Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa
File: AS213655.roa (raw, json)
Hash identifier: U28q726Cyd3eV/7Cyb+8L8Wvz6QTR/iPrGX3gIkrWRM=
Subject key identifier: D5:36:D1:D5:58:65:07:4A:FD:E1:7E:9F:BE:7B:B8:3E:D3:9E:55:D9
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 078E22A5CF42236A106D469BDB63DDFF60C1D0A5
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa
Signing time: Tue 11 Feb 2025 03:41:29 +0000
ROA not before: Tue 11 Feb 2025 03:36:29 +0000
ROA not after: Tue 10 Feb 2026 03:41:29 +0000
asID: 213655
IP address blocks: 2a0f:85c1:b80::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:8e:22:a5:cf:42:23:6a:10:6d:46:9b:db:63:dd:ff:60:c1:d0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 11 03:36:29 2025 GMT
Not After : Feb 10 03:41:29 2026 GMT
Subject: CN=D536D1D55865074AFDE17E9FBE7BB83ED39E55D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:53:54:d0:af:26:de:ac:41:ba:8a:14:a5:e2:
f7:a7:8e:ea:6b:ac:09:b1:13:a0:22:39:cd:63:02:
99:ff:0f:30:de:eb:37:60:2d:e8:7b:96:ae:65:c1:
87:26:08:f5:53:58:e3:22:2b:4a:71:e5:51:d7:09:
0a:2f:10:ef:fa:47:64:b1:2e:86:66:2c:65:5a:37:
15:17:03:95:3b:13:21:6b:31:9d:57:e3:66:1b:9b:
81:df:ae:88:fd:ab:29:e6:03:e9:aa:6d:75:af:1f:
09:31:3d:27:19:31:d9:48:8d:a6:ae:e7:47:e3:bf:
e1:70:db:22:e8:16:b7:b6:20:92:c7:56:79:8b:e5:
e2:ef:26:f8:c8:42:fc:65:b5:7b:17:32:da:1e:29:
48:70:4c:14:2d:54:f2:80:1e:90:a0:2c:e8:e0:b1:
d2:c7:ae:8d:e5:d0:fb:e0:fb:18:9b:f4:3c:c1:39:
99:35:13:03:26:be:a9:cf:42:01:7f:dc:5b:de:22:
d8:f3:0a:d5:32:4e:c6:2a:9d:ac:4e:21:9c:01:f4:
07:ce:76:fb:1f:70:97:e2:41:2c:5a:c8:8c:0d:1c:
2b:b6:20:dd:bd:44:b9:fe:b1:0b:b6:75:50:3d:7e:
be:51:c9:c7:a0:52:5f:88:2e:e7:24:78:97:04:b1:
56:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:36:D1:D5:58:65:07:4A:FD:E1:7E:9F:BE:7B:B8:3E:D3:9E:55:D9
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b80::/44
Signature Algorithm: sha256WithRSAEncryption
a2:cf:f3:6c:e0:9a:8b:6b:f2:74:1b:23:0a:cc:0d:2a:ec:c7:
ed:e4:97:6d:72:c8:d3:c4:16:4d:71:42:70:68:3f:b4:1d:10:
ea:93:61:b5:3f:77:8d:55:8f:3f:86:84:55:99:56:33:65:a5:
20:1b:a7:2c:8d:c0:48:7f:8e:e0:76:f4:9a:51:a0:c2:05:68:
50:04:60:0e:82:59:b7:0d:3d:3f:aa:fe:99:91:f9:a8:1d:60:
bc:4a:68:b2:d4:90:15:6c:fa:7b:81:7c:f0:8f:d7:19:2b:b3:
31:69:cf:17:8f:80:80:99:b5:aa:cc:b6:8d:10:85:9c:03:43:
4b:be:3e:f7:7e:5f:4b:26:ee:0e:92:29:c7:74:44:d3:20:a9:
7b:43:f9:e7:9a:25:bf:8c:a7:a1:de:db:b3:69:d9:78:f5:8c:
fa:d7:f3:40:c0:67:a4:b9:e2:b5:19:51:9e:8b:f7:c9:be:01:
ea:ac:48:28:4e:db:89:44:9c:20:6e:8a:4d:1a:e7:ba:66:91:
8f:4a:1a:da:08:3e:af:01:d8:1d:b6:86:ae:01:bb:10:6d:82:
a3:42:91:a1:a1:68:c5:39:cd:6f:42:cb:96:b4:81:a7:14:45:
3d:a2:5c:d4:a2:f7:d8:5f:5e:1a:13:fb:d2:ff:5f:79:c9:5d:
b8:9e:ae:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUB44ipc9CI2oQbUab22Pd/2DB0KUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAyMTEwMzM2MjlaFw0yNjAyMTAwMzQxMjlaMDMxMTAvBgNV
BAMTKEQ1MzZEMUQ1NTg2NTA3NEFGREUxN0U5RkJFN0JCODNFRDM5RTU1RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSU1TQryberEG6ihSl4venjupr
rAmxE6AiOc1jApn/DzDe6zdgLeh7lq5lwYcmCPVTWOMiK0px5VHXCQovEO/6R2Sx
LoZmLGVaNxUXA5U7EyFrMZ1X42Ybm4Hfroj9qynmA+mqbXWvHwkxPScZMdlIjaau
50fjv+Fw2yLoFre2IJLHVnmL5eLvJvjIQvxltXsXMtoeKUhwTBQtVPKAHpCgLOjg
sdLHro3l0Pvg+xib9DzBOZk1EwMmvqnPQgF/3FveItjzCtUyTsYqnaxOIZwB9AfO
dvsfcJfiQSxayIwNHCu2IN29RLn+sQu2dVA9fr5RycegUl+ILuckeJcEsVZbAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU1TbR1VhlB0r94X6fvnu4PtOeVdkwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNjU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQuAMA0GCSqGSIb3DQEBCwUAA4IBAQCiz/Ns4JqLa/J0GyMKzA0q7Mft5JdtcsjT
xBZNcUJwaD+0HRDqk2G1P3eNVY8/hoRVmVYzZaUgG6csjcBIf47gdvSaUaDCBWhQ
BGAOglm3DT0/qv6ZkfmoHWC8Smiy1JAVbPp7gXzwj9cZK7Mxac8Xj4CAmbWqzLaN
EIWcA0NLvj73fl9LJu4OkinHdETTIKl7Q/nnmiW/jKeh3tuzadl49Yz61/NAwGek
ueK1GVGei/fJvgHqrEgoTtuJRJwgbopNGue6ZpGPShraCD6vAdgdtoauAbsQbYKj
QpGhoWjFOc1vQsuWtIGnFEU9olzUovfYX14aE/vS/195yV24nq7c
-----END CERTIFICATE-----
Generated at Thu Apr 10 03:21:44 2025 by rpki-client