Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215277.roa
File: AS215277.roa (raw, json)
Hash identifier: xOvE8u0Oju3QZMe9tkMOjhqVWDxlLUqQoHeDuauWhe0=
Subject key identifier: 20:CB:F1:41:8C:BA:F4:C8:BC:A1:88:0A:41:54:DA:22:3B:9D:41:35
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 4A96B68EE7E8BAC80FF606E6C1A430FF6E96E606
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215277.roa
Signing time: Sun 16 Feb 2025 18:00:10 +0000
ROA not before: Sun 16 Feb 2025 17:55:10 +0000
ROA not after: Sun 15 Feb 2026 18:00:10 +0000
asID: 215277
IP address blocks: 2a0f:85c1:35b::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:96:b6:8e:e7:e8:ba:c8:0f:f6:06:e6:c1:a4:30:ff:6e:96:e6:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Feb 16 17:55:10 2025 GMT
Not After : Feb 15 18:00:10 2026 GMT
Subject: CN=20CBF1418CBAF4C8BCA1880A4154DA223B9D4135
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c4:21:a2:91:76:8e:35:c6:b1:76:4e:35:1e:
f6:cf:80:d0:19:06:97:1b:71:2d:9e:e0:14:0e:b8:
c0:65:c3:70:7b:9a:3b:b2:12:33:a4:05:93:0a:7f:
1c:72:6c:b0:b5:e7:e5:77:0b:e4:b4:bc:ad:86:bd:
2f:be:45:d6:f1:c0:0d:c6:13:a4:8f:75:53:8c:4e:
70:ae:89:cc:57:87:88:88:3a:3b:fe:17:37:20:4b:
bb:d0:fa:60:80:24:09:36:41:57:d6:7d:54:9b:17:
c7:1b:94:89:a4:99:de:c0:b7:01:02:6b:e8:e2:0e:
17:f7:b1:b0:6c:96:5a:1e:0e:af:5c:bc:f3:37:23:
e2:69:21:2a:6e:6a:cf:6c:dd:19:0b:b1:78:59:00:
86:b0:d3:2a:c1:dc:21:e9:02:59:b7:8b:b0:35:75:
12:d8:9d:b7:cf:fb:45:3e:54:5e:2e:3b:cc:e5:32:
f3:53:01:7b:5f:5b:0d:88:c5:0c:00:50:51:d3:65:
b6:5e:11:e6:92:f1:22:63:ff:5d:12:f8:47:8d:b5:
a6:22:f2:93:a0:40:cb:08:da:b1:29:f6:b7:55:0a:
22:12:9c:92:ff:37:24:1c:e0:82:e6:3b:b7:93:1a:
5d:39:ea:4e:1f:71:2a:e5:f6:c6:cc:8c:91:be:52:
55:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:CB:F1:41:8C:BA:F4:C8:BC:A1:88:0A:41:54:DA:22:3B:9D:41:35
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS215277.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:35b::/48
Signature Algorithm: sha256WithRSAEncryption
07:3e:97:60:f9:fb:da:bd:28:e6:96:69:ab:fe:1c:34:ae:ec:
88:cd:24:a4:a6:fd:66:5b:65:72:39:a3:a4:01:ca:6a:b3:b9:
53:01:3d:dc:1f:47:fb:35:eb:a1:f3:e4:36:19:bc:8c:25:e6:
d9:e1:ac:8f:18:b0:4c:46:22:48:47:3e:d5:cd:68:62:f4:96:
26:60:20:8f:d3:40:32:ff:95:ab:6c:38:52:2f:76:95:7e:d3:
c3:aa:4b:10:f5:40:67:3d:2d:d6:79:46:d0:33:1b:fc:57:84:
e3:d2:2e:d9:02:e1:99:91:50:ec:88:5a:22:f7:6c:b2:7a:cb:
24:fa:f0:23:4f:96:0f:b4:8d:41:91:32:3a:26:0f:74:34:13:
e9:e2:f0:bf:76:f6:4f:3d:de:4b:69:57:97:ff:86:af:1c:60:
fd:98:e9:e8:e1:3c:1a:65:70:3f:9c:3a:82:a2:49:fe:0e:06:
09:6e:89:28:ea:ab:0a:69:7b:f1:5c:60:b1:f0:60:89:e3:bf:
73:8a:89:1d:74:51:bb:1e:49:b0:1a:b0:ad:7a:72:ad:8c:45:
c9:12:df:16:46:29:03:01:08:69:ca:0e:96:23:58:c0:8c:f8:
17:a0:52:e3:84:43:dc:7c:2a:6e:70:52:19:6a:e6:e8:5a:31:
13:31:f4:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUSpa2jufousgP9gbmwaQw/26W5gYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAyMTYxNzU1MTBaFw0yNjAyMTUxODAwMTBaMDMxMTAvBgNV
BAMTKDIwQ0JGMTQxOENCQUY0QzhCQ0ExODgwQTQxNTREQTIyM0I5RDQxMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfxCGikXaONcaxdk41HvbPgNAZ
BpcbcS2e4BQOuMBlw3B7mjuyEjOkBZMKfxxybLC15+V3C+S0vK2GvS++RdbxwA3G
E6SPdVOMTnCuicxXh4iIOjv+FzcgS7vQ+mCAJAk2QVfWfVSbF8cblImkmd7AtwEC
a+jiDhf3sbBslloeDq9cvPM3I+JpISpuas9s3RkLsXhZAIaw0yrB3CHpAlm3i7A1
dRLYnbfP+0U+VF4uO8zlMvNTAXtfWw2IxQwAUFHTZbZeEeaS8SJj/10S+EeNtaYi
8pOgQMsI2rEp9rdVCiISnJL/NyQc4ILmO7eTGl056k4fcSrl9sbMjJG+UlXzAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIMvxQYy69Mi8oYgKQVTaIjudQTUwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE1Mjc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQNbMA0GCSqGSIb3DQEBCwUAA4IBAQAHPpdg+fvavSjmlmmr/hw0ruyIzSSkpv1m
W2VyOaOkAcpqs7lTAT3cH0f7Neuh8+Q2GbyMJebZ4ayPGLBMRiJIRz7VzWhi9JYm
YCCP00Ay/5WrbDhSL3aVftPDqksQ9UBnPS3WeUbQMxv8V4Tj0i7ZAuGZkVDsiFoi
92yyessk+vAjT5YPtI1BkTI6Jg90NBPp4vC/dvZPPd5LaVeX/4avHGD9mOno4Twa
ZXA/nDqCokn+DgYJboko6qsKaXvxXGCx8GCJ479ziokddFG7HkmwGrCtenKtjEXJ
Et8WRikDAQhpyg6WI1jAjPgXoFLjhEPcfCpucFIZauboWjETMfS8
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:40 2025 by rpki-client