Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214083.roa
File: AS214083.roa (raw, json)
Hash identifier: bSsgU6EO1WLO6WdC1jXm/44q0z8mfZyqxue+xgTLK2o=
Subject key identifier: 74:E6:61:52:88:88:8E:AC:E0:0A:08:D2:0C:A6:CF:24:60:BC:E6:8C
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 18C59F83C645DBE4EFF9200DC9B64973F7116523
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214083.roa
Signing time: Sun 08 Dec 2024 10:44:03 +0000
ROA not before: Sun 08 Dec 2024 10:39:03 +0000
ROA not after: Sun 07 Dec 2025 10:44:03 +0000
asID: 214083
IP address blocks: 146.103.22.0/24 maxlen: 24
146.103.24.0/24 maxlen: 24
146.103.48.0/24 maxlen: 24
147.79.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:c5:9f:83:c6:45:db:e4:ef:f9:20:0d:c9:b6:49:73:f7:11:65:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 8 10:39:03 2024 GMT
Not After : Dec 7 10:44:03 2025 GMT
Subject: CN=74E6615288888EACE00A08D20CA6CF2460BCE68C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ac:c2:5b:31:01:93:72:c3:73:07:0b:2d:b4:
70:4b:a8:58:4f:fb:8d:09:83:64:b2:d6:01:5d:6e:
9a:e5:10:5f:2b:01:b8:fc:ed:41:2f:e7:7d:33:0b:
cd:ec:b4:89:78:cc:e9:5a:c4:09:71:7a:22:74:7f:
d5:43:97:9c:12:c2:3b:ce:84:13:8d:8b:d2:a2:e1:
3d:df:58:b1:08:f1:a3:20:9e:eb:d1:b4:55:8f:6f:
d4:0e:c9:5a:e7:f5:4e:66:0e:8b:f0:5d:06:8a:62:
b9:2f:e1:9d:89:b6:89:8d:f4:ca:e8:1f:f6:9c:7b:
7e:3f:db:0b:74:d3:00:66:cb:5f:4e:4b:a1:19:e4:
9b:6d:be:ad:43:f0:9d:9d:82:c6:96:c6:19:32:96:
00:b1:02:8c:ba:ff:59:a5:bf:0a:c6:b5:09:ca:6c:
e1:a4:56:8c:7a:67:e0:89:a6:db:8d:53:93:47:d1:
22:c0:20:42:b0:6f:99:d2:14:75:7d:f9:cf:e5:88:
90:bc:de:a5:10:8d:b4:7a:25:a8:19:b6:8c:fe:54:
65:85:a8:2e:9a:d1:49:4b:d0:75:63:0e:4d:ea:19:
13:c4:69:59:db:e2:5a:7e:f1:0f:f1:46:d7:25:bc:
4c:bc:6e:c4:0b:4d:b8:ab:9b:63:d1:11:3d:8a:fa:
c5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E6:61:52:88:88:8E:AC:E0:0A:08:D2:0C:A6:CF:24:60:BC:E6:8C
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214083.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.22.0/24
146.103.24.0/24
146.103.48.0/24
147.79.30.0/24
Signature Algorithm: sha256WithRSAEncryption
24:ed:0d:f9:88:a3:08:7f:20:a1:57:31:cf:3f:37:7e:cd:67:
1d:e8:c5:e3:a3:66:c0:1b:7c:51:36:78:32:2f:21:79:6d:2f:
73:73:ec:0f:3f:f2:03:53:19:56:04:44:91:07:bc:cb:d6:cd:
86:e0:ac:5d:c9:92:36:da:8f:81:ff:52:e8:82:6b:40:9e:9a:
8b:01:30:49:0f:c0:f2:c6:d2:bc:d1:ff:df:1b:1a:6f:89:cb:
c5:2d:d4:fa:72:0b:60:a5:9b:bd:54:6d:f1:7b:22:6b:1b:ed:
33:30:1e:89:40:2e:2f:45:39:e8:e8:e8:5f:74:b8:b6:0b:81:
a8:cd:98:8f:d5:88:45:44:fb:a9:7c:b4:66:51:ac:01:1a:44:
8f:47:f4:83:ab:aa:38:2e:01:00:14:59:2b:d4:76:45:ea:2f:
0e:f1:ac:e0:e1:01:b6:7c:15:3e:23:41:cc:12:96:48:55:46:
60:22:0c:c4:91:5e:9b:01:18:a5:06:96:ae:c9:19:f9:f9:c6:
9e:49:54:e0:88:2a:92:08:b1:27:6b:ed:8e:69:a3:c7:5a:94:
c7:2f:24:6a:e3:ec:51:85:6b:b4:00:7d:8e:2e:9d:c1:09:41:
00:cb:01:5a:2c:e5:13:db:bf:94:15:0c:82:d2:45:a6:0c:dd:
b1:36:c8:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUGMWfg8ZF2+Tv+SANybZJc/cRZSMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMDgxMDM5MDNaFw0yNTEyMDcxMDQ0MDNaMDMxMTAvBgNV
BAMTKDc0RTY2MTUyODg4ODhFQUNFMDBBMDhEMjBDQTZDRjI0NjBCQ0U2OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPrMJbMQGTcsNzBwsttHBLqFhP
+40Jg2Sy1gFdbprlEF8rAbj87UEv530zC83stIl4zOlaxAlxeiJ0f9VDl5wSwjvO
hBONi9Ki4T3fWLEI8aMgnuvRtFWPb9QOyVrn9U5mDovwXQaKYrkv4Z2JtomN9Mro
H/ace34/2wt00wBmy19OS6EZ5Jttvq1D8J2dgsaWxhkylgCxAoy6/1mlvwrGtQnK
bOGkVox6Z+CJptuNU5NH0SLAIEKwb5nSFHV9+c/liJC83qUQjbR6JagZtoz+VGWF
qC6a0UlL0HVjDk3qGRPEaVnb4lp+8Q/xRtclvEy8bsQLTbirm2PRET2K+sUPAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUdOZhUoiIjqzgCgjSDKbPJGC85owwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkmcW
AwQAkmcYAwQAkmcwAwQAk08eMA0GCSqGSIb3DQEBCwUAA4IBAQAk7Q35iKMIfyCh
VzHPPzd+zWcd6MXjo2bAG3xRNngyLyF5bS9zc+wPP/IDUxlWBESRB7zL1s2G4Kxd
yZI22o+B/1LogmtAnpqLATBJD8DyxtK80f/fGxpvicvFLdT6cgtgpZu9VG3xeyJr
G+0zMB6JQC4vRTno6OhfdLi2C4GozZiP1YhFRPupfLRmUawBGkSPR/SDq6o4LgEA
FFkr1HZF6i8O8azg4QG2fBU+I0HMEpZIVUZgIgzEkV6bARilBpauyRn5+caeSVTg
iCqSCLEna+2OaaPHWpTHLyRq4+xRhWu0AH2OLp3BCUEAywFaLOUT27+UFQyC0kWm
DN2xNshB
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:16 2025 by rpki-client