Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213424.roa
File: AS213424.roa (raw, json)
Hash identifier: oUO/i6LEhKZ9ce+uRn7Ngk4juxKSevPykT6hLPxiAZ8=
Subject key identifier: 1B:96:D2:DA:02:74:65:B9:69:06:2C:BE:D4:E9:4D:02:22:80:7B:20
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 25E0C80B43A339C556CB36B857D25D84B022935D
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213424.roa
Signing time: Sat 15 Feb 2025 15:28:27 +0000
ROA not before: Sat 15 Feb 2025 15:23:27 +0000
ROA not after: Sat 14 Feb 2026 15:28:27 +0000
asID: 213424
IP address blocks: 2a0f:85c1:b7c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:e0:c8:0b:43:a3:39:c5:56:cb:36:b8:57:d2:5d:84:b0:22:93:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 15 15:23:27 2025 GMT
Not After : Feb 14 15:28:27 2026 GMT
Subject: CN=1B96D2DA027465B969062CBED4E94D0222807B20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:29:59:80:d2:ec:7c:55:d9:a2:f6:02:e4:af:
96:c0:c5:c2:45:dd:ae:29:e8:71:e8:ca:7d:1a:cc:
75:b9:ca:06:d4:5c:1b:1b:92:99:ee:b8:e1:d5:8f:
ed:eb:29:e4:f6:8d:d3:a4:f7:b8:63:a1:d6:eb:bf:
6b:7e:2e:ab:a4:2a:d0:06:c7:8c:ff:8c:67:01:69:
fe:d4:12:84:e8:86:71:bf:19:a0:08:1d:c7:0d:de:
bd:d2:f0:a5:b5:25:0f:61:dc:ad:ce:ec:73:ac:31:
5b:a2:a6:32:dc:b3:13:b7:8c:40:0c:41:c9:80:37:
13:c0:8f:49:f4:43:6b:85:9b:f0:94:b9:13:02:cf:
df:17:1a:a7:55:85:99:99:4e:97:15:e0:f4:b4:85:
01:de:5d:ae:a4:f0:fe:91:42:58:48:71:89:a1:40:
1a:b1:7a:26:6e:ec:f9:74:b4:75:7f:ec:08:3b:36:
e9:43:af:32:53:67:a6:d8:aa:f5:15:ca:66:95:e3:
13:cf:bb:e5:8f:ee:dd:d0:4b:b5:df:2b:1e:a4:1f:
ff:23:6b:6f:24:07:8f:e7:38:e3:43:f0:48:0b:5a:
93:db:c9:2b:fd:f3:32:ad:08:4f:fb:b8:93:5a:47:
08:e8:ae:7c:6d:4a:58:f1:f1:e3:41:76:b9:f7:d4:
64:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:96:D2:DA:02:74:65:B9:69:06:2C:BE:D4:E9:4D:02:22:80:7B:20
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213424.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b7c::/48
Signature Algorithm: sha256WithRSAEncryption
7b:5f:1b:1d:9e:06:e7:c5:83:97:46:12:65:fd:7a:47:1f:26:
c1:6c:34:33:62:ca:9a:eb:07:f0:32:16:7c:f4:78:0a:34:fd:
30:27:bf:cc:89:49:31:61:15:62:33:7c:c4:e5:57:7a:cc:d5:
c2:4c:2e:82:2d:25:56:5b:63:9d:3a:97:ee:83:52:7f:42:65:
aa:ef:b1:ab:83:5c:31:e0:6e:c9:dd:ea:a0:6a:93:e5:bb:0e:
2c:03:54:54:cd:61:27:e6:48:7a:bb:32:de:9b:3d:09:96:21:
2b:a4:56:cf:69:9b:d1:24:f4:a4:78:f0:50:0c:40:ad:0f:b2:
e3:ff:e0:3b:3f:d3:3a:84:d8:68:c2:dd:71:99:8c:51:46:60:
01:4f:52:a7:84:9c:68:a2:aa:dc:d4:3e:2f:44:48:67:74:b5:
8e:83:86:41:d9:94:cc:41:3f:14:23:9f:e8:38:4f:fe:2b:ff:
4f:f4:97:86:0c:e0:30:29:5b:19:0f:9b:51:a4:e4:c2:9f:86:
94:62:75:84:72:45:c4:1f:ae:4d:94:01:3b:f9:80:68:a9:18:
dd:7c:af:a8:08:76:37:81:53:d7:ae:d1:1f:45:ec:6d:44:40:
c6:91:40:7a:e2:43:13:c5:a6:9d:a5:52:02:cf:73:f3:7a:f1:
b4:36:1b:40
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJeDIC0OjOcVWyza4V9JdhLAik10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAyMTUxNTIzMjdaFw0yNjAyMTQxNTI4MjdaMDMxMTAvBgNV
BAMTKDFCOTZEMkRBMDI3NDY1Qjk2OTA2MkNCRUQ0RTk0RDAyMjI4MDdCMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXKVmA0ux8Vdmi9gLkr5bAxcJF
3a4p6HHoyn0azHW5ygbUXBsbkpnuuOHVj+3rKeT2jdOk97hjodbrv2t+LqukKtAG
x4z/jGcBaf7UEoTohnG/GaAIHccN3r3S8KW1JQ9h3K3O7HOsMVuipjLcsxO3jEAM
QcmANxPAj0n0Q2uFm/CUuRMCz98XGqdVhZmZTpcV4PS0hQHeXa6k8P6RQlhIcYmh
QBqxeiZu7Pl0tHV/7Ag7NulDrzJTZ6bYqvUVymaV4xPPu+WP7t3QS7XfKx6kH/8j
a28kB4/nOOND8EgLWpPbySv98zKtCE/7uJNaRwjornxtSljx8eNBdrn31GTTAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUG5bS2gJ0ZblpBiy+1OlNAiKAeyAwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNDI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQt8MA0GCSqGSIb3DQEBCwUAA4IBAQB7XxsdngbnxYOXRhJl/XpHHybBbDQzYsqa
6wfwMhZ89HgKNP0wJ7/MiUkxYRViM3zE5Vd6zNXCTC6CLSVWW2OdOpfug1J/QmWq
77Grg1wx4G7J3eqgapPluw4sA1RUzWEn5kh6uzLemz0JliErpFbPaZvRJPSkePBQ
DECtD7Lj/+A7P9M6hNhowt1xmYxRRmABT1KnhJxooqrc1D4vREhndLWOg4ZB2ZTM
QT8UI5/oOE/+K/9P9JeGDOAwKVsZD5tRpOTCn4aUYnWEckXEH65NlAE7+YBoqRjd
fK+oCHY3gVPXrtEfRextREDGkUB64kMTxaadpVICz3PzevG0NhtA
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:01 2025 by rpki-client