Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
File: AS214654.roa (raw, json)
Hash identifier: IWXNWxx5OwYm1Fql60YPhClKDaIqKE0bnzqWEAnNFAg=
Subject key identifier: 1D:64:F7:9A:79:23:C7:50:80:C0:A2:80:14:E5:CB:DB:C3:F1:0A:DF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2EF7875A7F2D7C2EB1C472481D9265F1C9F2D6FA
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
Signing time: Wed 12 Feb 2025 00:01:59 +0000
ROA not before: Tue 11 Feb 2025 23:56:59 +0000
ROA not after: Wed 11 Feb 2026 00:01:59 +0000
asID: 214654
IP address blocks: 46.203.98.0/24 maxlen: 24
46.203.203.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f7:87:5a:7f:2d:7c:2e:b1:c4:72:48:1d:92:65:f1:c9:f2:d6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 11 23:56:59 2025 GMT
Not After : Feb 11 00:01:59 2026 GMT
Subject: CN=1D64F79A7923C75080C0A28014E5CBDBC3F10ADF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:84:d6:65:bf:0e:8a:93:05:5d:e8:04:ef:
fe:38:ab:b9:9a:58:4f:47:2e:01:a0:20:bf:f6:81:
a5:1f:aa:8d:15:da:b7:25:ac:b5:9b:b4:bf:49:01:
dc:a3:6f:7d:52:fc:07:05:54:35:17:5d:1c:a4:4d:
dd:c7:b5:e5:a3:84:1a:2e:9d:63:c8:3e:f3:7e:54:
69:d5:d3:f1:8c:0e:fe:72:6e:97:2f:42:30:b8:a9:
af:23:64:d1:43:3e:f0:02:45:28:07:35:13:57:ac:
4d:06:93:bd:7a:c1:13:b4:b3:27:76:98:c5:22:2f:
d6:37:1f:e4:3e:79:89:f7:02:3c:7f:ec:e9:bf:3e:
a1:e0:c1:5e:b7:d1:cc:05:f0:15:ad:28:b8:ee:e7:
2a:77:7a:cf:cd:63:59:e0:43:e7:e9:4f:da:01:f3:
78:a6:a7:9b:f5:83:a1:32:fe:f3:1b:a4:d4:b8:24:
de:f5:32:15:65:e4:4b:08:72:02:14:1d:78:86:75:
70:31:f3:67:ae:dd:fe:a8:cb:d6:7a:90:39:ae:22:
ed:1b:19:19:8e:05:86:d7:94:44:2c:a4:66:27:26:
d1:46:a9:53:e4:49:e8:57:f3:a2:23:b5:06:70:4b:
50:82:06:5d:05:91:28:46:4b:76:47:35:fe:30:c7:
ba:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:64:F7:9A:79:23:C7:50:80:C0:A2:80:14:E5:CB:DB:C3:F1:0A:DF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.98.0/24
46.203.203.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:34:c6:68:48:c3:fd:d7:01:dc:24:b8:34:ea:6d:37:34:78:
c5:41:b0:63:e6:76:7b:83:4e:1c:3f:4a:ba:bf:46:7e:81:b5:
34:72:3d:44:4e:0b:87:38:ee:3f:20:25:e7:ec:b5:f5:75:42:
2b:dc:e7:7a:b4:40:cc:08:39:88:99:2c:e8:a8:ec:1a:0e:8a:
7d:77:f6:74:9e:9d:7c:4c:51:04:f4:dc:8f:3f:90:6c:10:83:
fc:d5:4b:00:d7:4c:1e:d7:67:8b:5e:34:a0:1e:37:63:01:a4:
c2:ec:c8:1c:78:9f:4c:18:b0:53:04:5a:f6:21:0a:9b:1a:5d:
ba:23:f4:8b:87:cf:d5:b0:a9:c2:e4:e9:39:a4:ae:43:d0:e1:
b8:e5:40:f3:7c:87:4a:bb:77:e7:99:cf:af:bc:3c:fa:06:9c:
95:9b:91:cf:09:c4:8d:e8:da:96:8a:1b:94:73:73:5a:2d:db:
09:5b:60:66:31:cc:10:82:17:9a:d0:7a:2e:79:7f:a7:0f:b0:
26:9f:fc:8d:c9:c4:8b:6b:63:71:e7:49:89:30:33:fe:04:06:
22:1f:90:7a:5c:b7:84:18:11:94:df:37:07:e2:7f:0a:cb:4a:
66:fc:4d:24:56:6a:1f:54:3d:55:11:c7:cc:a8:8b:b5:63:0a:
b2:ab:54:ca
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIULveHWn8tfC6xxHJIHZJl8cny1vowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMTEyMzU2NTlaFw0yNjAyMTEwMDAxNTlaMDMxMTAvBgNV
BAMTKDFENjRGNzlBNzkyM0M3NTA4MEMwQTI4MDE0RTVDQkRCQzNGMTBBREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmg4TWZb8OipMFXegE7/44q7ma
WE9HLgGgIL/2gaUfqo0V2rclrLWbtL9JAdyjb31S/AcFVDUXXRykTd3HteWjhBou
nWPIPvN+VGnV0/GMDv5ybpcvQjC4qa8jZNFDPvACRSgHNRNXrE0Gk716wRO0syd2
mMUiL9Y3H+Q+eYn3Ajx/7Om/PqHgwV630cwF8BWtKLju5yp3es/NY1ngQ+fpT9oB
83imp5v1g6Ey/vMbpNS4JN71MhVl5EsIcgIUHXiGdXAx82eu3f6oy9Z6kDmuIu0b
GRmOBYbXlEQspGYnJtFGqVPkSehX86IjtQZwS1CCBl0FkShGS3ZHNf4wx7olAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUHWT3mnkjx1CAwKKAFOXL28PxCt8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALsti
AwQALsvLMA0GCSqGSIb3DQEBCwUAA4IBAQAONMZoSMP91wHcJLg06m03NHjFQbBj
5nZ7g04cP0q6v0Z+gbU0cj1ETguHOO4/ICXn7LX1dUIr3Od6tEDMCDmImSzoqOwa
Dop9d/Z0np18TFEE9NyPP5BsEIP81UsA10we12eLXjSgHjdjAaTC7MgceJ9MGLBT
BFr2IQqbGl26I/SLh8/VsKnC5Ok5pK5D0OG45UDzfIdKu3fnmc+vvDz6BpyVm5HP
CcSN6NqWihuUc3NaLdsJW2BmMcwQghea0HoueX+nD7Amn/yNycSLa2Nx50mJMDP+
BAYiH5B6XLeEGBGU3zcH4n8Ky0pm/E0kVmofVD1VEcfMqIu1Ywqyq1TK
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:30:43 2025 by rpki-client