Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: LiVqHrtTfAuqvFmGhFYX2y8ihiy5oilqjHNk5m4vFbs=
Subject key identifier: C9:F3:80:BB:98:BA:4E:16:A3:52:B1:E4:F9:B6:CC:D6:5D:39:0C:46
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 445791E9F80766DB5DA35D78E20A1DD756097E5A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
Signing time: Fri 21 Feb 2025 16:41:15 +0000
ROA not before: Fri 21 Feb 2025 16:36:15 +0000
ROA not after: Fri 20 Feb 2026 16:41:15 +0000
asID: 215304
IP address blocks: 141.11.108.0/24 maxlen: 24
141.11.240.0/24 maxlen: 24
194.60.89.0/24 maxlen: 24
194.60.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:57:91:e9:f8:07:66:db:5d:a3:5d:78:e2:0a:1d:d7:56:09:7e:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Feb 21 16:36:15 2025 GMT
Not After : Feb 20 16:41:15 2026 GMT
Subject: CN=C9F380BB98BA4E16A352B1E4F9B6CCD65D390C46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:c3:eb:89:2d:ef:36:49:15:89:83:9f:ba:
12:ba:d7:22:1c:93:5f:11:9c:ab:82:f0:ef:89:10:
8e:19:f9:ac:d5:31:5c:76:af:4c:b0:73:a2:53:32:
88:fb:96:fc:60:ce:f8:9a:bb:d4:93:5f:f8:25:a6:
5f:5b:e5:ca:8e:7c:32:65:ad:0f:8f:81:bd:ac:69:
5b:12:6a:f7:a8:58:d0:6e:d9:f3:87:4d:f8:8b:a2:
d6:fd:89:e8:23:9a:28:b2:13:a4:2b:90:ec:3f:8f:
27:49:94:74:f5:02:3a:40:64:5e:f4:da:07:5c:88:
4d:19:30:7f:89:56:d6:ad:69:bb:38:fe:37:b0:f6:
65:9d:28:72:08:8e:e2:00:98:13:d6:a9:9f:7d:71:
67:bb:39:aa:8b:92:02:db:d4:65:d0:7f:85:39:75:
57:54:c8:b0:d5:0c:2c:af:9f:eb:b7:da:b4:47:2e:
77:48:f3:af:ae:58:2e:dd:d3:cc:3c:ac:68:e6:3e:
b2:1d:d7:e3:cc:62:df:71:1c:29:d2:0b:a3:1f:8b:
ee:b8:6d:d5:df:08:1c:f0:eb:b5:5e:62:e3:84:c1:
4d:69:2b:ad:51:e0:99:9a:07:42:76:e9:2b:15:08:
fc:89:60:ab:98:19:dd:5c:4e:c9:c5:9d:54:5d:b0:
c8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:F3:80:BB:98:BA:4E:16:A3:52:B1:E4:F9:B6:CC:D6:5D:39:0C:46
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.108.0/24
141.11.240.0/24
194.60.89.0-194.60.90.255
Signature Algorithm: sha256WithRSAEncryption
19:3a:fc:48:4d:d3:2c:01:f2:eb:56:aa:d7:d6:98:30:d1:1d:
68:13:e3:19:95:dd:06:23:39:dc:00:b2:9c:92:6c:d0:18:69:
38:fd:ca:93:70:9b:f4:68:fb:f2:77:68:6e:2a:34:d2:1d:cb:
89:f5:5a:e0:40:08:9c:56:f6:d9:aa:c7:55:8b:4a:1a:bd:aa:
c3:29:f6:41:23:cb:0c:7c:c0:67:30:eb:0f:14:27:03:d6:c2:
c8:4b:1b:af:2d:b2:a0:62:10:e1:e0:0b:72:9c:a5:b5:03:99:
41:68:d8:ab:c2:2e:0c:4b:1c:5d:05:f0:68:db:64:35:af:71:
ea:70:9f:4b:15:a8:5d:28:eb:4f:62:d7:2a:4e:c9:55:f3:1a:
b0:2f:44:b7:7f:f8:c7:1e:fa:85:ac:30:a4:cd:5e:33:9d:91:
67:4f:22:13:f6:d3:5a:63:28:52:29:43:62:3f:e9:be:eb:62:
e1:6e:4d:ed:a5:a6:ec:c9:2b:4a:4b:9a:0c:96:15:6b:61:92:
04:e8:f8:24:dc:5d:a9:c5:74:ec:41:bc:3c:ee:3a:28:5b:e1:
cb:18:54:47:74:3f:86:e4:63:bc:cf:2d:1b:63:52:64:17:d0:
a9:22:ac:2b:2e:d3:32:a4:7a:61:b2:75:20:c6:c2:93:85:0f:
e0:11:50:af
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIURFeR6fgHZttdo1144god11YJflowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAyMjExNjM2MTVaFw0yNjAyMjAxNjQxMTVaMDMxMTAvBgNV
BAMTKEM5RjM4MEJCOThCQTRFMTZBMzUyQjFFNEY5QjZDQ0Q2NUQzOTBDNDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXTcPriS3vNkkViYOfuhK61yIc
k18RnKuC8O+JEI4Z+azVMVx2r0ywc6JTMoj7lvxgzviau9STX/glpl9b5cqOfDJl
rQ+Pgb2saVsSaveoWNBu2fOHTfiLotb9iegjmiiyE6QrkOw/jydJlHT1AjpAZF70
2gdciE0ZMH+JVtatabs4/jew9mWdKHIIjuIAmBPWqZ99cWe7OaqLkgLb1GXQf4U5
dVdUyLDVDCyvn+u32rRHLndI86+uWC7d08w8rGjmPrId1+PMYt9xHCnSC6Mfi+64
bdXfCBzw67VeYuOEwU1pK61R4JmaB0J26SsVCPyJYKuYGd1cTsnFnVRdsMh5AgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQUyfOAu5i6ThajUrHk+bbM1l05DEYwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjQts
AwQAjQvwMAwDBADCPFkDBADCPFowDQYJKoZIhvcNAQELBQADggEBABk6/EhN0ywB
8utWqtfWmDDRHWgT4xmV3QYjOdwAspySbNAYaTj9ypNwm/Ro+/J3aG4qNNIdy4n1
WuBACJxW9tmqx1WLShq9qsMp9kEjywx8wGcw6w8UJwPWwshLG68tsqBiEOHgC3Kc
pbUDmUFo2KvCLgxLHF0F8GjbZDWvcepwn0sVqF0o609i1ypOyVXzGrAvRLd/+Mce
+oWsMKTNXjOdkWdPIhP201pjKFIpQ2I/6b7rYuFuTe2lpuzJK0pLmgyWFWthkgTo
+CTcXanFdOxBvDzuOihb4csYVEd0P4bkY7zPLRtjUmQX0KkirCsu0zKkemGydSDG
wpOFD+ARUK8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:41 2025 by rpki-client