAMEHMj/D1WOV4VL0MmOJBhLQ1bNsjWnohBLQtE=
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org