Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: WJOcB0v8PFwAWL6+96A77va8vT9HTahB1I8zBLRHAQc=
Subject key identifier: 94:C2:60:1A:4A:A3:CE:D0:41:AB:14:39:D7:F3:75:8F:C3:F6:CE:EA
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2613A5BBB43D13C946DACE46B66A622FEA121799
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
Signing time: Tue 04 Feb 2025 00:17:07 +0000
ROA not before: Tue 04 Feb 2025 00:12:07 +0000
ROA not after: Tue 03 Feb 2026 00:17:07 +0000
asID: 20473
IP address blocks: 2a14:7581:f70::/48 maxlen: 48
2a14:7581:f71::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:13:a5:bb:b4:3d:13:c9:46:da:ce:46:b6:6a:62:2f:ea:12:17:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:07 2025 GMT
Not After : Feb 3 00:17:07 2026 GMT
Subject: CN=94C2601A4AA3CED041AB1439D7F3758FC3F6CEEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f1:e3:9b:89:7e:93:19:dd:b2:38:ff:86:73:
cf:14:8a:9e:61:e2:35:72:4f:57:e5:a9:92:f0:b3:
47:64:63:f3:cc:07:6c:6b:68:1e:0d:c0:60:2f:93:
8a:22:53:b9:26:83:17:53:44:93:c5:bd:dc:cb:9a:
b1:2f:ef:f9:db:a2:99:4f:e1:c9:74:20:56:de:19:
b2:8b:1b:5c:7c:4e:3d:03:e5:9e:93:0f:e6:2a:19:
55:ef:94:89:fe:86:c0:08:68:66:89:52:34:c3:a0:
f9:c1:d0:cb:79:d8:25:83:c8:45:29:e7:4d:7f:62:
cf:bf:0c:c8:eb:98:64:d7:df:42:42:f6:86:79:40:
9e:75:3b:23:08:99:64:dc:4e:c8:8d:a0:51:41:26:
0d:35:a7:54:d1:11:cb:7b:f7:6c:36:4b:30:0b:0f:
3b:1c:45:3d:e2:30:f4:f3:72:1d:e4:33:e6:09:0b:
81:fc:d5:e3:14:f3:3b:9d:ce:18:a3:95:9c:b8:77:
37:5f:92:cf:bb:a9:c5:d1:bd:aa:06:86:fb:bd:52:
4c:9c:15:47:92:58:6a:cb:54:41:df:e8:37:25:a3:
c1:52:b6:fe:d4:51:b3:82:a9:a9:ef:2f:e2:5f:a2:
86:e5:ce:a6:48:2f:02:f6:23:69:cd:c0:ff:b2:08:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C2:60:1A:4A:A3:CE:D0:41:AB:14:39:D7:F3:75:8F:C3:F6:CE:EA
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:f70::/47
Signature Algorithm: sha256WithRSAEncryption
8b:5b:da:b8:7a:9a:8f:fc:df:64:8e:6b:fe:a4:83:fa:25:07:
72:c8:34:b6:45:75:71:1a:17:34:25:a5:42:df:c5:3c:38:17:
73:2e:b0:cc:7b:56:c1:00:36:58:14:09:f7:d0:9b:e0:35:b0:
41:7b:1f:0c:1c:3f:7e:99:2e:51:cc:fb:5f:28:ce:a9:06:32:
9b:d1:52:47:4d:24:e5:58:9f:65:87:44:1c:26:28:6f:8a:10:
af:0f:cc:91:b2:06:8c:c1:f3:01:4d:2c:21:8a:42:70:c9:08:
df:04:3e:24:31:6f:12:59:e7:25:13:47:1b:fd:fd:c5:97:18:
20:3c:09:f6:bd:94:39:02:d7:f3:af:4d:a9:43:ef:fe:25:ea:
73:39:5c:d7:85:5e:79:12:13:f5:d7:f5:71:c5:e6:72:6c:62:
22:e7:92:11:6a:cc:0e:b1:dd:74:37:04:ce:94:ce:73:e8:ba:
de:b8:fd:67:39:70:03:f2:78:30:b6:ee:ac:ea:5d:e6:ea:e7:
30:11:ca:69:3e:82:42:7b:bf:82:fb:25:32:d2:d5:af:08:f2:
f6:d2:ef:43:97:a9:73:89:7c:30:8a:8d:fe:5c:da:21:98:d3:
d6:28:25:75:e9:33:bf:11:2e:55:7d:6c:7b:25:6f:b6:d0:92:
62:da:e5:22
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUJhOlu7Q9E8lG2s5GtmpiL+oSF5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDdaFw0yNjAyMDMwMDE3MDdaMDMxMTAvBgNV
BAMTKDk0QzI2MDFBNEFBM0NFRDA0MUFCMTQzOUQ3RjM3NThGQzNGNkNFRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI8eObiX6TGd2yOP+Gc88Uip5h
4jVyT1flqZLws0dkY/PMB2xraB4NwGAvk4oiU7kmgxdTRJPFvdzLmrEv7/nboplP
4cl0IFbeGbKLG1x8Tj0D5Z6TD+YqGVXvlIn+hsAIaGaJUjTDoPnB0Mt52CWDyEUp
501/Ys+/DMjrmGTX30JC9oZ5QJ51OyMImWTcTsiNoFFBJg01p1TREct792w2SzAL
DzscRT3iMPTzch3kM+YJC4H81eMU8zudzhijlZy4dzdfks+7qcXRvaoGhvu9Ukyc
FUeSWGrLVEHf6Dclo8FStv7UUbOCqanvL+JfooblzqZILwL2I2nNwP+yCMq5AgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUlMJgGkqjztBBqxQ51/N1j8P2zuowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwEqFHWB
D3AwDQYJKoZIhvcNAQELBQADggEBAItb2rh6mo/832SOa/6kg/olB3LINLZFdXEa
FzQlpULfxTw4F3MusMx7VsEANlgUCffQm+A1sEF7HwwcP36ZLlHM+18ozqkGMpvR
UkdNJOVYn2WHRBwmKG+KEK8PzJGyBozB8wFNLCGKQnDJCN8EPiQxbxJZ5yUTRxv9
/cWXGCA8Cfa9lDkC1/OvTalD7/4l6nM5XNeFXnkSE/XX9XHF5nJsYiLnkhFqzA6x
3XQ3BM6UznPout64/Wc5cAPyeDC27qzqXebq5zARymk+gkJ7v4L7JTLS1a8I8vbS
70OXqXOJfDCKjf5c2iGY09YoJXXpM78RLlV9bHslb7bQkmLa5SI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:53 2025 by rpki-client