Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214428.roa
File: AS214428.roa (raw, json)
Hash identifier: dozdwaQzu8/FDUE0UqJI79aw8lwlhgh37cmSr+Uw+bU=
Subject key identifier: C7:8D:BA:BF:C0:9C:80:BA:50:B9:1C:14:12:30:DC:A3:24:DC:13:70
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 75D34AB87E57EA718F27E40BFA019016610B6443
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214428.roa
Signing time: Tue 17 Dec 2024 00:46:09 +0000
ROA not before: Tue 17 Dec 2024 00:41:09 +0000
ROA not after: Tue 16 Dec 2025 00:46:09 +0000
asID: 214428
IP address blocks: 2a0f:85c1:845::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:d3:4a:b8:7e:57:ea:71:8f:27:e4:0b:fa:01:90:16:61:0b:64:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Dec 17 00:41:09 2024 GMT
Not After : Dec 16 00:46:09 2025 GMT
Subject: CN=C78DBABFC09C80BA50B91C141230DCA324DC1370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:f6:c8:94:a6:9f:e2:87:df:22:f8:2c:e3:
d5:aa:96:21:ec:a9:51:bd:19:50:b6:d9:49:48:e5:
73:51:f5:01:0a:17:a8:ba:ad:61:de:79:eb:ec:b5:
21:48:bd:d5:25:3b:d9:e8:85:58:8d:07:c9:21:0f:
4b:c7:6e:8e:8d:2f:e5:09:44:30:a3:f0:b8:33:5d:
a0:ce:25:83:3c:fc:af:d0:eb:c1:cc:76:25:97:f6:
7d:c4:ae:48:51:63:d6:f8:68:a6:74:e9:56:50:7e:
77:c3:73:12:11:d3:0d:b6:1b:e2:2a:e8:a0:1b:c6:
44:21:5e:ea:2d:36:92:84:eb:ea:63:c6:e0:04:eb:
57:3b:42:b7:a1:f3:49:10:3e:09:49:45:92:42:62:
af:be:09:02:2a:fc:89:cd:97:af:7f:04:1f:1f:75:
03:3c:bd:0a:d7:37:e3:bb:8a:c3:c4:7a:39:ab:f6:
9a:b0:5b:1e:95:0c:44:21:48:a8:10:dc:7b:34:fa:
8c:bd:3e:9d:8f:3d:e1:85:55:57:a1:fc:bf:15:b4:
52:7b:3d:5d:a1:57:71:a1:02:c5:26:99:74:06:28:
0b:20:d9:2f:3d:b4:2f:27:eb:95:ab:e9:22:7e:63:
4a:31:40:56:fb:53:8a:89:fa:8d:c8:68:19:36:87:
c2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8D:BA:BF:C0:9C:80:BA:50:B9:1C:14:12:30:DC:A3:24:DC:13:70
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214428.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:845::/48
Signature Algorithm: sha256WithRSAEncryption
5e:c7:1b:23:8c:0f:47:7b:21:ea:d8:cc:40:ae:4b:78:be:72:
31:95:d4:39:e7:12:bb:b0:a6:ac:1b:70:49:53:9e:d9:fc:68:
11:ae:a4:16:6e:38:1c:d2:d7:90:f6:1d:02:ac:30:06:0a:95:
10:60:3c:ed:5f:06:fd:8d:87:92:94:84:b3:e1:ec:69:50:bf:
4f:23:9b:e7:f6:6b:c7:93:b7:fe:09:1d:1b:aa:01:85:5f:c3:
77:9b:01:91:ab:93:7b:f7:c2:d4:2a:43:db:e4:29:7a:d5:c2:
91:4c:9b:80:a5:0a:2a:7c:04:9f:5a:24:27:9a:ee:27:ed:63:
da:cf:94:c9:05:79:ce:e2:12:00:07:4d:e5:8d:56:2c:7c:9e:
f0:a6:51:63:6a:26:fa:97:20:3e:6a:88:ed:0a:25:32:d9:6b:
23:94:67:68:cf:90:60:5e:ec:a6:25:7d:b3:6e:d6:24:73:df:
9c:ee:0b:5c:fd:49:19:49:64:23:72:60:03:c1:4e:90:67:8a:
8d:82:31:4b:da:19:ea:80:a4:39:44:9d:14:ee:2e:86:83:35:
de:8b:0a:41:8c:c2:c2:25:07:97:2c:03:9b:1c:70:32:06:2c:
1e:67:08:da:74:ad:28:4e:68:16:3a:41:3b:0a:56:5d:81:1d:
76:28:48:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUddNKuH5X6nGPJ+QL+gGQFmELZEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNDEyMTcwMDQxMDlaFw0yNTEyMTYwMDQ2MDlaMDMxMTAvBgNV
BAMTKEM3OERCQUJGQzA5QzgwQkE1MEI5MUMxNDEyMzBEQ0EzMjREQzEzNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMm/bIlKaf4offIvgs49WqliHs
qVG9GVC22UlI5XNR9QEKF6i6rWHeeevstSFIvdUlO9nohViNB8khD0vHbo6NL+UJ
RDCj8LgzXaDOJYM8/K/Q68HMdiWX9n3ErkhRY9b4aKZ06VZQfnfDcxIR0w22G+Iq
6KAbxkQhXuotNpKE6+pjxuAE61c7Qreh80kQPglJRZJCYq++CQIq/InNl69/BB8f
dQM8vQrXN+O7isPEejmr9pqwWx6VDEQhSKgQ3Hs0+oy9Pp2PPeGFVVeh/L8VtFJ7
PV2hV3GhAsUmmXQGKAsg2S89tC8n65Wr6SJ+Y0oxQFb7U4qJ+o3IaBk2h8KTAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUx426v8CcgLpQuRwUEjDcoyTcE3AwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NDI4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQhFMA0GCSqGSIb3DQEBCwUAA4IBAQBexxsjjA9HeyHq2MxArkt4vnIxldQ55xK7
sKasG3BJU57Z/GgRrqQWbjgc0teQ9h0CrDAGCpUQYDztXwb9jYeSlISz4expUL9P
I5vn9mvHk7f+CR0bqgGFX8N3mwGRq5N798LUKkPb5Cl61cKRTJuApQoqfASfWiQn
mu4n7WPaz5TJBXnO4hIAB03ljVYsfJ7wplFjaib6lyA+aojtCiUy2WsjlGdoz5Bg
XuymJX2zbtYkc9+c7gtc/UkZSWQjcmADwU6QZ4qNgjFL2hnqgKQ5RJ0U7i6GgzXe
iwpBjMLCJQeXLAObHHAyBiweZwjadK0oTmgWOkE7ClZdgR12KEjm
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:23:55 2025 by rpki-client