Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216072.roa
File: AS216072.roa (raw, json)
Hash identifier: krvvJlQtTbU33anocyl1j9Hq4lyWm1VH/PJnZchjKz8=
Subject key identifier: 97:0A:E5:E6:B6:88:0B:B0:3E:A9:33:A1:57:6F:1A:0B:8A:64:AD:0E
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5EB010EEF8380A1353530E5CFA5C4577B4A51A25
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216072.roa
Signing time: Wed 15 Jan 2025 02:27:37 +0000
ROA not before: Wed 15 Jan 2025 02:22:37 +0000
ROA not after: Wed 14 Jan 2026 02:27:37 +0000
asID: 216072
IP address blocks: 2a0f:85c1:b46::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:b0:10:ee:f8:38:0a:13:53:53:0e:5c:fa:5c:45:77:b4:a5:1a:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 15 02:22:37 2025 GMT
Not After : Jan 14 02:27:37 2026 GMT
Subject: CN=970AE5E6B6880BB03EA933A1576F1A0B8A64AD0E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:de:11:4c:15:1c:01:e8:ff:ff:85:56:ea:2b:
8e:59:5a:11:70:30:5d:75:f4:c7:b7:6a:3c:4d:2a:
eb:40:df:0b:46:2d:1c:2c:6c:33:52:87:c4:27:75:
54:4b:a4:79:a1:6d:dd:9a:03:91:03:66:ff:b4:a6:
e3:22:f8:a7:fb:e9:ca:61:ea:d5:32:a7:15:b0:62:
06:63:fd:37:63:b2:87:f4:0b:b3:49:42:4c:22:85:
90:00:0d:85:b0:65:5e:d2:8c:ef:f7:e4:6c:cb:c7:
93:c1:22:ec:58:ae:32:ea:d4:90:bc:0b:8b:ec:e2:
b2:1e:82:8f:69:c0:45:80:12:6c:67:a0:5b:b8:ec:
f1:5e:f1:eb:20:d4:20:b6:92:d0:2f:f9:02:51:f1:
c7:be:e2:7d:e4:b2:36:44:3f:7b:8a:a7:1e:37:95:
1e:ea:52:5e:6e:3a:bb:65:8f:a8:c3:4d:27:33:e1:
df:aa:80:36:fc:b9:93:bd:9c:c7:c6:5c:4f:cd:fa:
c5:bb:87:55:1e:b5:13:af:1e:e5:70:fe:47:96:00:
26:4e:f1:5e:bf:a0:33:54:3d:a0:1d:66:26:02:27:
dc:84:07:ff:9b:d2:76:c9:15:24:9a:c1:02:9e:22:
ac:a2:91:31:d8:ff:ce:3a:54:38:18:9c:e3:6b:23:
9e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:0A:E5:E6:B6:88:0B:B0:3E:A9:33:A1:57:6F:1A:0B:8A:64:AD:0E
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS216072.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b46::/48
Signature Algorithm: sha256WithRSAEncryption
78:93:51:94:25:44:2e:ce:71:79:d9:96:f9:c7:85:3f:27:40:
a4:ae:af:fd:c9:a4:44:75:49:69:28:19:03:fd:d1:c3:d9:8e:
fb:93:b4:62:97:d9:4e:15:46:88:09:e1:7a:fb:47:59:53:b5:
f4:e2:10:08:fc:29:0c:1a:df:f9:0c:a2:12:e1:09:56:1d:19:
99:48:0f:cd:47:f5:03:dd:6c:33:00:34:b6:62:02:7a:b9:96:
3b:78:6d:f2:06:11:4b:11:af:43:e5:eb:d7:30:1a:af:6f:20:
09:a6:51:8c:e3:70:84:84:5f:69:6f:91:5b:37:0c:6e:93:5d:
55:71:11:2d:43:fd:5d:ce:43:1c:03:e5:3c:64:60:e7:98:e5:
44:f6:25:6d:04:17:a3:c4:92:62:f5:98:a5:f1:3b:c8:39:d5:
4b:96:ae:74:c1:97:71:b6:b1:e3:88:2d:ec:4d:4f:a0:00:59:
d0:f6:a1:42:5a:34:c3:9a:b2:f9:1f:44:35:79:5a:33:03:3c:
f0:0a:71:c5:39:56:ab:f2:82:b8:af:dd:96:32:b4:25:0b:7d:
a1:0b:15:1c:95:8b:30:54:e5:eb:93:96:79:d1:ec:1b:2b:56:
fc:01:3e:e9:5f:2c:c8:88:a9:e6:b1:a0:bd:8c:b9:83:7e:6b:
9f:bd:d3:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXrAQ7vg4ChNTUw5c+lxFd7SlGiUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTUwMjIyMzdaFw0yNjAxMTQwMjI3MzdaMDMxMTAvBgNV
BAMTKDk3MEFFNUU2QjY4ODBCQjAzRUE5MzNBMTU3NkYxQTBCOEE2NEFEMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp3hFMFRwB6P//hVbqK45ZWhFw
MF119Me3ajxNKutA3wtGLRwsbDNSh8QndVRLpHmhbd2aA5EDZv+0puMi+Kf76cph
6tUypxWwYgZj/Tdjsof0C7NJQkwihZAADYWwZV7SjO/35GzLx5PBIuxYrjLq1JC8
C4vs4rIego9pwEWAEmxnoFu47PFe8esg1CC2ktAv+QJR8ce+4n3ksjZEP3uKpx43
lR7qUl5uOrtlj6jDTScz4d+qgDb8uZO9nMfGXE/N+sW7h1UetROvHuVw/keWACZO
8V6/oDNUPaAdZiYCJ9yEB/+b0nbJFSSawQKeIqyikTHY/846VDgYnONrI54tAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUlwrl5raIC7A+qTOhV28aC4pkrQ4wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjE2MDcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQtGMA0GCSqGSIb3DQEBCwUAA4IBAQB4k1GUJUQuznF52Zb5x4U/J0Ckrq/9yaRE
dUlpKBkD/dHD2Y77k7Ril9lOFUaICeF6+0dZU7X04hAI/CkMGt/5DKIS4QlWHRmZ
SA/NR/UD3WwzADS2YgJ6uZY7eG3yBhFLEa9D5evXMBqvbyAJplGM43CEhF9pb5Fb
Nwxuk11VcREtQ/1dzkMcA+U8ZGDnmOVE9iVtBBejxJJi9Zil8TvIOdVLlq50wZdx
trHjiC3sTU+gAFnQ9qFCWjTDmrL5H0Q1eVozAzzwCnHFOVar8oK4r92WMrQlC32h
CxUclYswVOXrk5Z50ewbK1b8AT7pXyzIiKnmsaC9jLmDfmufvdP9
-----END CERTIFICATE-----
Generated at Wed Apr 9 22:37:34 2025 by rpki-client