Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa
File: AS214999.roa (raw, json)
Hash identifier: 3JbfeGK+WjUHbfNh5f4GkpDHv65YM8AqrPfYSmf+lOs=
Subject key identifier: 70:6A:50:E7:23:64:9A:FB:5A:53:0D:00:A5:4F:5F:EB:B2:7F:A4:5C
Certificate issuer: /CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Certificate serial: 5065F29E3AF88C4369A86DCD8867561CA51D95C3
Authority key identifier: 41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa
Signing time: Sun 06 Apr 2025 19:16:42 +0000
ROA not before: Sun 06 Apr 2025 19:11:42 +0000
ROA not after: Sun 05 Apr 2026 19:16:42 +0000
asID: 214999
IP address blocks: 2a07:54c1:c300::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:65:f2:9e:3a:f8:8c:43:69:a8:6d:cd:88:67:56:1c:a5:1d:95:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41F657CF3564F233B977F40ACA5E4BD10E1E2F8E
Validity
Not Before: Apr 6 19:11:42 2025 GMT
Not After : Apr 5 19:16:42 2026 GMT
Subject: CN=706A50E723649AFB5A530D00A54F5FEBB27FA45C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b2:6b:e8:7a:8c:38:5d:78:f8:c9:fd:80:25:
7d:06:1d:b3:37:b7:ee:3d:91:e4:da:65:ef:cc:1a:
9a:10:fe:c0:ae:f1:95:a8:1f:a5:10:95:be:0a:f1:
51:bb:a6:00:ec:df:fa:c3:8d:7d:72:4e:15:28:04:
b3:97:07:79:52:6d:84:45:aa:a4:0c:ca:33:57:fd:
02:3f:ac:6e:2c:43:84:2d:cd:ba:69:e4:b1:2c:0b:
03:32:5b:04:f0:2f:99:8e:76:ee:2a:d8:79:a7:9d:
b1:0e:b0:af:12:d2:00:fc:24:ad:7e:30:f3:7d:f5:
84:15:d6:9d:9a:e5:cc:f9:23:6d:fc:ca:c6:96:c1:
49:0c:ad:9b:8e:0b:86:8c:8a:c3:7e:18:9a:33:fe:
fd:6a:e4:6d:8a:a4:6b:d7:a5:51:49:81:09:6d:9d:
52:d9:b4:c9:e9:60:8c:ee:62:a2:1a:d8:52:e3:2a:
89:67:a3:dd:4a:b7:7c:dd:d0:18:32:2c:ce:2f:b7:
42:96:8b:1b:74:cd:2d:79:82:b8:7e:51:ab:8e:31:
d8:60:09:32:ce:b9:18:57:bc:a3:00:c0:a1:5d:cb:
51:d8:76:f0:3e:f0:95:a9:4f:bc:e1:35:c8:23:0e:
0f:78:6e:37:1b:71:60:89:a9:44:47:4d:7e:d0:5d:
03:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6A:50:E7:23:64:9A:FB:5A:53:0D:00:A5:4F:5F:EB:B2:7F:A4:5C
X509v3 Authority Key Identifier:
keyid:41:F6:57:CF:35:64:F2:33:B9:77:F4:0A:CA:5E:4B:D1:0E:1E:2F:8E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/41F657CF3564F233B977F40ACA5E4BD10E1E2F8E.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aa004ba1-419b-4db5-bbd3-5cca633cae3f/0/AS214999.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:54c1:c300::/40
Signature Algorithm: sha256WithRSAEncryption
32:db:ff:00:07:92:55:13:98:eb:53:57:f6:a3:57:dc:6a:cd:
f0:3b:5b:29:fa:86:31:78:82:fc:d0:f9:e6:51:6f:59:4b:1d:
