Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214203.roa
File: AS214203.roa (raw, json)
Hash identifier: paGE4X9bl2k9y81k92uOMKBLQUqWbZT9MtNImCijmfE=
Subject key identifier: 89:2F:D8:85:75:5C:3B:40:8F:18:7E:4D:21:C4:26:E6:E4:97:71:24
Certificate issuer: /CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Certificate serial: 14946153383785098DE02506A28AC5D5B64FFE74
Authority key identifier: CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214203.roa
Signing time: Mon 30 Jun 2025 14:59:46 +0000
ROA not before: Mon 30 Jun 2025 14:54:46 +0000
ROA not after: Mon 29 Jun 2026 14:59:46 +0000
asID: 214203
IP address blocks: 2a05:dfc3:ff00::/40 maxlen: 48
2a0a:6044:6700::/40 maxlen: 48
2a0a:6044:7a00::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:94:61:53:38:37:85:09:8d:e0:25:06:a2:8a:c5:d5:b6:4f:fe:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCD5D3BE49456F7D48B7321029C886F318C23B36
Validity
Not Before: Jun 30 14:54:46 2025 GMT
Not After : Jun 29 14:59:46 2026 GMT
Subject: CN=892FD885755C3B408F187E4D21C426E6E4977124
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:11:64:5c:40:45:e6:63:e6:b3:a9:0b:f0:97:
3c:5a:f8:d3:57:83:3a:db:f2:a8:b1:c3:e5:ee:84:
d3:28:45:9b:2c:d0:25:c2:1a:da:49:a9:e8:00:24:
da:f2:a7:eb:42:08:88:10:f2:3d:13:62:8b:70:1b:
87:07:58:ad:a5:79:8b:8d:fa:01:d3:2b:3b:7f:7e:
be:36:36:18:68:b7:ef:b3:21:ab:7d:c2:a8:7e:05:
e3:d1:a6:42:4a:dc:f8:2e:6a:ac:6a:a4:72:8b:d5:
5b:e2:4e:92:c4:b7:26:d2:af:14:99:e1:73:2e:61:
c2:13:f9:3e:a8:81:64:c2:09:85:33:82:a9:92:30:
60:47:42:7f:6e:5f:f1:de:2a:3e:ec:2b:95:e1:62:
aa:dc:7c:48:67:03:17:a1:45:e9:29:a2:2e:47:1d:
4f:8d:c2:e1:de:80:6e:d1:bc:df:e9:31:1c:6a:2c:
6f:3f:61:69:b0:ba:d8:4d:f5:49:43:91:59:e6:c7:
5e:ea:2c:a8:9f:12:59:cb:13:13:61:f8:58:10:f5:
a0:46:53:ee:7e:9f:54:a1:a1:f2:12:2c:75:d7:1b:
ab:05:fa:60:23:af:3b:81:4d:ae:0e:88:47:e3:01:
81:16:46:4e:b0:88:68:60:e0:b8:8d:10:83:09:d1:
7b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:2F:D8:85:75:5C:3B:40:8F:18:7E:4D:21:C4:26:E6:E4:97:71:24
X509v3 Authority Key Identifier:
keyid:CC:D5:D3:BE:49:45:6F:7D:48:B7:32:10:29:C8:86:F3:18:C2:3B:36
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/CCD5D3BE49456F7D48B7321029C886F318C23B36.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/CCD5D3BE49456F7D48B7321029C886F318C23B36.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/f7948738-3255-49f9-9b6c-9c9f3898995d/3/AS214203.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc3:ff00::/40
2a0a:6044:6700::/40
2a0a:6044:7a00::/40
Signature Algorithm: sha256WithRSAEncryption
