Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215026.roa
File: AS215026.roa (raw, json)
Hash identifier: WVDNHGNB6+kwoqshZJkO0NXgtsYyU2pIWzDlXlhk1E4=
Subject key identifier: F5:9E:0C:89:87:56:F3:E1:70:21:37:2B:DE:72:18:2F:34:D6:AD:EE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7EAEE0CB1654443FE8626FA2A74A044E446A8052
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215026.roa
Signing time: Wed 22 Jan 2025 12:41:57 +0000
ROA not before: Wed 22 Jan 2025 12:36:57 +0000
ROA not after: Wed 21 Jan 2026 12:41:57 +0000
asID: 215026
IP address blocks: 140.233.176.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:ae:e0:cb:16:54:44:3f:e8:62:6f:a2:a7:4a:04:4e:44:6a:80:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 22 12:36:57 2025 GMT
Not After : Jan 21 12:41:57 2026 GMT
Subject: CN=F59E0C898756F3E17021372BDE72182F34D6ADEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d5:5b:32:05:de:68:3a:41:da:e0:10:48:10:
ea:b0:c8:9f:8b:1b:5c:2c:bb:e3:fa:0a:c6:57:3c:
1e:71:89:3e:34:1e:4a:4e:a9:07:77:1e:5a:6a:ce:
75:26:9f:c2:f5:8e:9c:9e:aa:2a:c5:dd:80:ff:2f:
6b:8b:67:4d:63:d1:4d:bf:c1:a0:08:e3:fc:93:2f:
03:a1:92:66:c9:5c:53:a3:6e:08:ef:6d:38:b7:63:
00:2e:44:ac:d9:c5:69:8c:5a:3d:3e:6a:f3:ba:10:
c3:0d:2b:94:c3:e9:b5:72:89:f5:73:b2:76:58:34:
74:33:8f:ae:d7:e9:63:13:c4:67:4a:03:4c:2c:ed:
77:7e:e1:07:c9:91:d2:5b:4d:90:8e:66:5e:8c:ba:
da:b9:74:4c:93:ac:4b:67:fd:a7:11:79:b6:8b:73:
a4:f6:c6:bb:4b:3c:61:0a:00:34:31:2b:65:37:dc:
4a:dc:7c:98:bb:4f:f1:03:9e:45:28:ff:3d:1a:45:
f4:8d:0f:e2:2b:41:16:a1:da:4e:f6:a9:9a:c2:15:
01:84:6c:14:d0:80:64:3a:c4:8e:6a:a3:c4:19:cd:
93:47:76:3f:2c:aa:62:1b:b7:e9:69:b3:fc:53:8a:
79:cd:da:d4:63:ae:62:84:75:37:00:55:3f:66:67:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9E:0C:89:87:56:F3:E1:70:21:37:2B:DE:72:18:2F:34:D6:AD:EE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215026.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.176.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:dc:75:d5:f8:f8:e6:6f:16:8e:a9:09:59:28:ba:79:2a:98:
b3:83:75:f4:08:bf:97:25:21:67:e0:6e:62:b3:93:d1:ae:4b:
d1:4b:7e:9c:57:de:fe:ea:f6:f9:1b:9b:4d:66:c5:ac:2d:28:
0c:ac:f5:68:3f:86:b1:1a:35:be:70:da:1c:8a:48:21:63:a3:
31:fe:f0:aa:2d:86:07:74:d1:78:8b:c6:06:ca:d7:2c:08:df:
60:ff:c2:6b:c0:99:6d:38:1c:c7:17:44:14:76:3c:ce:cd:b9:
79:3b:d9:d5:59:4e:95:3f:0c:57:e1:64:7b:2b:85:e5:b9:03:
c8:16:db:38:0c:41:29:a1:c8:7e:0c:c4:05:f7:0b:59:84:e7:
ff:c2:8f:87:83:e0:f2:cb:21:61:d9:c1:1e:58:e4:85:71:2e:
42:8b:2a:94:84:2d:82:26:05:6d:00:2c:e4:ca:74:57:68:b8:
5d:67:ed:9a:83:f0:17:de:de:99:06:a6:3f:e3:a2:1c:d2:3b:
aa:8d:b3:3f:b0:b8:5b:04:32:1b:97:e2:8d:92:15:b7:18:80:
59:1a:6c:a1:c1:80:ea:9f:12:b0:03:bf:f7:96:4f:cd:81:cf:
b3:cd:03:cd:7b:37:f6:00:d1:f0:83:34:93:9e:61:54:e5:66:
2e:17:61:4e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfq7gyxZURD/oYm+ip0oETkRqgFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMjIxMjM2NTdaFw0yNjAxMjExMjQxNTdaMDMxMTAvBgNV
BAMTKEY1OUUwQzg5ODc1NkYzRTE3MDIxMzcyQkRFNzIxODJGMzRENkFERUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC31VsyBd5oOkHa4BBIEOqwyJ+L
G1wsu+P6CsZXPB5xiT40HkpOqQd3HlpqznUmn8L1jpyeqirF3YD/L2uLZ01j0U2/
waAI4/yTLwOhkmbJXFOjbgjvbTi3YwAuRKzZxWmMWj0+avO6EMMNK5TD6bVyifVz
snZYNHQzj67X6WMTxGdKA0ws7Xd+4QfJkdJbTZCOZl6Mutq5dEyTrEtn/acRebaL
c6T2xrtLPGEKADQxK2U33ErcfJi7T/EDnkUo/z0aRfSND+IrQRah2k72qZrCFQGE
bBTQgGQ6xI5qo8QZzZNHdj8sqmIbt+lps/xTinnN2tRjrmKEdTcAVT9mZ0LVAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU9Z4MiYdW8+FwITcr3nIYLzTWre4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MDI2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjOmw
MA0GCSqGSIb3DQEBCwUAA4IBAQCg3HXV+PjmbxaOqQlZKLp5Kpizg3X0CL+XJSFn
4G5is5PRrkvRS36cV97+6vb5G5tNZsWsLSgMrPVoP4axGjW+cNocikghY6Mx/vCq
LYYHdNF4i8YGytcsCN9g/8JrwJltOBzHF0QUdjzOzbl5O9nVWU6VPwxX4WR7K4Xl
uQPIFts4DEEpoch+DMQF9wtZhOf/wo+Hg+DyyyFh2cEeWOSFcS5CiyqUhC2CJgVt
ACzkynRXaLhdZ+2ag/AX3t6ZBqY/46Ic0juqjbM/sLhbBDIbl+KNkhW3GIBZGmyh
wYDqnxKwA7/3lk/Ngc+zzQPNezf2ANHwgzSTnmFU5WYuF2FO
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:22 2025 by rpki-client