Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
File: AS211975.roa (raw, json)
Hash identifier: Y4Ptd4m4M1WXYYkpc5j4G4IcuUB8EXFEa59WbDebryg=
Subject key identifier: 28:E5:C8:5B:E2:ED:6C:31:B8:36:8E:F7:23:62:A8:3E:DE:74:A7:7F
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 47893247E7F92C30862B577079D2CDE0D955F6FF
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
Signing time: Sun 26 Jan 2025 10:56:57 +0000
ROA not before: Sun 26 Jan 2025 10:51:57 +0000
ROA not after: Sun 25 Jan 2026 10:56:57 +0000
asID: 211975
IP address blocks: 141.11.230.0/24 maxlen: 24
141.11.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:89:32:47:e7:f9:2c:30:86:2b:57:70:79:d2:cd:e0:d9:55:f6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 26 10:51:57 2025 GMT
Not After : Jan 25 10:56:57 2026 GMT
Subject: CN=28E5C85BE2ED6C31B8368EF72362A83EDE74A77F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:1c:f5:8d:84:3e:88:e2:4e:49:1d:b0:75:a4:
50:d5:44:2a:5b:3d:a7:f5:b8:84:fc:d5:e6:2e:9a:
f0:9c:17:68:42:40:f1:d0:e3:66:28:f4:3d:99:41:
b7:43:49:bf:56:9c:1f:7d:17:f3:f1:6a:f8:a7:b0:
96:9d:9b:de:a2:cc:f4:09:85:27:7d:8d:08:e4:ad:
33:d4:5e:c4:54:93:65:d7:0a:5b:5a:33:7a:54:36:
3e:c0:66:82:4d:3f:5d:71:60:fe:62:c0:92:8d:1b:
13:a7:0b:f6:fe:57:b2:2c:6b:e2:63:e0:8d:4f:5d:
b7:7c:1b:6b:30:c0:43:2e:4a:57:1c:66:91:67:d8:
3a:65:6d:dd:da:e1:08:a7:7b:ec:ce:07:fd:61:a3:
c4:52:4f:1e:66:58:44:54:2a:50:d3:d8:5d:24:1e:
dc:ce:4f:66:8c:c2:27:4b:76:dd:b0:b2:05:35:a2:
fd:cc:d4:4d:82:1b:cc:20:04:bd:e9:b3:69:06:9a:
b2:cc:8b:0a:50:40:38:0b:1f:33:2c:d7:46:42:75:
ac:b5:bc:42:1a:3f:88:71:ab:93:4d:af:93:c4:b6:
9b:49:99:30:de:26:27:f1:a1:f8:a0:8f:ef:4c:c7:
c7:61:b6:30:ed:92:ee:51:ff:8c:fd:00:a0:42:f8:
a1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:E5:C8:5B:E2:ED:6C:31:B8:36:8E:F7:23:62:A8:3E:DE:74:A7:7F
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS211975.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.230.0/23
Signature Algorithm: sha256WithRSAEncryption
01:2e:a5:f1:ce:42:55:b9:7b:44:9e:5a:92:29:32:9e:d8:2c:
74:81:fa:f4:2b:f4:43:73:e5:00:2a:f1:ff:02:15:44:3d:3a:
56:73:c2:35:4c:a7:bd:8c:35:db:46:4e:33:2b:77:e4:09:39:
ff:d3:a0:87:0f:00:12:b2:da:3e:d4:83:dd:a5:5f:13:59:2a:
f4:28:2f:87:d3:cf:bd:c8:71:e2:31:8c:55:0d:cc:89:1e:01:
95:0b:07:c5:42:4f:d7:bc:f3:b4:cb:00:11:d7:73:b9:a7:3d:
89:20:48:27:f3:e4:9d:b1:23:34:a7:bf:ac:2d:97:60:59:d5:
79:07:7a:82:9a:92:ce:9f:26:7f:45:59:3a:df:e0:d6:28:b6:
59:cf:be:9a:7b:e0:1b:be:13:96:95:74:e8:16:8a:08:ed:34:
5d:b8:08:56:66:a5:c0:4b:2b:df:d5:27:8f:b6:e4:5d:d0:c6:
ca:a2:59:a0:51:53:8b:7f:bc:ba:c0:2c:98:1d:98:d0:22:07:
f6:73:86:a9:74:99:b3:8e:4a:f5:ff:3d:93:e3:46:bf:36:70:
03:18:07:92:89:b6:f9:2f:b2:f0:17:64:78:f1:fb:62:39:b4:
7e:aa:ec:16:65:3a:f8:4d:c0:9b:f0:ad:d6:1e:77:02:f9:4a:
b5:f4:4b:84
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUR4kyR+f5LDCGK1dwedLN4NlV9v8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAxMjYxMDUxNTdaFw0yNjAxMjUxMDU2NTdaMDMxMTAvBgNV
BAMTKDI4RTVDODVCRTJFRDZDMzFCODM2OEVGNzIzNjJBODNFREU3NEE3N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbHPWNhD6I4k5JHbB1pFDVRCpb
Paf1uIT81eYumvCcF2hCQPHQ42Yo9D2ZQbdDSb9WnB99F/PxavinsJadm96izPQJ
hSd9jQjkrTPUXsRUk2XXCltaM3pUNj7AZoJNP11xYP5iwJKNGxOnC/b+V7Isa+Jj
4I1PXbd8G2swwEMuSlccZpFn2Dplbd3a4Qine+zOB/1ho8RSTx5mWERUKlDT2F0k
HtzOT2aMwidLdt2wsgU1ov3M1E2CG8wgBL3ps2kGmrLMiwpQQDgLHzMs10ZCday1
vEIaP4hxq5NNr5PEtptJmTDeJifxofigj+9Mx8dhtjDtku5R/4z9AKBC+KF/AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUKOXIW+LtbDG4No73I2KoPt50p38wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjExOTc1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjQvm
MA0GCSqGSIb3DQEBCwUAA4IBAQABLqXxzkJVuXtEnlqSKTKe2Cx0gfr0K/RDc+UA
KvH/AhVEPTpWc8I1TKe9jDXbRk4zK3fkCTn/06CHDwASsto+1IPdpV8TWSr0KC+H
08+9yHHiMYxVDcyJHgGVCwfFQk/XvPO0ywAR13O5pz2JIEgn8+SdsSM0p7+sLZdg
WdV5B3qCmpLOnyZ/RVk63+DWKLZZz76ae+AbvhOWlXToFooI7TRduAhWZqXASyvf
1SePtuRd0MbKolmgUVOLf7y6wCyYHZjQIgf2c4apdJmzjkr1/z2T40a/NnADGAeS
ibb5L7LwF2R48ftiObR+quwWZTr4TcCb8K3WHncC+Uq19EuE
-----END CERTIFICATE-----
Generated at Fri Apr 4 20:52:48 2025 by rpki-client