a2:de:77:5b:9f:43:05:be:75:f2:f0:90:5f:38:87:61:a2:bb:
e9:c2:64:c7:d7:21:d9:78:54:5c:3a:07:22:06:d9:97:9d:37:
c2:ca:1e:89:4f:8f:6a:81:7b:87:bd:88:6d:06:aa:31:9f:7a:
ab:e5:28:80:9b:be:f5:86:a3:c1:c2:7d:8b:a6:09:52:ea:c4:
b6:c2:fa:3c:9c:14:7e:60:04:95:02:84:4b:f2:77:0c:dc:25:
1d:c5:98:b0:7e:df:b0:06:5a:80:e8:48:b4:f6:9b:1b:9c:33:
82:0f:a7:07:3d:88:f1:fb:86:01:d7:80:65:cb:a1:84:ad:92:
de:99:f4:4e:7a:ac:ac:0f:2f:33:cf:7a:00:fa:4f:b6:41:d4:
7a:3f:1d:75:22:3d:72:ee:59:72:83:f1:51:d4:ae:5e:5c:0b:
02:a3:58:41:08:17:db:69:c2:72:bb:a1:fa:89:2f:60:57:2f:
b9:a6:5f:31:55:5d:cc:98:df:81:52:05:44:60:85:3d:12:97:
c3:0d:a2:22:10:9e:55:f1:47:d2:a2:c0:ae:18:91:ee:f2:f2:
4f:c6:f9:a6:d3:3c:f1:42:d3:5e:c4:76:c9:60:56:45:d2:de:
81:f5:5c:f8:c3:d3:ec:10:64:20:f4:41:0f:cb:11:61:58:cb:
42:17:59:fb
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUFJRhUzg3hQmN4CUGoorF1bZP/nQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMx
OEMyM0IzNjAeFw0yNTA2MzAxNDU0NDZaFw0yNjA2MjkxNDU5NDZaMDMxMTAvBgNV
BAMTKDg5MkZEODg1NzU1QzNCNDA4RjE4N0U0RDIxQzQyNkU2RTQ5NzcxMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaEWRcQEXmY+azqQvwlzxa+NNX
gzrb8qixw+XuhNMoRZss0CXCGtpJqegAJNryp+tCCIgQ8j0TYotwG4cHWK2leYuN
+gHTKzt/fr42Nhhot++zIat9wqh+BePRpkJK3PguaqxqpHKL1VviTpLEtybSrxSZ
4XMuYcIT+T6ogWTCCYUzgqmSMGBHQn9uX/HeKj7sK5XhYqrcfEhnAxehRekpoi5H
HU+NwuHegG7RvN/pMRxqLG8/YWmwuthN9UlDkVnmx17qLKifElnLExNh+FgQ9aBG
U+5+n1ShofISLHXXG6sF+mAjrzuBTa4OiEfjAYEWRk6wiGhg4LiNEIMJ0XvhAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUiS/YhXVcO0CPGH5NIcQm5uSXcSQwHwYDVR0j
BBgwFoAUzNXTvklFb31ItzIQKciG8xjCOzYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZjc5NDg3MzgtMzI1NS00OWY5LTliNmMtOWM5ZjM4OTg5
OTVkLzMvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMyM0IzNi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvQ0NENUQzQkU0OTQ1NkY3RDQ4QjczMjEwMjlDODg2RjMxOEMy
M0IzNi5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2Y3OTQ4NzM4LTMyNTUt
NDlmOS05YjZjLTljOWYzODk4OTk1ZC8zL0FTMjE0MjAzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKgXf
w/8DBgAqCmBEZwMGACoKYER6MA0GCSqGSIb3DQEBCwUAA4IBAQCi3ndbn0MFvnXy
8JBfOIdhorvpwmTH1yHZeFRcOgciBtmXnTfCyh6JT49qgXuHvYhtBqoxn3qr5SiA
m771hqPBwn2LpglS6sS2wvo8nBR+YASVAoRL8ncM3CUdxZiwft+wBlqA6Ei09psb
nDOCD6cHPYjx+4YB14Bly6GErZLemfROeqysDy8zz3oA+k+2QdR6Px11Ij1y7lly
g/FR1K5eXAsCo1hBCBfbacJyu6H6iS9gVy+5pl8xVV3MmN+BUgVEYIU9EpfDDaIi
EJ5V8UfSosCuGJHu8vJPxvmm0zzxQtNexHbJYFZF0t6B9Vz4w9PsEGQg9EEPyxFh
WMtCF1n7
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:57:18 2025 by rpki-client