Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214911.roa
File: AS214911.roa (raw, json)
Hash identifier: s8rfRL/MjcT6V67GTh9bbBcIzUKjQkOJyGO5IDSc0O0=
Subject key identifier: CB:30:33:0A:2F:9A:4F:43:D6:9F:A7:EE:9D:A2:D6:5A:20:AD:AB:2D
Certificate issuer: /CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Certificate serial: 378D6E8DDBD3A897A5F5B8C19F17FDF61784D445
Authority key identifier: 57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214911.roa
Signing time: Wed 22 Jan 2025 15:10:55 +0000
ROA not before: Wed 22 Jan 2025 15:05:55 +0000
ROA not after: Wed 21 Jan 2026 15:10:55 +0000
asID: 214911
IP address blocks: 2a06:1281::/36 maxlen: 44
2a06:1281:a000::/36 maxlen: 44
2a09:54c6:2000::/36 maxlen: 44
2a09:54c6:4000::/36 maxlen: 36
2a09:54c6:4000::/36 maxlen: 44
2a09:54c6:5000::/36 maxlen: 44
2a09:54c6:c000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:8d:6e:8d:db:d3:a8:97:a5:f5:b8:c1:9f:17:fd:f6:17:84:d4:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A9746FE543EB3EA0D449534244C93FC88F8503
Validity
Not Before: Jan 22 15:05:55 2025 GMT
Not After : Jan 21 15:10:55 2026 GMT
Subject: CN=CB30330A2F9A4F43D69FA7EE9DA2D65A20ADAB2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:59:62:53:e5:19:68:48:29:9c:40:ff:1d:73:
08:68:32:85:e7:53:12:f4:1c:e5:ae:90:34:19:3c:
31:cf:70:a1:8e:46:3f:65:c0:1a:1b:fe:8f:a0:e6:
41:22:22:06:f6:63:47:9f:2b:0f:49:39:83:cb:16:
56:a2:0e:80:5b:c0:87:46:59:88:07:80:0f:86:5b:
36:17:d9:c1:be:c7:69:bc:00:d4:9c:61:0a:74:8e:
b3:84:0f:41:04:fe:8a:57:1d:8e:90:3d:ec:b2:21:
b7:e0:14:6c:a0:f4:5a:f1:8c:6f:30:12:8e:a8:b7:
24:49:4a:c1:43:7b:43:f8:d6:aa:39:cc:1c:2b:d8:
fb:74:b1:3d:b7:f1:2b:37:b6:a0:84:31:d0:4e:da:
40:44:4d:4d:bf:44:3b:96:92:18:ad:02:34:c1:52:
f5:93:30:ad:7b:2b:91:e5:c8:b3:a8:9a:7e:f9:f5:
fc:e4:c9:cf:04:5c:2f:66:a5:92:60:0a:20:4c:4a:
7a:54:70:1a:73:43:d7:4c:78:a8:fb:27:f3:51:f7:
51:cc:ba:0c:c1:52:d7:15:92:76:cf:fa:65:41:e3:
38:96:d2:3e:15:b3:9d:20:51:ac:ea:f0:76:3d:b0:
50:cd:0b:a9:93:36:66:87:44:a3:e6:36:d9:95:58:
81:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:30:33:0A:2F:9A:4F:43:D6:9F:A7:EE:9D:A2:D6:5A:20:AD:AB:2D
X509v3 Authority Key Identifier:
keyid:57:A9:74:6F:E5:43:EB:3E:A0:D4:49:53:42:44:C9:3F:C8:8F:85:03
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/57A9746FE543EB3EA0D449534244C93FC88F8503.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/57A9746FE543EB3EA0D449534244C93FC88F8503.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/0/AS214911.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1281::/36
2a06:1281:a000::/36
