Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214024.roa
File: AS214024.roa (raw, json)
Hash identifier: P/i8MoNgtRMuyDrcQ/7KB0gbg7ZSFtJrSLjOSg1BxWg=
Subject key identifier: B9:EF:21:E6:0C:DA:0C:D7:24:C9:88:38:13:91:9A:76:D0:7E:0A:9D
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 0338E91A6B00A84E36A31712492EAF94DA8AD73D
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214024.roa
Signing time: Sat 04 Jan 2025 15:18:47 +0000
ROA not before: Sat 04 Jan 2025 15:13:47 +0000
ROA not after: Sat 03 Jan 2026 15:18:47 +0000
asID: 214024
IP address blocks: 194.60.89.0/24 maxlen: 24
194.60.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:38:e9:1a:6b:00:a8:4e:36:a3:17:12:49:2e:af:94:da:8a:d7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 4 15:13:47 2025 GMT
Not After : Jan 3 15:18:47 2026 GMT
Subject: CN=B9EF21E60CDA0CD724C9883813919A76D07E0A9D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6c:58:7b:14:9b:8e:b5:ae:14:d0:76:6c:e9:
c4:4c:da:1d:9e:9a:79:a4:7e:9e:c7:9e:52:13:90:
50:40:c6:b5:2c:26:16:3a:b4:ac:91:12:59:87:3b:
cc:3c:80:49:a7:1a:b0:af:9b:1c:53:f9:f0:f8:2b:
1a:31:fc:55:44:62:56:99:47:f9:9b:1f:2b:b1:3a:
ea:0e:0e:df:fb:ac:33:5c:c0:5a:2f:ff:c0:4a:e4:
c5:8a:77:04:90:a6:7c:6c:48:26:2e:3f:38:c7:53:
42:bb:da:b9:f1:96:96:ce:36:7b:6a:e7:2d:c4:96:
00:60:46:82:d3:8a:49:a5:96:a7:a2:9f:ca:af:aa:
a8:47:ee:22:81:90:0a:0d:a7:15:7e:fc:a6:f5:57:
fd:3d:5c:3f:a0:f6:a8:d9:dd:78:ea:11:9b:e9:4c:
4a:13:09:27:43:a7:9d:14:bd:73:57:90:b9:be:99:
dc:9a:78:ce:62:6b:de:2f:fa:cd:07:e5:83:02:2f:
c9:0a:74:4c:08:90:e4:07:13:47:14:b9:2e:95:b3:
e9:3a:14:32:ca:c9:6d:be:e5:f7:74:c4:95:47:24:
5b:fe:4e:19:e4:d6:7b:5a:1b:c5:53:99:4d:aa:7c:
3e:ce:ef:93:6e:0b:53:b3:c6:db:52:aa:36:2f:20:
82:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:EF:21:E6:0C:DA:0C:D7:24:C9:88:38:13:91:9A:76:D0:7E:0A:9D
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214024.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.60.89.0-194.60.90.255
Signature Algorithm: sha256WithRSAEncryption
8b:c7:06:53:3c:0f:ee:db:a7:52:68:2c:f5:de:e6:8b:db:ab:
c9:97:14:91:c7:91:5d:61:ac:c7:9a:c2:4b:82:9e:9b:3c:04:
33:07:ef:46:dd:2b:95:48:d6:e3:c9:dc:fd:a4:9d:59:01:ac:
5b:94:9e:9f:8c:35:a5:a1:03:78:15:9f:13:66:c8:fb:0b:6f:
79:3d:e7:dc:22:fd:42:bf:e3:82:29:6e:cf:7a:92:17:6e:13:
0d:64:65:bd:5f:81:b4:6c:0f:ac:4a:de:f8:35:5d:81:44:32:
0c:2b:92:68:f1:1f:21:08:3b:7e:da:25:ac:22:cd:a8:82:ab:
d6:65:d4:91:98:e2:d4:2b:19:64:25:ed:d9:fa:63:4d:44:cd:
f0:33:50:72:fa:fc:47:eb:43:cb:e4:50:3b:16:f9:cb:a4:64:
ba:9c:d0:a0:2b:e4:a1:3d:41:ce:e8:77:0a:ba:0f:cf:fd:b6:
c2:01:b4:a3:57:d8:ed:26:b1:ef:24:c5:39:5a:24:84:a3:22:
b9:23:59:e0:bb:97:8e:e3:b6:4e:8e:5b:3b:17:d7:48:8e:1c:
9c:15:4a:b7:92:b4:c2:d7:e0:45:21:b8:8a:c5:83:7f:c5:30:
15:68:7f:b7:e7:b2:67:83:d2:bc:a9:c8:74:51:0f:09:b2:47:
14:0e:f8:b6
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIUAzjpGmsAqE42oxcSSS6vlNqK1z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAxMDQxNTEzNDdaFw0yNjAxMDMxNTE4NDdaMDMxMTAvBgNV
BAMTKEI5RUYyMUU2MENEQTBDRDcyNEM5ODgzODEzOTE5QTc2RDA3RTBBOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDbFh7FJuOta4U0HZs6cRM2h2e
mnmkfp7HnlITkFBAxrUsJhY6tKyRElmHO8w8gEmnGrCvmxxT+fD4Kxox/FVEYlaZ
R/mbHyuxOuoODt/7rDNcwFov/8BK5MWKdwSQpnxsSCYuPzjHU0K72rnxlpbONntq
5y3ElgBgRoLTikmllqein8qvqqhH7iKBkAoNpxV+/Kb1V/09XD+g9qjZ3XjqEZvp
TEoTCSdDp50UvXNXkLm+mdyaeM5ia94v+s0H5YMCL8kKdEwIkOQHE0cUuS6Vs+k6
FDLKyW2+5fd0xJVHJFv+Thnk1ntaG8VTmU2qfD7O75NuC1OzxttSqjYvIII5AgMB
AAGjggISMIICDjAdBgNVHQ4EFgQUue8h5gzaDNckyYg4E5GadtB+Cp0wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0MDI0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADC
PFkDBADCPFowDQYJKoZIhvcNAQELBQADggEBAIvHBlM8D+7bp1JoLPXe5ovbq8mX
FJHHkV1hrMeawkuCnps8BDMH70bdK5VI1uPJ3P2knVkBrFuUnp+MNaWhA3gVnxNm
yPsLb3k959wi/UK/44Ipbs96khduEw1kZb1fgbRsD6xK3vg1XYFEMgwrkmjxHyEI
O37aJawizaiCq9Zl1JGY4tQrGWQl7dn6Y01EzfAzUHL6/EfrQ8vkUDsW+cukZLqc
0KAr5KE9Qc7odwq6D8/9tsIBtKNX2O0mse8kxTlaJISjIrkjWeC7l47jtk6OWzsX
10iOHJwVSreStMLX4EUhuIrFg3/FMBVof7fnsmeD0rypyHRRDwmyRxQO+LY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:44 2025 by rpki-client