Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa
File: AS214040.roa (raw, json)
Hash identifier: qMTZm6c9sTsiNWdO2F59bzhGcS32+UFPIUVGjyF311U=
Subject key identifier: 28:33:83:3F:48:E1:28:26:D3:BB:05:9A:92:78:D5:90:AD:E7:D9:54
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 1719980610EE155EED81635F4DA812092B7F6993
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa
Signing time: Wed 01 Jan 2025 17:57:01 +0000
ROA not before: Wed 01 Jan 2025 17:52:01 +0000
ROA not after: Wed 31 Dec 2025 17:57:01 +0000
asID: 214040
IP address blocks: 2a06:1281:8000::/36 maxlen: 36
2a09:54c6:3000::/36 maxlen: 36
2a09:54c6:6000::/36 maxlen: 36
2a09:54c6:7000::/36 maxlen: 36
2a09:54c6:b000::/36 maxlen: 36
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:19:98:06:10:ee:15:5e:ed:81:63:5f:4d:a8:12:09:2b:7f:69:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jan 1 17:52:01 2025 GMT
Not After : Dec 31 17:57:01 2025 GMT
Subject: CN=2833833F48E12826D3BB059A9278D590ADE7D954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c5:91:87:94:44:85:2d:71:cc:33:de:2b:3c:
ec:06:e6:37:16:23:c9:0f:a9:84:89:82:a0:eb:bc:
81:f1:c4:cb:a2:fe:e7:87:8f:b7:0d:10:11:ea:5a:
ac:e8:f1:30:09:34:cc:cf:e5:66:e3:f4:f5:6d:68:
90:0e:0d:ac:00:f5:dd:40:a2:eb:9c:7f:95:4f:c1:
1e:73:f5:77:7d:1a:27:66:5c:3b:83:7e:dd:6e:a2:
e1:be:48:ce:2f:ff:c8:26:e7:cb:5d:f3:8d:c2:0a:
84:fc:c9:8b:49:7a:59:0e:95:28:e5:6d:fa:20:eb:
fc:f8:96:f7:13:7d:4d:f2:18:a0:68:62:a3:44:c9:
fc:23:67:ea:d0:e4:b0:32:6b:75:f4:0d:40:c5:63:
31:64:b2:81:64:cf:0a:d5:25:6d:c5:92:1e:db:39:
48:c1:bc:4d:cb:75:da:c4:38:43:6e:d6:4b:dd:b1:
ca:c9:1e:f2:0e:d7:33:ff:0d:4b:fa:a8:95:18:c7:
b6:ea:74:71:e7:3d:3e:f4:97:e8:82:cf:22:c6:1d:
a1:39:7a:d8:03:2c:7d:d2:c0:9d:4b:3e:69:3a:93:
79:1c:80:12:44:a9:21:1e:c1:dd:da:88:07:98:32:
f8:b0:7b:b4:3f:91:51:6b:aa:a9:23:47:4b:f4:28:
0f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:33:83:3F:48:E1:28:26:D3:BB:05:9A:92:78:D5:90:AD:E7:D9:54
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1281:8000::/36
2a09:54c6:3000::/36
2a09:54c6:6000::/35
2a09:54c6:b000::/36
Signature Algorithm: sha256WithRSAEncryption
96:07:aa:f1:1b:34:1e:8a:15:ca:88:46:24:90:40:9c:75:ee:
dd:18:9b:f8:3e:94:b6:20:95:81:3d:12:55:63:11:ab:b2:97:
28:db:6a:9c:fd:b7:6a:b0:a8:58:3a:2f:91:6c:78:65:cb:ad:
c6:89:ea:6c:67:3e:50:1b:9f:d0:49:1b:9f:80:9c:14:c8:f8:
f1:28:da:70:61:13:91:14:23:51:81:4f:26:84:ea:6a:d1:2a:
14:c0:7d:e4:94:10:e9:90:fb:74:59:f4:ff:20:bb:c0:78:d6:
19:ae:88:e5:6c:d7:01:17:28:c7:2e:62:a6:68:bb:0a:e1:f0:
a9:40:ab:24:0c:43:72:24:06:30:af:d4:8a:19:4c:b3:42:41:
cf:46:35:72:9a:5c:8e:de:74:ab:64:51:5a:d0:cb:9a:8f:52:
ec:2d:f3:e6:58:3f:c3:b5:58:c6:e3:bf:a3:91:05:4f:f8:d8:
76:ec:a9:d7:5a:b4:5e:44:d9:84:17:24:b8:bf:d6:4b:0a:86:
4a:24:63:10:11:17:3c:90:32:d6:b4:19:44:7b:db:47:58:0c:
84:31:bb:75:40:d6:58:b4:16:7b:59:ea:6f:f3:bb:be:8c:14:
9f:56:f8:d2:6c:cb:1a:bd:6a:09:fd:be:6e:f3:83:b8:29:e6:
52:ed:9e:99
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUFxmYBhDuFV7tgWNfTagSCSt/aZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNTAxMDExNzUyMDFaFw0yNTEyMzExNzU3MDFaMDMxMTAvBgNV
BAMTKDI4MzM4MzNGNDhFMTI4MjZEM0JCMDU5QTkyNzhENTkwQURFN0Q5NTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKxZGHlESFLXHMM94rPOwG5jcW
I8kPqYSJgqDrvIHxxMui/ueHj7cNEBHqWqzo8TAJNMzP5Wbj9PVtaJAODawA9d1A
ouucf5VPwR5z9Xd9GidmXDuDft1uouG+SM4v/8gm58td843CCoT8yYtJelkOlSjl
bfog6/z4lvcTfU3yGKBoYqNEyfwjZ+rQ5LAya3X0DUDFYzFksoFkzwrVJW3Fkh7b
OUjBvE3LddrEOENu1kvdscrJHvIO1zP/DUv6qJUYx7bqdHHnPT70l+iCzyLGHaE5
etgDLH3SwJ1LPmk6k3kcgBJEqSEewd3aiAeYMviwe7Q/kVFrqqkjR0v0KA+dAgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQUKDODP0jhKCbTuwWaknjVkK3n2VQwHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYt
NDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC8wL0FTMjE0MDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAAjAgAwYEKgYS
gYADBgQqCVTGMAMGBSoJVMZgAwYEKglUxrAwDQYJKoZIhvcNAQELBQADggEBAJYH
qvEbNB6KFcqIRiSQQJx17t0Ym/g+lLYglYE9ElVjEauylyjbapz9t2qwqFg6L5Fs
eGXLrcaJ6mxnPlAbn9BJG5+AnBTI+PEo2nBhE5EUI1GBTyaE6mrRKhTAfeSUEOmQ
+3RZ9P8gu8B41hmuiOVs1wEXKMcuYqZouwrh8KlAqyQMQ3IkBjCv1IoZTLNCQc9G
NXKaXI7edKtkUVrQy5qPUuwt8+ZYP8O1WMbjv6ORBU/42HbsqddatF5E2YQXJLi/
1ksKhkokYxARFzyQMta0GUR720dYDIQxu3VA1li0FntZ6m/zu76MFJ9W+NJsyxq9
agn9vm7zg7gp5lLtnpk=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:38:34 2025 by rpki-client