2a09:54c6:2000::/36
2a09:54c6:4000::/35
2a09:54c6:c000::/36
Signature Algorithm: sha256WithRSAEncryption
33:b8:90:dc:1c:ca:76:78:7a:08:55:49:a3:da:d7:8e:76:24:
ef:8e:a0:e8:8b:48:7d:01:29:e2:49:fb:6a:eb:94:8d:e7:4d:
93:83:33:50:b8:ff:14:89:c7:0f:d0:08:c5:a7:a1:85:00:80:
22:cf:99:5f:01:4f:ce:ac:6e:98:41:45:09:fa:d3:b8:e3:97:
fc:a4:3f:23:a3:a7:89:7b:50:16:a9:3c:e8:f8:41:f2:68:a0:
f9:e7:98:8f:31:e3:05:fa:fb:82:92:5c:92:09:60:e8:da:9b:
35:e3:a7:bf:61:8a:11:11:f4:2d:da:93:bf:59:7f:3b:43:51:
ff:51:ab:43:46:aa:a2:c5:73:ea:55:74:f8:e4:21:c9:49:2d:
7c:7b:9d:c1:1e:19:15:ad:b5:90:45:ca:20:1b:a6:47:18:9d:
db:69:6c:d6:43:57:0c:61:af:b4:6f:ec:9d:e1:1d:ae:53:79:
34:c4:72:22:fb:1b:cf:a5:bc:3c:55:98:73:9c:ea:e8:23:76:
29:ff:e4:f3:84:80:9c:bd:7c:94:73:26:ed:07:50:ac:08:89:
c9:a0:3f:a4:c5:8d:b4:47:37:31:0d:6e:c5:cd:d5:48:eb:35:
00:50:14:b2:fc:0d:63:b2:39:26:19:20:60:3d:44:7f:d4:19:
71:8f:00:7f
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUN41ujdvTqJel9bjBnxf99heE1EUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZD
ODhGODUwMzAeFw0yNTAxMjIxNTA1NTVaFw0yNjAxMjExNTEwNTVaMDMxMTAvBgNV
BAMTKENCMzAzMzBBMkY5QTRGNDNENjlGQTdFRTlEQTJENjVBMjBBREFCMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiWWJT5RloSCmcQP8dcwhoMoXn
UxL0HOWukDQZPDHPcKGORj9lwBob/o+g5kEiIgb2Y0efKw9JOYPLFlaiDoBbwIdG
WYgHgA+GWzYX2cG+x2m8ANScYQp0jrOED0EE/opXHY6QPeyyIbfgFGyg9FrxjG8w
Eo6otyRJSsFDe0P41qo5zBwr2Pt0sT238Ss3tqCEMdBO2kBETU2/RDuWkhitAjTB
UvWTMK17K5HlyLOomn759fzkyc8EXC9mpZJgCiBMSnpUcBpzQ9dMeKj7J/NR91HM
ugzBUtcVknbP+mVB4ziW0j4Vs50gUazq8HY9sFDNC6mTNmaHRKPmNtmVWIFPAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQUyzAzCi+aT0PWn6funaLWWiCtqy0wHwYDVR0j
BBgwFoAUV6l0b+VD6z6g1ElTQkTJP8iPhQMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzAvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhGODUwMy5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvNTdBOTc0NkZFNTQzRUIzRUEwRDQ0OTUzNDI0NEM5M0ZDODhG
ODUwMy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYt
NDU0MS1iY2MxLTI3NjU0M2EyNWM3ZC8wL0FTMjE0OTExLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYEKgYS
gQADBgQqBhKBoAMGBCoJVMYgAwYFKglUxkADBgQqCVTGwDANBgkqhkiG9w0BAQsF
AAOCAQEAM7iQ3BzKdnh6CFVJo9rXjnYk746g6ItIfQEp4kn7auuUjedNk4MzULj/
FInHD9AIxaehhQCAIs+ZXwFPzqxumEFFCfrTuOOX/KQ/I6OniXtQFqk86PhB8mig
+eeYjzHjBfr7gpJckglg6NqbNeOnv2GKERH0LdqTv1l/O0NR/1GrQ0aqosVz6lV0
+OQhyUktfHudwR4ZFa21kEXKIBumRxid22ls1kNXDGGvtG/sneEdrlN5NMRyIvsb
z6W8PFWYc5zq6CN2Kf/k84SAnL18lHMm7QdQrAiJyaA/pMWNtEc3MQ1uxc3VSOs1
AFAUsvwNY7I5JhkgYD1Ef9QZcY8Afw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:22:38 2025 by rpki-client