Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214731.roa
File: AS214731.roa (raw, json)
Hash identifier: AFsl/YB45gbn6bu9oVXCLuL41Y8NRskk/Vg9nYTNN4I=
Subject key identifier: CA:96:58:0E:E7:CA:27:5A:60:56:60:9D:49:DD:A6:D3:9C:EC:72:C5
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5B677D619794EFDE6E10D98848C7FF8AE5A29372
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214731.roa
Signing time: Wed 15 Jan 2025 02:16:25 +0000
ROA not before: Wed 15 Jan 2025 02:11:25 +0000
ROA not after: Wed 14 Jan 2026 02:16:25 +0000
asID: 214731
IP address blocks: 2a0f:85c1:b44::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:67:7d:61:97:94:ef:de:6e:10:d9:88:48:c7:ff:8a:e5:a2:93:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 15 02:11:25 2025 GMT
Not After : Jan 14 02:16:25 2026 GMT
Subject: CN=CA96580EE7CA275A6056609D49DDA6D39CEC72C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0d:dc:7c:1b:85:14:c1:e4:c1:99:8e:d8:91:
98:f3:8d:6c:14:8a:b4:08:14:47:47:4e:79:2b:ee:
01:12:2d:34:9c:8a:98:f8:0c:ff:2d:e9:67:49:98:
0b:8a:44:71:5f:fd:bb:08:45:a1:c5:8d:ae:35:c1:
6b:03:a0:d4:17:ee:90:82:f9:69:c8:c7:c0:d5:d3:
11:59:a8:af:b9:2c:40:e7:58:89:a0:eb:34:1c:5f:
f8:f7:c6:98:c8:75:bc:16:b9:91:83:9d:44:e8:f4:
25:78:0d:3e:41:4e:c4:bb:f9:53:4b:71:4c:18:ac:
c1:fa:34:44:17:18:58:a1:d9:7a:f6:b1:eb:8d:46:
5b:50:ce:d1:38:29:21:61:dd:b7:16:a0:df:13:f3:
5c:fb:5c:e7:84:d6:af:4a:14:d6:7e:47:90:b1:cf:
ac:03:47:1f:cd:4b:ad:58:33:44:47:c3:00:96:4e:
88:9f:0e:78:9b:86:4c:35:64:4a:a7:69:8e:d4:29:
a4:f2:a8:a8:89:6d:17:c3:f9:46:e1:f8:69:42:bc:
9d:b9:52:01:db:af:f4:15:b7:b7:05:7a:9c:98:ea:
d1:d2:8a:76:a6:4d:39:98:2d:17:e1:63:29:f1:b0:
90:32:3e:18:6f:84:ac:9d:29:3c:98:c9:87:d0:8b:
e9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:96:58:0E:E7:CA:27:5A:60:56:60:9D:49:DD:A6:D3:9C:EC:72:C5
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS214731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b44::/48
Signature Algorithm: sha256WithRSAEncryption
02:9d:93:02:db:39:8a:e9:13:a0:41:3b:7d:52:f6:31:30:0f:
01:f3:55:15:0f:69:1b:3e:5e:23:ca:a1:fe:ab:45:1b:d1:63:
cc:00:be:b3:0b:8e:e6:35:63:5b:bf:be:87:9b:5c:85:a6:28:
43:c0:5b:cb:41:d5:ef:1d:cf:15:2b:07:67:05:0e:7c:0d:92:
b0:19:99:de:ca:ca:ce:09:71:7e:ce:08:57:42:57:60:c9:84:
50:41:48:16:cf:db:54:bc:69:78:1a:4a:77:47:16:af:b2:cb:
e1:f0:d3:30:68:fc:dc:50:54:33:9b:ac:68:a9:59:2d:52:b1:
4c:d8:c3:66:9a:45:2d:0f:07:3d:fb:51:b1:05:7e:ca:ee:b7:
e6:e4:e4:d9:b2:44:cd:7d:91:0b:86:2d:27:cd:88:84:f5:a0:
77:9f:45:0e:89:d6:cd:a9:6c:97:2e:36:20:d6:15:5b:11:3f:
71:2c:60:57:50:73:d7:3b:c5:a9:81:d5:14:1a:92:39:38:77:
53:b1:a0:98:97:bb:de:0b:e7:51:40:e6:88:92:25:c2:09:80:
37:95:26:86:40:e5:54:25:98:dc:9c:79:a9:d3:28:0f:a6:f7:
b1:bb:d0:fe:23:18:17:f0:fe:71:9d:40:55:81:ee:f4:24:c6:
88:bf:6c:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUW2d9YZeU795uENmISMf/iuWik3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTUwMjExMjVaFw0yNjAxMTQwMjE2MjVaMDMxMTAvBgNV
BAMTKENBOTY1ODBFRTdDQTI3NUE2MDU2NjA5RDQ5RERBNkQzOUNFQzcyQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGDdx8G4UUweTBmY7YkZjzjWwU
irQIFEdHTnkr7gESLTScipj4DP8t6WdJmAuKRHFf/bsIRaHFja41wWsDoNQX7pCC
+WnIx8DV0xFZqK+5LEDnWImg6zQcX/j3xpjIdbwWuZGDnUTo9CV4DT5BTsS7+VNL
cUwYrMH6NEQXGFih2Xr2seuNRltQztE4KSFh3bcWoN8T81z7XOeE1q9KFNZ+R5Cx
z6wDRx/NS61YM0RHwwCWToifDnibhkw1ZEqnaY7UKaTyqKiJbRfD+Ubh+GlCvJ25
UgHbr/QVt7cFepyY6tHSinamTTmYLRfhYynxsJAyPhhvhKydKTyYyYfQi+mhAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUypZYDufKJ1pgVmCdSd2m05zscsUwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE0NzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQtEMA0GCSqGSIb3DQEBCwUAA4IBAQACnZMC2zmK6ROgQTt9UvYxMA8B81UVD2kb
Pl4jyqH+q0Ub0WPMAL6zC47mNWNbv76Hm1yFpihDwFvLQdXvHc8VKwdnBQ58DZKw
GZneysrOCXF+zghXQldgyYRQQUgWz9tUvGl4Gkp3Rxavssvh8NMwaPzcUFQzm6xo
qVktUrFM2MNmmkUtDwc9+1GxBX7K7rfm5OTZskTNfZELhi0nzYiE9aB3n0UOidbN
qWyXLjYg1hVbET9xLGBXUHPXO8WpgdUUGpI5OHdTsaCYl7veC+dRQOaIkiXCCYA3
lSaGQOVUJZjcnHmp0ygPpvexu9D+IxgX8P5xnUBVge70JMaIv2xh
-----END CERTIFICATE-----
Generated at Thu Apr 10 02:00:34 2025 by rpki-client