Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213865.roa
File: AS213865.roa (raw, json)
Hash identifier: Qegg417UohwYAVTIiu2LURkN/QxIXbY0hbfGnBneAII=
Subject key identifier: 16:11:2C:EB:10:5F:EA:61:41:46:B1:95:6B:DB:35:B7:0D:1B:03:8E
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 0DBD2C0EB04E116291C53C8069F533DD62BAAF5A
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213865.roa
Signing time: Fri 07 Mar 2025 12:57:27 +0000
ROA not before: Fri 07 Mar 2025 12:52:27 +0000
ROA not after: Fri 06 Mar 2026 12:57:27 +0000
asID: 213865
IP address blocks: 31.40.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:bd:2c:0e:b0:4e:11:62:91:c5:3c:80:69:f5:33:dd:62:ba:af:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Mar 7 12:52:27 2025 GMT
Not After : Mar 6 12:57:27 2026 GMT
Subject: CN=16112CEB105FEA614146B1956BDB35B70D1B038E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:02:50:bf:49:69:90:e4:61:4a:99:14:0c:20:
c3:27:f1:0b:6a:a8:73:66:59:35:74:f2:28:7a:db:
7c:46:93:2e:22:3a:bf:2b:e4:c2:e5:66:f5:ae:8c:
e8:bf:b2:6f:74:7b:b6:aa:38:3f:6c:8d:76:f9:d2:
a7:93:54:3f:3e:9e:70:f4:1b:3d:c1:6d:89:82:af:
15:5c:fb:dc:a6:78:30:5f:0f:18:3a:bc:06:da:bf:
f0:20:55:fa:d4:79:cc:d4:7c:78:05:ee:f1:e5:9b:
29:03:6c:60:58:b4:8f:2f:a9:bc:7f:76:c1:c5:13:
df:a7:e6:0e:e8:9c:29:b7:ad:cb:bf:d1:f6:2e:c5:
06:39:90:30:69:ae:05:34:93:49:d4:f3:ef:99:e7:
11:33:02:32:36:75:df:c5:cf:08:e8:b7:70:d8:79:
81:f6:0a:b1:a5:2d:c2:a4:b8:b3:55:db:69:ca:d0:
d9:6d:65:20:b3:29:ca:35:00:d1:79:cb:d8:5b:1e:
36:e6:5f:e8:aa:60:85:8d:cb:88:3a:f3:90:7a:06:
e7:3c:85:62:ae:63:31:d9:81:06:38:18:d1:c9:b9:
51:3d:9e:5e:f3:6a:01:86:ec:e7:b1:27:d0:30:1a:
62:99:23:18:81:39:06:a5:85:6b:72:ad:d6:25:df:
67:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:11:2C:EB:10:5F:EA:61:41:46:B1:95:6B:DB:35:B7:0D:1B:03:8E
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS213865.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.207.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d7:a9:b8:60:d4:41:c6:9d:50:bf:8c:49:d9:80:78:c6:86:
7f:63:73:9b:98:5c:d9:d6:58:08:0e:cc:d8:73:8d:23:41:a8:
fe:db:d7:4b:f1:c7:fc:f0:4a:ae:e8:58:bf:56:f3:68:29:15:
8c:d0:ef:87:37:6c:f4:a6:10:d7:68:4d:e1:de:3a:4e:d0:eb:
87:52:02:5b:e0:6f:74:66:7a:56:cf:00:0f:3e:7d:08:5e:6f:
ac:67:1c:ba:65:6e:02:18:98:e0:69:c5:33:80:dc:49:9a:86:
23:48:35:91:d8:2a:d2:7e:60:fd:a5:03:bc:9c:d0:28:d6:f3:
cf:5e:2e:2a:af:0c:34:35:07:19:fd:ac:4b:15:ce:eb:20:fb:
87:29:53:15:bc:36:16:80:61:ae:6f:a7:cb:ce:c7:b3:64:ad:
9b:9e:ee:9b:6f:d4:db:2f:ff:1e:8b:b8:d3:94:ee:95:f4:ab:
48:9a:6d:ef:f8:62:94:04:f6:05:ab:4d:de:62:bb:3a:f8:47:
5f:20:b6:49:e5:c7:29:f2:d9:fa:ca:68:a2:f9:00:87:5b:3d:
6c:a6:a3:7a:f1:fa:d2:5c:0b:d3:a8:5a:c6:e7:c6:46:ed:84:
28:11:f7:27:8a:3e:65:71:72:49:36:1e:7b:26:cb:0b:3d:b0:
cb:5b:c9:bb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUDb0sDrBOEWKRxTyAafUz3WK6r1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAzMDcxMjUyMjdaFw0yNjAzMDYxMjU3MjdaMDMxMTAvBgNV
BAMTKDE2MTEyQ0VCMTA1RkVBNjE0MTQ2QjE5NTZCREIzNUI3MEQxQjAzOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBAlC/SWmQ5GFKmRQMIMMn8Qtq
qHNmWTV08ih623xGky4iOr8r5MLlZvWujOi/sm90e7aqOD9sjXb50qeTVD8+nnD0
Gz3BbYmCrxVc+9ymeDBfDxg6vAbav/AgVfrUeczUfHgF7vHlmykDbGBYtI8vqbx/
dsHFE9+n5g7onCm3rcu/0fYuxQY5kDBprgU0k0nU8++Z5xEzAjI2dd/Fzwjot3DY
eYH2CrGlLcKkuLNV22nK0NltZSCzKco1ANF5y9hbHjbmX+iqYIWNy4g685B6Buc8
hWKuYzHZgQY4GNHJuVE9nl7zagGG7OexJ9AwGmKZIxiBOQalhWtyrdYl32frAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUFhEs6xBf6mFBRrGVa9s1tw0bA44wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjEzODY1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAHyjP
MA0GCSqGSIb3DQEBCwUAA4IBAQBe16m4YNRBxp1Qv4xJ2YB4xoZ/Y3ObmFzZ1lgI
DszYc40jQaj+29dL8cf88Equ6Fi/VvNoKRWM0O+HN2z0phDXaE3h3jpO0OuHUgJb
4G90ZnpWzwAPPn0IXm+sZxy6ZW4CGJjgacUzgNxJmoYjSDWR2CrSfmD9pQO8nNAo
1vPPXi4qrww0NQcZ/axLFc7rIPuHKVMVvDYWgGGub6fLzsezZK2bnu6bb9TbL/8e
i7jTlO6V9KtImm3v+GKUBPYFq03eYrs6+EdfILZJ5ccp8tn6ymii+QCHWz1spqN6
8frSXAvTqFrG58ZG7YQoEfcnij5lcXJJNh57JssLPbDLW8m7
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:13:04 2025 by rpki-client