Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa
File: AS214488.roa (raw, json)
Hash identifier: 0NeFWOBmW/1P9iknzyi+U0l/MHYvi2XLQLjS8E/ByaE=
Subject key identifier: DD:2B:3D:B0:41:68:38:5C:87:10:14:4A:30:44:E6:84:E2:B1:6D:4F
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 2644D1EC196501F2E04993EE1CAD974166CC6302
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa
Signing time: Tue 04 Feb 2025 00:17:07 +0000
ROA not before: Tue 04 Feb 2025 00:12:07 +0000
ROA not after: Tue 03 Feb 2026 00:17:07 +0000
asID: 214488
IP address blocks: 2a14:7581:ff3::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:44:d1:ec:19:65:01:f2:e0:49:93:ee:1c:ad:97:41:66:cc:63:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:07 2025 GMT
Not After : Feb 3 00:17:07 2026 GMT
Subject: CN=DD2B3DB04168385C8710144A3044E684E2B16D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6a:e2:19:32:dc:3b:fa:09:35:5d:1b:b5:ea:
2c:b7:89:31:dd:a4:7f:47:2f:e5:3a:3b:a3:d8:6a:
dc:10:73:b8:8a:40:d0:05:45:be:e6:93:28:cb:b5:
87:4d:33:4a:24:39:00:87:f6:f3:60:05:d9:bf:ec:
9a:28:e7:47:94:78:f8:2a:07:1c:c3:5b:16:bc:61:
5a:5c:de:3c:7b:ca:42:de:2a:d1:56:9a:3c:60:6f:
2c:47:5f:c7:1e:99:6e:86:0f:a0:e9:b3:80:8d:6f:
54:e0:10:fe:f3:b2:09:bf:12:f5:f5:e8:9d:72:5c:
33:93:1f:02:b9:78:74:87:fe:a3:9a:51:16:f1:57:
37:33:f8:9b:54:47:67:c3:58:9a:23:25:79:12:96:
52:f0:84:1d:f0:01:02:d6:9e:42:45:47:23:a5:0f:
9e:bd:78:2a:6a:ae:b1:98:81:c6:14:6a:9b:35:58:
86:e0:e6:fd:6a:0f:c8:36:5a:2d:29:3a:43:c9:ec:
4b:a8:f8:4f:c6:52:10:a7:be:c9:59:8e:6b:a9:9b:
f3:a1:df:a1:a6:62:74:18:c5:c5:ba:db:dd:fb:08:
6b:1c:78:23:dc:ed:42:73:c6:4c:c2:5d:65:59:43:
cb:de:38:62:b9:29:0d:38:ad:ea:e5:56:2e:d0:77:
3b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:2B:3D:B0:41:68:38:5C:87:10:14:4A:30:44:E6:84:E2:B1:6D:4F
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ff3::/48
Signature Algorithm: sha256WithRSAEncryption
9b:15:b8:2f:78:97:43:3a:08:50:97:42:0f:8b:c9:cb:84:a3:
c1:4d:0c:89:cc:5d:11:78:83:c6:b9:e5:eb:73:49:f3:1f:0c:
81:6d:13:dc:66:69:87:ee:a0:ae:08:e1:c8:de:77:17:94:dc:
ab:93:32:ec:c3:da:80:9f:d3:cc:0c:8d:72:98:cd:5f:88:f6:
9b:33:13:a9:a6:16:ba:08:84:2b:2a:b8:c8:98:29:b7:cc:b6:
7a:47:69:74:20:8c:32:77:9f:dc:5f:84:f5:37:d6:37:cd:d2:
5f:08:17:3b:e9:bd:a0:44:e6:b5:6e:83:aa:c6:3c:91:12:53:
06:9c:31:21:71:2a:7c:08:ca:a1:eb:0e:30:fe:d2:32:94:fb:
5a:2f:44:9c:ec:5f:ac:43:88:26:d4:85:94:41:03:b3:c9:52:
51:ae:80:d2:34:e7:18:00:bd:6d:ce:3c:a5:2e:48:05:91:82:
96:c4:92:79:32:46:12:d0:3d:4f:84:75:e1:02:ee:d9:60:8c:
93:fa:af:c2:21:06:87:15:41:a3:84:8f:c0:6a:74:e3:f4:8e:
66:3d:7e:03:7e:7b:a2:f0:dc:18:da:b4:44:9d:5a:62:5e:75:
da:b2:9b:3e:3c:84:ab:41:bc:66:22:d1:d1:eb:cf:46:2b:49:
95:ce:a3:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUJkTR7BllAfLgSZPuHK2XQWbMYwIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDdaFw0yNjAyMDMwMDE3MDdaMDMxMTAvBgNV
BAMTKEREMkIzREIwNDE2ODM4NUM4NzEwMTQ0QTMwNDRFNjg0RTJCMTZENEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWauIZMtw7+gk1XRu16iy3iTHd
pH9HL+U6O6PYatwQc7iKQNAFRb7mkyjLtYdNM0okOQCH9vNgBdm/7Joo50eUePgq
BxzDWxa8YVpc3jx7ykLeKtFWmjxgbyxHX8cemW6GD6Dps4CNb1TgEP7zsgm/EvX1
6J1yXDOTHwK5eHSH/qOaURbxVzcz+JtUR2fDWJojJXkSllLwhB3wAQLWnkJFRyOl
D569eCpqrrGYgcYUaps1WIbg5v1qD8g2Wi0pOkPJ7Euo+E/GUhCnvslZjmupm/Oh
36GmYnQYxcW62937CGsceCPc7UJzxkzCXWVZQ8veOGK5KQ04rerlVi7QdzsBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU3Ss9sEFoOFyHEBRKMETmhOKxbU8wHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NDg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1
gQ/zMA0GCSqGSIb3DQEBCwUAA4IBAQCbFbgveJdDOghQl0IPi8nLhKPBTQyJzF0R
eIPGueXrc0nzHwyBbRPcZmmH7qCuCOHI3ncXlNyrkzLsw9qAn9PMDI1ymM1fiPab
MxOppha6CIQrKrjImCm3zLZ6R2l0IIwyd5/cX4T1N9Y3zdJfCBc76b2gROa1boOq
xjyRElMGnDEhcSp8CMqh6w4w/tIylPtaL0Sc7F+sQ4gm1IWUQQOzyVJRroDSNOcY
AL1tzjylLkgFkYKWxJJ5MkYS0D1PhHXhAu7ZYIyT+q/CIQaHFUGjhI/AanTj9I5m
PX4Dfnui8NwY2rREnVpiXnXasps+PISrQbxmItHR689GK0mVzqP0
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:46 2025 by rpki-client