Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211895.roa
File: AS211895.roa (raw, json)
Hash identifier: hFgjHTTqqrm1D4alNlXtryg9oz4k99+3OLiSMSDYyXc=
Subject key identifier: 25:98:D7:B7:0F:FE:5A:AC:EC:27:43:8E:49:5B:0F:BB:26:F4:34:43
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3BFF85D5D380B7BE6045F4465841E72B7BE0C30E
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211895.roa
Signing time: Fri 21 Mar 2025 16:10:11 +0000
ROA not before: Fri 21 Mar 2025 16:05:11 +0000
ROA not after: Fri 20 Mar 2026 16:10:11 +0000
asID: 211895
IP address blocks: 82.22.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:ff:85:d5:d3:80:b7:be:60:45:f4:46:58:41:e7:2b:7b:e0:c3:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 21 16:05:11 2025 GMT
Not After : Mar 20 16:10:11 2026 GMT
Subject: CN=2598D7B70FFE5AACEC27438E495B0FBB26F43443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:e7:3c:50:b2:5b:bd:11:bf:17:b6:b4:c7:93:
12:f3:a6:f1:48:b0:82:8d:cb:0b:90:5d:6d:14:9b:
80:1e:b5:59:d1:43:2f:57:f9:cd:d4:3d:c5:2e:ea:
df:e0:cd:62:31:cc:c3:b6:ac:e1:80:fc:14:6f:bd:
16:d3:a4:ab:65:6f:a1:51:b6:e5:d7:c3:10:70:b7:
a7:22:f3:02:60:a9:15:d8:11:9d:34:0e:df:19:ea:
df:23:a0:58:1b:e5:75:4a:39:78:ad:bb:41:8e:b6:
73:70:d4:2c:6a:84:b7:a3:3f:44:b5:bb:84:06:9a:
d2:eb:2f:05:ee:bf:f0:a0:69:15:92:f5:c5:90:f1:
fd:46:25:bb:d6:85:0f:c3:1e:3b:c2:d1:a2:0a:eb:
7a:53:7f:72:45:fd:8f:e1:b9:db:d4:cd:ae:a9:98:
f4:d2:5c:c4:69:bf:52:4b:c5:1e:ed:56:01:6c:fb:
02:b7:86:e4:2c:77:dc:99:43:4d:0a:a1:fa:09:4d:
85:99:73:a8:6e:95:96:af:62:d7:9d:12:2e:1a:0f:
d1:c3:3b:ba:a7:4a:87:c5:74:00:10:a2:e3:1d:bd:
1d:bd:ad:e5:ab:f6:20:03:e3:98:04:c1:d2:72:03:
58:4f:d1:7b:2e:af:89:a6:69:f1:6c:ef:b3:35:58:
36:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:98:D7:B7:0F:FE:5A:AC:EC:27:43:8E:49:5B:0F:BB:26:F4:34:43
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS211895.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.82.0/24
Signature Algorithm: sha256WithRSAEncryption
58:83:08:97:b3:2c:3c:27:9e:0e:4e:d6:94:7e:f3:37:e6:aa:
97:eb:f3:19:7b:6f:03:b4:e5:ca:67:d0:8a:6c:ca:c0:11:85:
38:c7:f2:22:37:d9:ba:6f:20:3d:09:73:d6:81:4c:af:a5:99:
50:a0:04:b5:30:48:5e:c4:5d:5b:a1:7e:3b:e9:61:da:6f:56:
89:52:f6:58:66:93:73:1f:ca:ae:5c:97:f9:3d:03:a3:40:43:
34:83:ff:e2:a5:05:ea:e9:f7:6e:c8:db:66:5e:2e:c5:93:e6:
78:78:34:cb:f0:4a:c1:61:a7:40:42:27:28:9a:99:8b:50:c0:
1e:cf:3f:4e:38:85:c0:80:6b:48:27:c9:9e:97:eb:84:d2:4e:
9f:af:30:6f:92:cc:c6:de:a7:26:47:68:e4:71:a2:7c:b1:18:
34:c0:dd:de:86:6c:d2:a7:d1:e3:08:a2:df:77:e3:66:dd:6a:
98:18:f6:b0:6f:ba:22:d5:8a:0b:b7:12:19:94:c3:a5:67:be:
b6:bc:bf:6a:ea:41:d1:47:56:77:13:c1:19:09:05:f1:40:37:
18:7c:2c:5d:d2:44:61:3c:dc:ad:08:cd:a2:5d:b6:20:cc:7b:
5d:1e:ba:38:21:59:0b:3b:04:3a:9f:c9:ca:f0:ee:1b:cf:85:
90:c1:e3:db
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUO/+F1dOAt75gRfRGWEHnK3vgww4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjExNjA1MTFaFw0yNjAzMjAxNjEwMTFaMDMxMTAvBgNV
BAMTKDI1OThEN0I3MEZGRTVBQUNFQzI3NDM4RTQ5NUIwRkJCMjZGNDM0NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD25zxQslu9Eb8XtrTHkxLzpvFI
sIKNywuQXW0Um4AetVnRQy9X+c3UPcUu6t/gzWIxzMO2rOGA/BRvvRbTpKtlb6FR
tuXXwxBwt6ci8wJgqRXYEZ00Dt8Z6t8joFgb5XVKOXitu0GOtnNw1CxqhLejP0S1
u4QGmtLrLwXuv/CgaRWS9cWQ8f1GJbvWhQ/DHjvC0aIK63pTf3JF/Y/hudvUza6p
mPTSXMRpv1JLxR7tVgFs+wK3huQsd9yZQ00KofoJTYWZc6hulZavYtedEi4aD9HD
O7qnSofFdAAQouMdvR29reWr9iAD45gEwdJyA1hP0Xsur4mmafFs77M1WDYDAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUJZjXtw/+WqzsJ0OOSVsPuyb0NEMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjExODk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUhZS
MA0GCSqGSIb3DQEBCwUAA4IBAQBYgwiXsyw8J54OTtaUfvM35qqX6/MZe28DtOXK
Z9CKbMrAEYU4x/IiN9m6byA9CXPWgUyvpZlQoAS1MEhexF1boX476WHab1aJUvZY
ZpNzH8quXJf5PQOjQEM0g//ipQXq6fduyNtmXi7Fk+Z4eDTL8ErBYadAQicompmL
UMAezz9OOIXAgGtIJ8mel+uE0k6frzBvkszG3qcmR2jkcaJ8sRg0wN3ehmzSp9Hj
CKLfd+Nm3WqYGPawb7oi1YoLtxIZlMOlZ762vL9q6kHRR1Z3E8EZCQXxQDcYfCxd
0kRhPNytCM2iXbYgzHtdHro4IVkLOwQ6n8nK8O4bz4WQwePb
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:21:14 2025 by rpki-client