Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214117.roa
File: AS214117.roa (raw, json)
Hash identifier: wv9qUvnmsViMy3S1trRuPUIsKZk5dnAaqn3vBvnbIUc=
Subject key identifier: 0B:76:6D:4E:02:8F:5C:4E:BC:57:CD:E0:3D:88:8B:9F:69:91:8A:53
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 2C1B35F9930AED57B88E542915AC1BED81D0C76C
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214117.roa
Signing time: Mon 17 Feb 2025 20:14:48 +0000
ROA not before: Mon 17 Feb 2025 20:09:48 +0000
ROA not after: Mon 16 Feb 2026 20:14:48 +0000
asID: 214117
IP address blocks: 2a0f:85c1:8b4::/48 maxlen: 48
2a0f:85c1:8e0::/44 maxlen: 44
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:1b:35:f9:93:0a:ed:57:b8:8e:54:29:15:ac:1b:ed:81:d0:c7:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 17 20:09:48 2025 GMT
Not After : Feb 16 20:14:48 2026 GMT
Subject: CN=0B766D4E028F5C4EBC57CDE03D888B9F69918A53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:17:68:e4:ab:30:f5:e1:f3:d7:47:05:4f:0e:
50:02:ac:67:f7:af:69:df:3d:9f:06:9a:2f:7d:b8:
69:b1:22:08:11:34:28:bd:cc:0e:be:db:5a:1e:12:
ec:0a:76:3a:4c:d6:67:ca:fa:c7:4f:3b:61:1a:81:
0b:da:b3:33:3b:d1:ef:6e:99:32:7b:31:bd:be:28:
2d:71:d6:d4:77:ab:e9:ec:20:2d:9a:54:25:49:fe:
d2:f9:73:5d:39:73:55:0e:1d:04:29:07:79:97:5f:
70:47:e4:00:9d:4f:c5:c4:7b:2b:7c:6b:d4:b2:aa:
a8:ca:0a:55:e5:1f:cf:90:c7:73:2a:05:7c:c4:09:
d4:41:3a:a6:02:ac:7f:a5:00:56:67:48:fa:66:80:
c7:72:02:11:cb:79:b3:7d:90:6b:c1:b8:aa:50:1a:
a6:94:3e:cb:28:61:94:83:b4:ac:53:92:70:96:90:
15:96:ab:b9:1a:19:90:d6:18:27:2b:63:79:a6:39:
70:ce:87:cf:f2:d9:a5:59:b8:1b:6c:23:9e:cd:6d:
c2:f8:d2:3f:dd:df:62:fc:9a:92:cc:f4:e1:db:74:
ad:c3:4c:76:1b:8d:8e:44:ce:42:b4:0c:82:ca:d1:
68:3e:73:d1:8d:83:07:41:c6:95:f5:92:68:a9:f7:
94:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:76:6D:4E:02:8F:5C:4E:BC:57:CD:E0:3D:88:8B:9F:69:91:8A:53
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214117.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:8b4::/48
2a0f:85c1:8e0::/44
Signature Algorithm: sha256WithRSAEncryption
d3:42:27:72:f7:eb:99:47:6d:de:a4:fb:ba:06:8b:fe:27:21:
c5:9f:83:5b:55:fc:98:16:7e:b5:12:fd:49:ee:f2:dd:8e:2c:
41:f1:7a:14:33:5a:e8:05:92:c5:2d:e0:a2:24:10:20:79:21:
31:03:4c:1d:ab:e5:b1:da:31:94:6e:e7:c8:48:db:36:bc:a8:
a4:ee:08:9c:02:7b:76:b2:31:c8:3a:34:15:dc:b7:0a:6f:ca:
e2:af:d0:02:ab:d0:7a:93:81:41:e2:fc:1a:6d:b9:a2:2f:b0:
72:9d:d7:c1:d7:09:d7:f6:4b:e0:ae:90:97:d4:95:e1:d8:97:
04:96:ad:76:35:ad:1a:ed:e9:ed:13:a1:c7:0a:4d:d3:15:1b:
2f:81:20:5a:6a:83:f5:3e:ec:54:06:b0:a9:c5:52:42:0b:5b:
ae:fd:f6:e0:af:c9:bf:9d:1e:66:e7:b1:52:6f:99:69:f3:3b:
66:ac:63:29:6a:cf:fd:99:0d:34:2a:c0:5f:2b:4e:17:00:2f:
34:b6:3c:44:f4:7d:f2:c7:6f:5e:e3:32:a0:37:99:a7:b7:10:
9a:24:a1:f0:44:97:58:60:55:7c:86:eb:4a:15:7e:eb:cf:95:
25:9a:68:3d:4d:50:7a:f1:a2:27:cf:00:33:12:f7:14:c3:f9:
2c:db:80:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIULBs1+ZMK7Ve4jlQpFawb7YHQx2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAyMTcyMDA5NDhaFw0yNjAyMTYyMDE0NDhaMDMxMTAvBgNV
BAMTKDBCNzY2RDRFMDI4RjVDNEVCQzU3Q0RFMDNEODg4QjlGNjk5MThBNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVF2jkqzD14fPXRwVPDlACrGf3
r2nfPZ8Gmi99uGmxIggRNCi9zA6+21oeEuwKdjpM1mfK+sdPO2EagQvaszM70e9u
mTJ7Mb2+KC1x1tR3q+nsIC2aVCVJ/tL5c105c1UOHQQpB3mXX3BH5ACdT8XEeyt8
a9SyqqjKClXlH8+Qx3MqBXzECdRBOqYCrH+lAFZnSPpmgMdyAhHLebN9kGvBuKpQ
GqaUPssoYZSDtKxTknCWkBWWq7kaGZDWGCcrY3mmOXDOh8/y2aVZuBtsI57NbcL4
0j/d32L8mpLM9OHbdK3DTHYbjY5EzkK0DILK0Wg+c9GNgwdBxpX1kmip95SdAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUC3ZtTgKPXE68V83gPYiLn2mRilMwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0MTE3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wQi0AwcEKg+FwQjgMA0GCSqGSIb3DQEBCwUAA4IBAQDTQidy9+uZR23epPu6Bov+
JyHFn4NbVfyYFn61Ev1J7vLdjixB8XoUM1roBZLFLeCiJBAgeSExA0wdq+Wx2jGU
bufISNs2vKik7gicAnt2sjHIOjQV3LcKb8rir9ACq9B6k4FB4vwabbmiL7ByndfB
1wnX9kvgrpCX1JXh2JcElq12Na0a7entE6HHCk3TFRsvgSBaaoP1PuxUBrCpxVJC
C1uu/fbgr8m/nR5m57FSb5lp8ztmrGMpas/9mQ00KsBfK04XAC80tjxE9H3yx29e
4zKgN5mntxCaJKHwRJdYYFV8hutKFX7rz5Ulmmg9TVB68aInzwAzEvcUw/ks24CP
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:17:49 2025 by rpki-client