Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207609.roa
File: AS207609.roa (raw, json)
Hash identifier: Kf4ro1SxpRSAb828mkS+GC766Iw6VwPhNOUSlIRk4uw=
Subject key identifier: 8A:F7:00:6E:19:7D:8C:EA:EC:38:8D:95:7B:15:81:9E:B5:0E:1E:87
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 6199F05AC0C1A86E197D73FB200EB614E8508F98
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207609.roa
Signing time: Thu 23 May 2024 16:49:10 +0000
ROA not before: Thu 23 May 2024 16:44:10 +0000
ROA not after: Thu 22 May 2025 16:49:10 +0000
asID: 207609
IP address blocks: 2a0f:85c1:c080::/41 maxlen: 48
2a0f:85c1:c0d0::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:99:f0:5a:c0:c1:a8:6e:19:7d:73:fb:20:0e:b6:14:e8:50:8f:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: May 23 16:44:10 2024 GMT
Not After : May 22 16:49:10 2025 GMT
Subject: CN=8AF7006E197D8CEAEC388D957B15819EB50E1E87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:2f:5a:ce:f6:df:93:7e:cf:99:e4:56:87:
27:03:25:05:ff:8a:91:d8:5d:e0:24:2c:a1:77:e1:
90:7f:13:b5:49:84:04:fd:ac:0f:30:a4:c6:0f:00:
97:b4:bb:d3:9a:2d:f0:f7:e5:21:99:50:42:23:e1:
1c:ba:6c:f0:b1:1b:0f:58:f7:65:be:ab:18:4c:23:
ca:16:6b:ed:b1:92:e7:c4:70:90:65:ac:ff:a1:4a:
78:26:86:62:ae:b4:d1:23:2c:d0:42:00:77:ad:7e:
94:be:5f:07:4c:53:27:df:01:ac:10:b8:f0:70:b6:
50:e3:27:e2:79:db:2f:27:47:ae:39:15:21:54:6b:
e7:9a:cc:a9:60:c8:5d:5b:3e:e6:c7:14:7b:b4:6e:
77:bb:b8:5f:b4:03:7b:7b:32:21:09:ad:48:cd:26:
0b:89:7c:d3:b6:37:14:7d:7c:10:51:70:74:4c:5f:
75:6d:79:71:69:c4:6a:93:8e:d8:d1:b5:f0:af:ca:
03:db:be:ac:ae:4b:57:e4:b9:63:8e:23:41:f8:dd:
aa:0a:8d:6e:d8:c2:c0:52:6d:f7:4e:2e:37:f6:2f:
18:c4:0e:67:f5:19:e9:e7:6a:d2:8b:92:64:79:44:
c1:cd:c4:78:db:6f:3b:74:22:f5:45:78:44:a1:ce:
85:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:F7:00:6E:19:7D:8C:EA:EC:38:8D:95:7B:15:81:9E:B5:0E:1E:87
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS207609.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c080::/41
Signature Algorithm: sha256WithRSAEncryption
30:0d:e0:bc:d6:9b:5c:b3:d8:38:b0:ee:36:69:57:66:62:d6:
e6:3e:69:b9:7b:a7:bc:c4:67:f5:64:6a:82:e8:41:60:e5:81:
ce:bb:a8:d5:3d:61:85:c8:7d:a1:d8:e0:4c:cc:62:10:b5:5c:
fb:cb:ca:3d:29:3a:89:58:2c:6b:d1:69:8f:3f:e2:cf:fe:b7:
4c:15:1f:fa:e3:18:b2:79:80:e0:1d:db:f1:c0:b8:01:58:56:
f6:00:c6:c0:7c:27:09:f1:af:f3:3a:c1:0a:84:a0:0a:53:25:
32:f4:77:6d:1c:00:e3:7f:6e:71:de:fd:cc:3a:fb:01:00:2c:
d3:14:9c:44:5a:8b:2c:7b:bf:63:f2:91:e3:56:77:77:55:41:
b5:e2:34:38:79:e3:2b:07:2f:27:be:c6:85:ea:cc:53:7c:51:
f8:56:65:44:9a:07:85:05:9a:5f:1b:46:18:a0:3b:b3:16:02:
7e:5c:f5:83:f0:ba:ac:f2:f5:19:ff:da:10:e4:80:9c:c9:c1:
bf:e4:85:2a:69:2f:c7:5f:55:be:57:07:fe:85:00:28:96:da:
42:3c:50:0e:2f:db:f1:b5:d7:5b:a0:1a:07:7a:55:f1:85:13:
61:06:6c:9b:e8:5f:26:4f:68:89:61:5e:6d:cb:cf:34:9f:53:
a8:99:cf:9c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUYZnwWsDBqG4ZfXP7IA62FOhQj5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA1MjMxNjQ0MTBaFw0yNTA1MjIxNjQ5MTBaMDMxMTAvBgNV
BAMTKDhBRjcwMDZFMTk3RDhDRUFFQzM4OEQ5NTdCMTU4MTlFQjUwRTFFODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT3C9azvbfk37PmeRWhycDJQX/
ipHYXeAkLKF34ZB/E7VJhAT9rA8wpMYPAJe0u9OaLfD35SGZUEIj4Ry6bPCxGw9Y
92W+qxhMI8oWa+2xkufEcJBlrP+hSngmhmKutNEjLNBCAHetfpS+XwdMUyffAawQ
uPBwtlDjJ+J52y8nR645FSFUa+eazKlgyF1bPubHFHu0bne7uF+0A3t7MiEJrUjN
JguJfNO2NxR9fBBRcHRMX3VteXFpxGqTjtjRtfCvygPbvqyuS1fkuWOOI0H43aoK
jW7YwsBSbfdOLjf2LxjEDmf1GennatKLkmR5RMHNxHjbbzt0IvVFeEShzoUpAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUivcAbhl9jOrsOI2VexWBnrUOHocwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjA3NjA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcHKg+F
wcCAMA0GCSqGSIb3DQEBCwUAA4IBAQAwDeC81ptcs9g4sO42aVdmYtbmPmm5e6e8
xGf1ZGqC6EFg5YHOu6jVPWGFyH2h2OBMzGIQtVz7y8o9KTqJWCxr0WmPP+LP/rdM
FR/64xiyeYDgHdvxwLgBWFb2AMbAfCcJ8a/zOsEKhKAKUyUy9HdtHADjf25x3v3M
OvsBACzTFJxEWosse79j8pHjVnd3VUG14jQ4eeMrBy8nvsaF6sxTfFH4VmVEmgeF
BZpfG0YYoDuzFgJ+XPWD8Lqs8vUZ/9oQ5ICcycG/5IUqaS/HX1W+Vwf+hQAoltpC
PFAOL9vxtddboBoHelXxhRNhBmyb6F8mT2iJYV5ty880n1Oomc+c
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:43:30 2025 by rpki-client