c6:d0:61:e6:f6:5c:b7:e6:8f:3c:e0:aa:ae:a3:5e:27:f8:28:
01:b9:94:79:5f:ab:15:4f:51:3d:20:14:de:7f:a3:cc:17:0d:
ae:12:ff:09:de:e8:4f:06:c8:a1:65:38:25:55:17:00:2c:05:
09:34:13:a9:1a:2e:62:65:3f:b4:e2:49:9b:fe:e0:a5:f5:88:
a5:b5:5b:a2:85:8b:0e:7b:eb:b1:91:d9:9a:c0:db:d2:4e:d8:
6f:ba:75:af:c8:6f:65:ee:1c:80:3f:83:21:bb:8d:e6:d1:3e:
01:57:b8:98:bc:6b:52:e1:ad:ee:bd:b5:f9:ff:8a:f8:27:97:
77:c6:6d:e4:4c:23:9d:4d:46:46:26:ac:ae:e4:c0:23:9b:29:
0d:dc:6c:d9:df:1e:92:29:12:6a:ac:7a:a6:9a:38:fe:b4:02:
ec:c2:c6:69:75:f6:f2:a6:e4:d5:15:81:e7:d9:39:e8:24:40:
de:7b:2a:57:f0:62:24:04:7e:00:63:18:92:bb:de:ad:41:c0:
b6:0d:1e:10:24:59:cb:b7:17:bc:84:9e:eb:82:5c:03:59:2c:
88:b2:28:47
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUUGXynjr4jENpqG3NiGdWHKUdlcMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEw
RTFFMkY4RTAeFw0yNTA0MDYxOTExNDJaFw0yNjA0MDUxOTE2NDJaMDMxMTAvBgNV
BAMTKDcwNkE1MEU3MjM2NDlBRkI1QTUzMEQwMEE1NEY1RkVCQjI3RkE0NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4smvoeow4XXj4yf2AJX0GHbM3
t+49keTaZe/MGpoQ/sCu8ZWoH6UQlb4K8VG7pgDs3/rDjX1yThUoBLOXB3lSbYRF
qqQMyjNX/QI/rG4sQ4Qtzbpp5LEsCwMyWwTwL5mOdu4q2HmnnbEOsK8S0gD8JK1+
MPN99YQV1p2a5cz5I238ysaWwUkMrZuOC4aMisN+GJoz/v1q5G2KpGvXpVFJgQlt
nVLZtMnpYIzuYqIa2FLjKolno91Kt3zd0BgyLM4vt0KWixt0zS15grh+UauOMdhg
CTLOuRhXvKMAwKFdy1HYdvA+8JWpT7zhNcgjDg94bjcbcWCJqURHTX7QXQPzAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUcGpQ5yNkmvtaUw0ApU9f67J/pFwwHwYDVR0j
BBgwFoAUQfZXzzVk8jO5d/QKyl5L0Q4eL44wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWEwMDRiYTEtNDE5Yi00ZGI1LWJiZDMtNWNjYTYzM2Nh
ZTNmLzAvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFFMkY4RS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNDFGNjU3Q0YzNTY0RjIzM0I5NzdGNDBBQ0E1RTRCRDEwRTFF
MkY4RS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2FhMDA0YmExLTQxOWIt
NGRiNS1iYmQzLTVjY2E2MzNjYWUzZi8wL0FTMjE0OTk5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgdU
wcMwDQYJKoZIhvcNAQELBQADggEBADLb/wAHklUTmOtTV/ajV9xqzfA7Wyn6hjF4
gvzQ+eZRb1lLHcbQYeb2XLfmjzzgqq6jXif4KAG5lHlfqxVPUT0gFN5/o8wXDa4S
/wne6E8GyKFlOCVVFwAsBQk0E6kaLmJlP7TiSZv+4KX1iKW1W6KFiw5767GR2ZrA
29JO2G+6da/Ib2XuHIA/gyG7jebRPgFXuJi8a1Lhre69tfn/ivgnl3fGbeRMI51N
RkYmrK7kwCObKQ3cbNnfHpIpEmqseqaaOP60AuzCxml19vKm5NUVgefZOegkQN57
KlfwYiQEfgBjGJK73q1BwLYNHhAkWcu3F7yEnuuCXANZLIiyKEc=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:29 2025 by rpki-client on console.sobornost.net