Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214731.roa
File: AS214731.roa (raw, json)
Hash identifier: ofNR+awGBjc77O2VjTXxFYQPe3TNfZ/ARY1JEVRnQZ4=
Subject key identifier: 26:82:B4:2F:D4:2F:51:F1:29:36:37:14:5D:28:B8:F4:47:24:E3:A6
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 6D77AEBA9828CD8B4DCFCB05BB993412F670DC91
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214731.roa
Signing time: Tue 04 Feb 2025 00:17:09 +0000
ROA not before: Tue 04 Feb 2025 00:12:09 +0000
ROA not after: Tue 03 Feb 2026 00:17:09 +0000
asID: 214731
IP address blocks: 2a14:7581:c000::/36 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:77:ae:ba:98:28:cd:8b:4d:cf:cb:05:bb:99:34:12:f6:70:dc:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:09 2025 GMT
Not After : Feb 3 00:17:09 2026 GMT
Subject: CN=2682B42FD42F51F1293637145D28B8F44724E3A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:1b:b7:26:14:61:f0:26:ab:e4:28:4c:40:4b:
05:c1:9b:d0:13:e4:c3:10:ba:90:21:8f:de:00:ab:
22:10:9b:12:e2:0f:44:74:5b:54:3e:20:56:0b:a5:
4b:32:e7:98:5b:5b:18:14:03:e2:00:63:17:2c:18:
96:00:1f:e1:c7:6d:18:c6:50:43:bc:66:0c:6e:14:
0a:d4:bb:3b:23:fe:9c:58:48:88:48:16:24:b6:3b:
a6:ef:43:b2:4e:98:b9:ff:bc:ed:16:ab:2b:76:59:
6d:10:6e:68:b9:ab:eb:a8:77:2e:88:8f:8e:c7:8e:
37:3b:e3:ae:29:7a:41:06:ab:80:53:cf:4a:50:a4:
10:d8:80:7a:b5:79:6a:3d:0f:fb:4b:e4:04:5f:f1:
7a:d9:3f:93:05:30:1a:c9:a7:13:c0:0c:a8:f8:e7:
bb:b1:31:65:63:5f:43:f9:da:03:d8:59:8f:99:88:
bd:d2:64:32:69:e3:18:5a:6e:97:90:ec:be:ba:e5:
bc:14:4f:c3:99:65:bf:67:ad:1c:ad:42:c8:68:9d:
77:8e:f5:ce:8b:bc:e4:38:1e:ac:cd:94:14:10:13:
1c:69:fd:40:f2:51:4c:ac:be:ea:f6:6f:92:6d:ba:
08:a7:e1:45:26:f5:6f:22:c9:24:fb:f0:45:c1:81:
39:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:82:B4:2F:D4:2F:51:F1:29:36:37:14:5D:28:B8:F4:47:24:E3:A6
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214731.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:c000::/36
Signature Algorithm: sha256WithRSAEncryption
12:17:f2:1d:fc:91:1d:eb:c8:1a:da:36:35:7e:6c:00:b2:93:
5c:6b:60:8f:ad:71:de:d5:9c:f0:54:de:c6:69:6b:56:84:7a:
e8:d8:45:45:e6:7f:9c:35:8a:3e:dd:aa:ef:3a:06:59:0b:cd:
f3:f9:4f:31:5d:d4:f3:61:68:a2:c2:68:eb:75:17:c4:1c:89:
a5:9c:65:94:63:88:cf:0e:3d:34:38:bf:8a:de:15:73:ea:3e:
da:07:85:45:53:96:56:64:9f:a7:15:6a:78:9e:9b:35:f0:75:
de:14:b2:cb:55:fc:26:3b:8b:5a:a3:f7:cf:ea:1c:bc:84:1b:
38:51:4b:b0:a1:a2:5f:37:21:42:4c:0b:b5:2d:59:fb:55:49:
45:59:b7:8b:f0:2a:49:23:43:92:00:0f:f5:20:6c:2b:75:65:
28:7f:14:69:8e:41:da:e0:32:1c:c5:ed:9e:76:fc:36:f1:4f:
f7:ec:1f:16:bf:ae:ef:97:2d:d8:49:be:8b:cd:7b:a2:df:31:
1d:07:d9:1b:62:73:2a:0b:4e:c6:aa:19:50:3e:a6:dc:9a:38:
ae:e8:c9:89:00:6e:46:17:79:ed:ee:08:3b:77:72:60:0b:85:
63:f3:91:4c:fe:59:14:a9:3a:03:51:88:5e:b6:30:69:47:34:
1d:28:6c:2a
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUbXeuupgozYtNz8sFu5k0EvZw3JEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDlaFw0yNjAyMDMwMDE3MDlaMDMxMTAvBgNV
BAMTKDI2ODJCNDJGRDQyRjUxRjEyOTM2MzcxNDVEMjhCOEY0NDcyNEUzQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1G7cmFGHwJqvkKExASwXBm9AT
5MMQupAhj94AqyIQmxLiD0R0W1Q+IFYLpUsy55hbWxgUA+IAYxcsGJYAH+HHbRjG
UEO8ZgxuFArUuzsj/pxYSIhIFiS2O6bvQ7JOmLn/vO0Wqyt2WW0Qbmi5q+uody6I
j47Hjjc7464pekEGq4BTz0pQpBDYgHq1eWo9D/tL5ARf8XrZP5MFMBrJpxPADKj4
57uxMWVjX0P52gPYWY+ZiL3SZDJp4xhabpeQ7L665bwUT8OZZb9nrRytQshonXeO
9c6LvOQ4HqzNlBQQExxp/UDyUUysvur2b5Jtugin4UUm9W8iyST78EXBgTmDAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQUJoK0L9QvUfEpNjcUXSi49Eck46YwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NzMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhR1
gcAwDQYJKoZIhvcNAQELBQADggEBABIX8h38kR3ryBraNjV+bACyk1xrYI+tcd7V
nPBU3sZpa1aEeujYRUXmf5w1ij7dqu86BlkLzfP5TzFd1PNhaKLCaOt1F8QciaWc
ZZRjiM8OPTQ4v4reFXPqPtoHhUVTllZkn6cVaniemzXwdd4UsstV/CY7i1qj98/q
HLyEGzhRS7Chol83IUJMC7UtWftVSUVZt4vwKkkjQ5IAD/UgbCt1ZSh/FGmOQdrg
MhzF7Z52/DbxT/fsHxa/ru+XLdhJvovNe6LfMR0H2RticyoLTsaqGVA+ptyaOK7o
yYkAbkYXee3uCDt3cmALhWPzkUz+WRSpOgNRiF62MGlHNB0obCo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:41:56 2025 by rpki-client