Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
File: AS31898.roa (raw, json)
Hash identifier: 97s6O1/PVwUKnGeww444naPNy86JajUEHxLS9NldxQ0=
Subject key identifier: F5:AD:C4:C6:9F:D6:78:1F:3B:A5:4A:C7:09:48:1F:A1:61:81:F3:EA
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 1CA80A405571ADC904EEE93C980953E4C257AC31
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
Signing time: Tue 04 Feb 2025 00:17:07 +0000
ROA not before: Tue 04 Feb 2025 00:12:07 +0000
ROA not after: Tue 03 Feb 2026 00:17:07 +0000
asID: 31898
IP address blocks: 2a14:7581:9811::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:a8:0a:40:55:71:ad:c9:04:ee:e9:3c:98:09:53:e4:c2:57:ac:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Feb 4 00:12:07 2025 GMT
Not After : Feb 3 00:17:07 2026 GMT
Subject: CN=F5ADC4C69FD6781F3BA54AC709481FA16181F3EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a0:05:ad:ff:5c:c0:a5:e6:28:63:ad:41:65:
62:ff:b2:3d:4c:8e:4b:09:41:8c:98:ca:c2:14:ea:
74:5c:03:b9:9e:21:2c:fa:f7:c4:63:a3:91:fb:24:
16:2c:fa:85:84:7f:55:68:16:6d:9e:6c:3a:66:63:
4f:1f:ea:c2:b5:18:4b:01:32:94:a5:67:c2:a8:b6:
94:c1:d4:c5:58:45:67:8e:44:cf:5d:cb:60:ad:f2:
17:4f:bc:70:fe:36:76:db:cb:78:f1:66:24:07:34:
ce:64:c1:a9:5c:6f:ba:78:83:12:cb:22:49:0c:fb:
3a:d9:16:11:16:1d:ee:e6:60:5a:76:c2:5f:1b:13:
a9:24:cf:bf:24:18:7a:a6:aa:f9:b9:80:ee:57:6a:
b7:67:6f:6d:bc:29:8c:6f:d6:ec:2f:7f:47:ce:4a:
46:04:9e:e4:0f:91:6a:59:32:cc:86:fb:9d:a0:91:
95:99:ca:24:0a:f8:00:5b:5e:18:b7:f4:26:3e:24:
45:d1:39:3d:7c:98:0d:f8:3f:71:71:55:93:76:33:
e1:f0:fe:77:d0:26:58:9d:3c:4a:62:08:d7:c7:14:
cd:a4:ee:73:f5:22:24:f6:ff:7b:72:94:1c:0c:af:
f8:58:dd:2a:46:00:57:65:76:b2:be:0c:3b:1f:06:
0d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:AD:C4:C6:9F:D6:78:1F:3B:A5:4A:C7:09:48:1F:A1:61:81:F3:EA
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9811::/48
Signature Algorithm: sha256WithRSAEncryption
48:c8:2d:07:f2:6e:ef:fd:5f:cd:3a:4d:a8:16:fb:99:00:d5:
90:e0:a5:c2:89:fc:88:ef:b1:29:1a:ee:d3:51:28:6c:99:3e:
98:8a:19:f9:15:58:de:e8:37:fb:0a:c9:a6:b2:11:d8:70:7d:
5b:c3:2e:b2:4b:ab:f8:c7:6f:2c:b8:54:9b:d9:e6:6f:1d:f1:
d7:f8:d8:ed:ad:5d:5c:30:06:85:49:8e:4f:88:40:d2:b7:ec:
04:9c:a6:fa:f3:2f:82:8d:8d:79:6b:dd:e2:d7:1c:bb:a3:42:
70:10:5f:2a:49:d8:3e:25:7e:d2:d9:cb:d5:ed:80:34:10:e5:
7d:d3:dc:67:36:8e:59:fc:7c:ad:68:b4:87:07:6f:16:9c:a6:
35:0d:a0:3b:54:91:5c:91:8a:47:1b:9f:7f:2d:33:5f:2c:cf:
c9:f8:50:7b:2e:83:b5:a4:e5:8e:47:4f:e9:16:21:44:b2:a9:
54:bf:32:bc:95:1d:ac:b6:c2:82:4c:7b:97:a5:5d:2d:4e:4f:
bf:c9:2d:a4:35:7c:92:15:4c:22:4e:83:b5:ca:0f:f3:13:9f:
81:ba:48:37:15:b7:98:9b:e3:18:04:ce:07:47:94:02:99:e6:
30:b0:b3:55:99:52:fe:f2:49:91:f9:6b:01:e6:da:3b:b4:9d:
dc:f1:c3:44
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgIUHKgKQFVxrckE7uk8mAlT5MJXrDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAyMDQwMDEyMDdaFw0yNjAyMDMwMDE3MDdaMDMxMTAvBgNV
BAMTKEY1QURDNEM2OUZENjc4MUYzQkE1NEFDNzA5NDgxRkExNjE4MUYzRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/oAWt/1zApeYoY61BZWL/sj1M
jksJQYyYysIU6nRcA7meISz698Rjo5H7JBYs+oWEf1VoFm2ebDpmY08f6sK1GEsB
MpSlZ8KotpTB1MVYRWeORM9dy2Ct8hdPvHD+Nnbby3jxZiQHNM5kwalcb7p4gxLL
IkkM+zrZFhEWHe7mYFp2wl8bE6kkz78kGHqmqvm5gO5Xardnb228KYxv1uwvf0fO
SkYEnuQPkWpZMsyG+52gkZWZyiQK+ABbXhi39CY+JEXROT18mA34P3FxVZN2M+Hw
/nfQJlidPEpiCNfHFM2k7nP1IiT2/3tylBwMr/hY3SpGAFdldrK+DDsfBg0ZAgMB
AAGjggIMMIICCDAdBgNVHQ4EFgQU9a3Exp/WeB87pUrHCUgfoWGB8+owHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt
NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqFHWB
mBEwDQYJKoZIhvcNAQELBQADggEBAEjILQfybu/9X806TagW+5kA1ZDgpcKJ/Ijv
sSka7tNRKGyZPpiKGfkVWN7oN/sKyaayEdhwfVvDLrJLq/jHbyy4VJvZ5m8d8df4
2O2tXVwwBoVJjk+IQNK37AScpvrzL4KNjXlr3eLXHLujQnAQXypJ2D4lftLZy9Xt
gDQQ5X3T3Gc2jln8fK1otIcHbxacpjUNoDtUkVyRikcbn38tM18sz8n4UHsug7Wk
5Y5HT+kWIUSyqVS/MryVHay2woJMe5elXS1OT7/JLaQ1fJIVTCJOg7XKD/MTn4G6
SDcVt5ib4xgEzgdHlAKZ5jCws1WZUv7ySZH5awHm2ju0ndzxw0Q=
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:31:51 2025 by rpki-client