Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207947.roa
File: AS207947.roa (raw, json)
Hash identifier: v5VHpJnWWhxpecSDQHmzlQMCMfxGcc96QtUbNmiMrrM=
Subject key identifier: 8C:DC:A4:7E:6C:35:4D:B6:24:DD:8B:EA:D5:81:64:46:29:B8:EF:62
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 1D39DDFC50EFFDD18B1BF1A6666C211AE62498CD
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207947.roa
Signing time: Wed 09 Apr 2025 13:02:36 +0000
ROA not before: Wed 09 Apr 2025 12:57:36 +0000
ROA not after: Wed 08 Apr 2026 13:02:36 +0000
asID: 207947
IP address blocks: 2a0f:85c1:c20::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:39:dd:fc:50:ef:fd:d1:8b:1b:f1:a6:66:6c:21:1a:e6:24:98:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Apr 9 12:57:36 2025 GMT
Not After : Apr 8 13:02:36 2026 GMT
Subject: CN=8CDCA47E6C354DB624DD8BEAD581644629B8EF62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:73:17:00:99:e9:4e:c4:b1:cc:64:1e:2e:9c:
df:7b:b6:fd:0f:f4:a8:87:33:57:ee:89:ba:5d:5d:
95:2e:cc:8b:a1:85:e3:1a:69:07:4d:d8:73:3c:62:
b0:dc:d2:31:86:07:89:e2:d7:d2:e6:c4:29:f8:37:
f2:4f:52:83:24:94:a3:ee:74:d1:86:28:e3:cc:66:
b5:1c:00:33:b3:b2:1a:db:4d:b0:99:63:da:0f:31:
84:0f:e9:28:85:29:b8:3b:b8:e8:19:29:02:c4:0c:
36:a1:66:57:5e:23:48:0d:8b:a9:0b:46:e4:25:34:
d8:34:f2:cc:24:d0:d7:7c:f3:2c:d8:21:36:b8:ee:
21:e3:8a:69:61:90:ce:39:46:de:a2:4a:f7:d7:13:
7f:d9:0b:61:2c:b7:11:b6:85:9a:e3:67:39:e9:b1:
9f:87:24:7b:4e:88:8f:cd:a3:3b:50:c4:40:62:8a:
af:8a:74:05:4d:bb:99:fd:85:dd:4a:f2:9f:e0:79:
9c:30:82:67:79:2c:3b:b0:ee:0b:da:f2:0c:df:c7:
9e:18:b2:84:ca:c7:89:4d:da:27:7e:0b:39:bb:8e:
96:da:f9:a5:be:2b:08:10:57:f8:45:c0:d3:5a:8d:
20:68:df:ef:29:58:e6:ea:6b:c0:61:0b:e6:b1:4e:
60:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:DC:A4:7E:6C:35:4D:B6:24:DD:8B:EA:D5:81:64:46:29:B8:EF:62
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS207947.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:c20::/44
Signature Algorithm: sha256WithRSAEncryption
81:58:28:e9:51:70:91:64:5c:ad:40:0e:bd:1a:fd:ce:7a:2c:
03:24:7c:7b:43:99:0e:2d:03:8e:f0:a6:83:d9:5c:a4:04:69:
2b:49:c1:60:f8:ab:32:33:bd:f6:e0:e3:08:d7:58:30:7b:35:
32:52:4b:f7:17:32:57:f8:ce:52:95:0b:03:cf:7f:11:c7:fa:
45:68:ff:d2:03:29:43:5c:5e:47:0e:62:e0:17:e6:be:1b:e8:
34:43:41:55:ac:1a:15:4e:00:58:b2:16:16:b2:ee:bd:1c:82:
c6:a9:47:0c:13:c8:ed:d6:9a:96:61:eb:3c:1f:77:d8:6a:19:
28:cc:71:2f:1d:3d:03:41:1b:e8:ae:7a:29:d4:d7:13:f8:45:
bd:c3:e8:cf:69:91:c3:fb:cb:0c:fb:91:cb:b9:a2:cc:c3:96:
28:55:7c:41:96:b4:12:43:ea:5f:0e:52:f1:9f:b8:99:ca:24:
ea:e0:c1:74:67:ff:eb:00:ce:28:38:d9:ef:da:06:14:f5:b0:
bb:c0:d8:09:54:1e:28:80:78:af:86:a9:75:07:3b:5a:3a:0e:
5c:9d:2b:e4:70:80:fa:a7:21:61:f1:4d:f1:6c:d0:e8:e5:44:
1d:3c:9d:40:6f:62:b2:42:8b:99:aa:60:6f:e8:1b:8c:44:6d:
35:82:19:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUHTnd/FDv/dGLG/GmZmwhGuYkmM0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA0MDkxMjU3MzZaFw0yNjA0MDgxMzAyMzZaMDMxMTAvBgNV
BAMTKDhDRENBNDdFNkMzNTREQjYyNEREOEJFQUQ1ODE2NDQ2MjlCOEVGNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCncxcAmelOxLHMZB4unN97tv0P
9KiHM1fuibpdXZUuzIuhheMaaQdN2HM8YrDc0jGGB4ni19LmxCn4N/JPUoMklKPu
dNGGKOPMZrUcADOzshrbTbCZY9oPMYQP6SiFKbg7uOgZKQLEDDahZldeI0gNi6kL
RuQlNNg08swk0Nd88yzYITa47iHjimlhkM45Rt6iSvfXE3/ZC2EstxG2hZrjZznp
sZ+HJHtOiI/NoztQxEBiiq+KdAVNu5n9hd1K8p/geZwwgmd5LDuw7gva8gzfx54Y
soTKx4lN2id+Czm7jpba+aW+KwgQV/hFwNNajSBo3+8pWObqa8BhC+axTmCdAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUjNykfmw1TbYk3Yvq1YFkRim472IwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA3OTQ3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQwgMA0GCSqGSIb3DQEBCwUAA4IBAQCBWCjpUXCRZFytQA69Gv3OeiwDJHx7Q5kO
LQOO8KaD2VykBGkrScFg+KsyM7324OMI11gwezUyUkv3FzJX+M5SlQsDz38Rx/pF
aP/SAylDXF5HDmLgF+a+G+g0Q0FVrBoVTgBYshYWsu69HILGqUcME8jt1pqWYes8
H3fYahkozHEvHT0DQRvornop1NcT+EW9w+jPaZHD+8sM+5HLuaLMw5YoVXxBlrQS
Q+pfDlLxn7iZyiTq4MF0Z//rAM4oONnv2gYU9bC7wNgJVB4ogHivhql1BztaOg5c
nSvkcID6pyFh8U3xbNDo5UQdPJ1Ab2KyQouZqmBv6BuMRG01ghlx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:28 2025 by rpki-client on console.sobornost.net