Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214258.roa
File: AS214258.roa (raw, json)
Hash identifier: 5GprnKyEOgudM6hpjVsumu5T1DF7faK9KBGPfECkHmk=
Subject key identifier: 7E:68:17:26:E7:13:B8:E6:61:2A:56:9F:3F:6A:CC:C6:03:4B:E7:6B
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 13551AA8B83B9131FFC355D17A262E4DFDF5705F
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214258.roa
Signing time: Tue 04 Feb 2025 00:17:10 +0000
ROA not before: Tue 04 Feb 2025 00:12:10 +0000
ROA not after: Tue 03 Feb 2026 00:17:10 +0000
asID: 214258
IP address blocks: 2a14:7580:ff30::/44 maxlen: 48
2a14:7581:fc0::/44 maxlen: 48
2a14:7581:9b00::/40 maxlen: 48
2a14:7581:9f00::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:55:1a:a8:b8:3b:91:31:ff:c3:55:d1:7a:26:2e:4d:fd:f5:70:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:10 2025 GMT
Not After : Feb 3 00:17:10 2026 GMT
Subject: CN=7E681726E713B8E6612A569F3F6ACCC6034BE76B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ff:a3:97:db:d2:5d:85:f8:02:7f:3c:dc:e4:
61:b0:eb:9d:ea:33:c7:4a:2e:40:9a:c9:a1:c5:7d:
a3:02:8e:7f:7a:e7:48:30:35:e0:7f:74:11:88:ba:
39:09:46:b4:92:63:49:3a:5f:ca:5e:e0:0b:46:23:
b0:36:a9:fa:ed:6f:e5:97:11:d4:6b:43:59:7d:e5:
21:7f:21:b9:f1:93:10:b4:33:e1:6f:57:08:57:94:
57:db:28:73:3e:88:79:dd:21:28:1c:47:c1:ef:bc:
ac:64:d3:fe:dd:ac:78:21:a8:b4:31:f3:a0:1f:51:
17:12:b9:12:68:e3:ce:0f:0d:f3:12:f7:27:2b:88:
b2:13:5b:0d:3a:23:7a:11:90:fe:d7:d6:c0:d0:99:
c8:b9:ff:75:fa:b9:97:17:5e:98:55:45:e5:a4:07:
86:a9:ca:f5:be:ee:62:ff:8a:46:5c:38:7f:c0:91:
ab:04:88:39:1c:a9:66:96:c9:66:8e:e9:54:8c:c5:
c1:f1:dd:1e:5d:4c:d1:b4:59:2f:04:d2:2d:b5:e3:
47:42:95:84:fd:2f:59:82:24:34:e0:a3:b2:bb:20:
86:70:be:3a:69:c2:56:f3:61:b2:ab:67:52:92:ae:
86:db:8c:a7:16:68:c6:15:a5:cc:f8:db:7a:ef:63:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:68:17:26:E7:13:B8:E6:61:2A:56:9F:3F:6A:CC:C6:03:4B:E7:6B
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214258.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ff30::/44
2a14:7581:fc0::/44
2a14:7581:9b00::/40
2a14:7581:9f00::/44
Signature Algorithm: sha256WithRSAEncryption
57:9c:f9:be:a9:3e:99:52:34:55:e9:e5:e2:a3:05:e7:b9:a5:
05:7f:83:6c:de:99:fc:60:7b:6d:31:bd:f4:b6:e9:c9:4e:79:
29:67:21:d9:60:c6:cf:1a:2b:77:33:d3:8d:85:44:ce:e2:f0:
b0:f1:b3:2c:4f:13:44:d8:9e:b6:f4:86:d7:9e:5a:f0:3e:ac:
cb:cd:eb:9a:89:36:22:79:06:36:c4:57:0a:28:4d:84:fd:08:
ef:67:b3:4d:b2:3b:cf:12:8c:92:2c:24:54:9e:50:32:a2:8d:
a6:82:be:04:24:cc:e6:fb:16:7d:05:4c:50:74:10:a3:1f:42:
30:2e:e2:d7:30:3c:94:f0:74:e1:3e:8b:44:71:59:9d:46:af:
91:05:70:5b:83:6f:ca:b1:4a:48:04:12:6d:7a:48:c8:00:7b:
14:b3:6f:a9:2f:f2:e3:9f:6b:7d:29:18:1e:2f:95:58:f7:a5:
2e:f9:a0:b0:1d:0e:d7:51:bc:47:54:74:10:73:cb:af:d7:91:
6d:55:9c:4d:cb:e2:99:45:96:c5:0e:01:ba:e2:42:d2:f6:a3:
63:a2:a6:cf:a9:29:2e:df:71:e6:7b:60:99:58:34:f9:dc:2f:
b6:8a:87:da:ad:a3:d0:7c:2c:a6:7e:27:07:c9:07:ec:56:de:
fd:c3:47:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUE1UaqLg7kTH/w1XReiYuTf31cF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMTBaFw0yNjAyMDMwMDE3MTBaMDMxMTAvBgNV
BAMTKDdFNjgxNzI2RTcxM0I4RTY2MTJBNTY5RjNGNkFDQ0M2MDM0QkU3NkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0/6OX29JdhfgCfzzc5GGw653q
M8dKLkCayaHFfaMCjn9650gwNeB/dBGIujkJRrSSY0k6X8pe4AtGI7A2qfrtb+WX
EdRrQ1l95SF/IbnxkxC0M+FvVwhXlFfbKHM+iHndISgcR8HvvKxk0/7drHghqLQx
86AfURcSuRJo484PDfMS9ycriLITWw06I3oRkP7X1sDQmci5/3X6uZcXXphVReWk
B4apyvW+7mL/ikZcOH/AkasEiDkcqWaWyWaO6VSMxcHx3R5dTNG0WS8E0i2140dC
lYT9L1mCJDTgo7K7IIZwvjppwlbzYbKrZ1KSrobbjKcWaMYVpcz423rvY/MBAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUfmgXJucTuOZhKlafP2rMxgNL52swHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0MjU4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwcEKhR1
gP8wAwcEKhR1gQ/AAwYAKhR1gZsDBwQqFHWBnwAwDQYJKoZIhvcNAQELBQADggEB
AFec+b6pPplSNFXp5eKjBee5pQV/g2zemfxge20xvfS26clOeSlnIdlgxs8aK3cz
042FRM7i8LDxsyxPE0TYnrb0hteeWvA+rMvN65qJNiJ5BjbEVwooTYT9CO9ns02y
O88SjJIsJFSeUDKijaaCvgQkzOb7Fn0FTFB0EKMfQjAu4tcwPJTwdOE+i0RxWZ1G
r5EFcFuDb8qxSkgEEm16SMgAexSzb6kv8uOfa30pGB4vlVj3pS75oLAdDtdRvEdU
dBBzy6/XkW1VnE3L4plFlsUOAbriQtL2o2Oips+pKS7fceZ7YJlYNPncL7aKh9qt
o9B8LKZ+JwfJB+xW3v3DRxo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:51 2025 by rpki-client