Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa
File: AS214456.roa (raw, json)
Hash identifier: Zp0pfFq/0C3t3tNpHNZuQEcshJCyCR8Q+D9RDP/d0ew=
Subject key identifier: 7B:91:AC:65:B8:73:D2:01:D6:88:9A:33:C0:97:8E:15:D6:05:4B:E2
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 139CA97CC7689B0CB7C3CCAC8DDABC7F63FB36A6
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa
Signing time: Tue 04 Feb 2025 00:17:07 +0000
ROA not before: Tue 04 Feb 2025 00:12:07 +0000
ROA not after: Tue 03 Feb 2026 00:17:07 +0000
asID: 214456
IP address blocks: 2a14:7581:300::/40 maxlen: 48
2a14:7581:c00::/40 maxlen: 48
2a14:7581:fe1::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:9c:a9:7c:c7:68:9b:0c:b7:c3:cc:ac:8d:da:bc:7f:63:fb:36:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:07 2025 GMT
Not After : Feb 3 00:17:07 2026 GMT
Subject: CN=7B91AC65B873D201D6889A33C0978E15D6054BE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9c:8b:34:26:b6:26:4c:0d:1c:0e:2e:ef:dc:
77:03:9b:b0:7d:e3:3e:24:40:31:f2:a8:b0:a4:74:
3b:92:04:61:4b:8f:76:be:bf:d2:59:b3:e1:0e:6f:
a4:a6:c7:ea:05:f0:78:cc:e5:c8:1c:42:d8:67:9b:
ad:94:18:5f:d8:9a:d5:a6:25:57:e1:f6:ae:ac:3a:
68:a3:d6:e4:e3:a1:f2:c0:56:a9:75:c0:f8:f2:a3:
42:1d:37:26:ac:4d:2b:73:d5:30:9a:97:db:93:57:
8b:41:f0:d3:27:da:41:09:b6:2c:6a:51:c0:60:d6:
61:da:02:f5:7a:2e:59:8d:c4:85:82:d6:05:4f:a9:
ee:18:16:35:99:ab:24:13:3d:55:d7:c0:1e:a5:99:
88:f8:f9:30:13:a2:96:b0:6a:97:45:2a:0c:3d:78:
07:33:6c:0a:76:28:e3:6e:2c:48:b1:0d:f2:83:c6:
64:20:4b:a6:0d:ee:56:03:21:d3:d6:f8:06:80:83:
d8:c0:1f:5a:ee:6a:7d:7b:04:70:ef:b5:9c:d0:4d:
e6:4c:b6:01:e1:de:22:67:a7:da:49:a7:a7:29:25:
b1:74:d6:f9:63:79:85:2e:1e:52:51:f2:ab:c8:79:
e7:33:af:e4:be:8b:be:8b:3f:2b:a4:98:8f:00:e7:
ef:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:91:AC:65:B8:73:D2:01:D6:88:9A:33:C0:97:8E:15:D6:05:4B:E2
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:300::/40
2a14:7581:c00::/40
2a14:7581:fe1::/48
Signature Algorithm: sha256WithRSAEncryption
63:5d:dd:ad:59:5c:f9:36:c6:3b:98:fd:5b:f1:68:9c:e5:02:
4b:20:cd:f8:07:22:0a:98:0d:5c:a2:c4:b3:44:fc:27:ca:e8:
d9:3d:97:ad:1b:4e:f9:fa:3c:76:90:72:60:16:37:bd:d8:55:
11:36:c5:37:ec:ba:e8:c5:0a:b7:0f:10:71:ab:0c:4d:1b:f9:
80:28:00:c1:99:78:5a:a6:0e:39:f7:7b:ba:7e:f9:54:2a:b6:
39:4a:2c:7f:b6:e3:83:e6:5a:92:a3:bf:54:08:62:aa:7f:f8:
23:0c:9c:54:6c:d0:56:d9:76:2e:1d:f7:3a:f5:86:f6:ff:be:
32:3a:f2:55:a6:21:8a:c4:7c:df:b2:7d:b1:32:30:06:21:6b:
e9:63:84:72:78:42:51:be:d5:2f:63:15:b0:70:f1:02:eb:3a:
dc:05:f7:76:59:fd:2d:09:d5:24:ef:b2:1f:94:55:12:b5:c9:
87:08:33:79:4d:79:de:e7:c0:5d:af:3c:ea:72:15:d9:5e:bb:
e3:a0:4c:9a:8e:a1:2c:09:e5:e2:3d:e6:5d:5d:1c:35:2b:77:
2f:a9:e3:62:ea:d2:25:4d:59:3f:97:8d:eb:96:a0:48:9e:96:
2b:5b:66:b0:6d:f3:df:99:cc:1a:22:4b:90:4c:b3:75:a6:3b:
5e:5a:47:8b
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIUE5ypfMdomwy3w8ysjdq8f2P7NqYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDdaFw0yNjAyMDMwMDE3MDdaMDMxMTAvBgNV
BAMTKDdCOTFBQzY1Qjg3M0QyMDFENjg4OUEzM0MwOTc4RTE1RDYwNTRCRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRnIs0JrYmTA0cDi7v3HcDm7B9
4z4kQDHyqLCkdDuSBGFLj3a+v9JZs+EOb6Smx+oF8HjM5cgcQthnm62UGF/YmtWm
JVfh9q6sOmij1uTjofLAVql1wPjyo0IdNyasTStz1TCal9uTV4tB8NMn2kEJtixq
UcBg1mHaAvV6LlmNxIWC1gVPqe4YFjWZqyQTPVXXwB6lmYj4+TATopawapdFKgw9
eAczbAp2KONuLEixDfKDxmQgS6YN7lYDIdPW+AaAg9jAH1ruan17BHDvtZzQTeZM
tgHh3iJnp9pJp6cpJbF01vljeYUuHlJR8qvIeeczr+S+i76LPyukmI8A5+9DAgMB
AAGjggIdMIICGTAdBgNVHQ4EFgQUe5GsZbhz0gHWiJozwJeOFdYFS+IwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NDU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYAKhR1
gQMDBgAqFHWBDAMHACoUdYEP4TANBgkqhkiG9w0BAQsFAAOCAQEAY13drVlc+TbG
O5j9W/FonOUCSyDN+AciCpgNXKLEs0T8J8ro2T2XrRtO+fo8dpByYBY3vdhVETbF
N+y66MUKtw8QcasMTRv5gCgAwZl4WqYOOfd7un75VCq2OUosf7bjg+ZakqO/VAhi
qn/4IwycVGzQVtl2Lh33OvWG9v++MjryVaYhisR837J9sTIwBiFr6WOEcnhCUb7V
L2MVsHDxAus63AX3dln9LQnVJO+yH5RVErXJhwgzeU153ufAXa886nIV2V6746BM
mo6hLAnl4j3mXV0cNSt3L6njYurSJU1ZP5eN65agSJ6WK1tmsG3z35nMGiJLkEyz
daY7XlpHiw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:55 2025 by rpki-client