Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212001.roa
File: AS212001.roa (raw, json)
Hash identifier: 9tKZ8HPAyeKp771FzBQURmYM4HyYhlnLLjbO4s/gqIU=
Subject key identifier: 25:62:86:CB:4D:80:ED:3C:07:20:BC:C2:D1:51:99:FB:45:FC:F3:C0
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 575EF5C40489B365C2D760B1204584AAB71EADC0
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212001.roa
Signing time: Mon 10 Mar 2025 22:21:28 +0000
ROA not before: Mon 10 Mar 2025 22:16:28 +0000
ROA not after: Mon 09 Mar 2026 22:21:28 +0000
asID: 212001
IP address blocks: 2a0f:85c1:bb3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:5e:f5:c4:04:89:b3:65:c2:d7:60:b1:20:45:84:aa:b7:1e:ad:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Mar 10 22:16:28 2025 GMT
Not After : Mar 9 22:21:28 2026 GMT
Subject: CN=256286CB4D80ED3C0720BCC2D15199FB45FCF3C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d6:9c:47:2a:59:20:14:de:40:70:ef:78:c6:
eb:ea:86:d7:f6:df:35:f6:c1:b4:fb:6e:b5:b4:f7:
ff:9f:56:6f:26:7c:07:ca:0f:c0:5e:02:fc:86:1d:
ba:c1:90:45:8e:ef:85:eb:99:ca:e4:22:00:ab:28:
72:5e:ab:2e:4a:8e:04:a8:0c:70:3a:88:df:24:34:
f3:9e:1b:e7:7f:91:2d:91:45:65:d8:a9:3d:f9:8c:
58:0e:91:27:2d:f3:0d:28:95:10:96:f4:e5:f8:bd:
71:60:fd:74:03:45:e0:b0:de:ab:14:53:ce:3d:0f:
7a:0a:3f:93:16:15:bc:4e:d2:d1:67:2a:25:2a:dc:
e2:38:54:f8:67:96:92:45:f9:7b:b0:5d:2f:87:a4:
8c:f0:d3:f9:90:bd:c8:95:74:25:5a:cd:9a:d6:b2:
dc:cf:62:0d:82:e3:a6:dc:68:f7:99:b2:3b:4b:37:
bd:52:54:57:97:12:cf:4d:37:5d:06:78:c9:20:85:
4f:84:f8:0d:a6:e7:ed:86:45:b9:2c:95:51:c3:fe:
95:5c:78:05:34:af:11:d6:48:4f:1d:2f:4a:b4:1a:
f9:e7:87:95:db:2c:2f:0f:fd:e4:e6:ad:3a:bc:fc:
88:f5:ca:81:8d:08:09:61:a1:af:94:19:ba:a4:2e:
05:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:62:86:CB:4D:80:ED:3C:07:20:BC:C2:D1:51:99:FB:45:FC:F3:C0
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212001.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:bb3::/48
Signature Algorithm: sha256WithRSAEncryption
1d:3b:dd:bb:26:b6:14:61:bf:d5:fd:b8:3b:0e:ff:68:70:3f:
23:5f:b1:3a:0d:c5:bd:cc:c0:fa:52:7b:62:d6:13:81:4d:ac:
99:01:43:d7:15:7d:43:6c:c2:30:0f:e0:7f:bd:74:c9:8a:ed:
1d:7e:6c:46:52:01:9a:79:93:4e:ec:d1:18:cd:1a:a8:47:a3:
95:db:dc:49:19:47:9b:0b:f5:7b:59:45:e1:00:1e:38:98:45:
22:c5:a2:a4:34:d8:e3:f3:fc:38:27:94:92:9b:c9:5f:51:3d:
49:e8:2b:38:ab:45:4b:d5:4f:1e:b3:49:71:be:58:40:fc:c5:
d1:c2:10:40:20:47:c6:92:fc:58:a6:46:a1:ea:77:c0:85:59:
71:9f:08:51:38:73:67:0e:50:57:21:07:58:82:5c:16:53:63:
3a:dc:67:cf:5a:1d:ac:50:15:1d:93:00:28:97:dd:53:b4:a2:
db:2c:8e:b0:b0:e2:b6:88:36:6f:ad:ff:db:e8:56:72:14:68:
4e:b0:55:f5:ef:82:f7:8d:71:5d:66:6e:c1:57:38:11:70:fc:
aa:87:0f:63:de:ff:13:2c:9d:87:58:72:6d:24:e8:28:e4:c4:
8f:17:02:6c:4a:bb:9a:5e:59:d1:06:69:1f:9f:e4:55:62:ab:
cf:87:e5:bd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUV171xASJs2XC12CxIEWEqrcercAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAzMTAyMjE2MjhaFw0yNjAzMDkyMjIxMjhaMDMxMTAvBgNV
BAMTKDI1NjI4NkNCNEQ4MEVEM0MwNzIwQkNDMkQxNTE5OUZCNDVGQ0YzQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI1pxHKlkgFN5AcO94xuvqhtf2
3zX2wbT7brW09/+fVm8mfAfKD8BeAvyGHbrBkEWO74XrmcrkIgCrKHJeqy5KjgSo
DHA6iN8kNPOeG+d/kS2RRWXYqT35jFgOkSct8w0olRCW9OX4vXFg/XQDReCw3qsU
U849D3oKP5MWFbxO0tFnKiUq3OI4VPhnlpJF+XuwXS+HpIzw0/mQvciVdCVazZrW
stzPYg2C46bcaPeZsjtLN71SVFeXEs9NN10GeMkghU+E+A2m5+2GRbkslVHD/pVc
eAU0rxHWSE8dL0q0Gvnnh5XbLC8P/eTmrTq8/Ij1yoGNCAlhoa+UGbqkLgWbAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUJWKGy02A7TwHILzC0VGZ+0X888AwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEyMDAxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQuzMA0GCSqGSIb3DQEBCwUAA4IBAQAdO927JrYUYb/V/bg7Dv9ocD8jX7E6DcW9
zMD6Unti1hOBTayZAUPXFX1DbMIwD+B/vXTJiu0dfmxGUgGaeZNO7NEYzRqoR6OV
29xJGUebC/V7WUXhAB44mEUixaKkNNjj8/w4J5SSm8lfUT1J6Cs4q0VL1U8es0lx
vlhA/MXRwhBAIEfGkvxYpkah6nfAhVlxnwhROHNnDlBXIQdYglwWU2M63GfPWh2s
UBUdkwAol91TtKLbLI6wsOK2iDZvrf/b6FZyFGhOsFX174L3jXFdZm7BVzgRcPyq
hw9j3v8TLJ2HWHJtJOgo5MSPFwJsSruaXlnRBmkfn+RVYqvPh+W9
-----END CERTIFICATE-----
Generated at Sat Apr 5 21:38:05 2025 by rpki-client