Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214340.roa
File: AS214340.roa (raw, json)
Hash identifier: BrdGHfcu01fzqmFxxuT3HIq/xnu3v/pQhc/aABYM8LE=
Subject key identifier: 94:B5:E8:BF:0E:18:49:9F:16:A0:26:FD:6E:F2:95:28:5A:A0:8A:1E
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 5BDFB429D1C28CEA9C09EE640ECA6978B67E79F7
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214340.roa
Signing time: Mon 19 Aug 2024 15:40:24 +0000
ROA not before: Mon 19 Aug 2024 15:35:24 +0000
ROA not after: Mon 18 Aug 2025 15:40:24 +0000
asID: 214340
IP address blocks: 2a0f:85c1:889::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:df:b4:29:d1:c2:8c:ea:9c:09:ee:64:0e:ca:69:78:b6:7e:79:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Aug 19 15:35:24 2024 GMT
Not After : Aug 18 15:40:24 2025 GMT
Subject: CN=94B5E8BF0E18499F16A026FD6EF295285AA08A1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:29:fe:3d:13:4a:71:e9:fc:a7:12:df:54:20:
25:b3:72:92:85:1f:ae:eb:76:f4:86:57:6f:d1:57:
9a:a7:84:66:e4:db:36:37:93:97:0a:0e:24:ff:07:
ad:0b:6f:cb:bf:7b:be:1c:83:5d:dd:ca:7b:f8:60:
58:8a:fe:22:16:c3:0a:b8:b2:05:6b:1a:52:96:94:
96:10:32:3d:0d:cd:04:16:c3:8b:d1:b8:8b:7b:ed:
45:3c:e4:27:3d:a2:1a:02:1c:5e:07:68:1e:03:8d:
09:88:2b:32:3f:0b:5f:19:f5:e9:d5:0c:05:a7:d5:
a1:1e:60:7e:e8:f4:cc:1e:f0:7f:13:7e:dd:0f:02:
45:77:03:6d:f7:83:92:42:28:83:43:7d:93:0c:5f:
ca:aa:e9:e5:54:85:cb:b5:c0:3b:43:e5:0d:65:58:
f7:bf:9f:3f:ee:89:98:8e:ec:15:da:d7:10:e9:44:
e9:e9:f8:58:08:d2:80:7a:1c:88:1e:64:b5:40:df:
09:f3:92:52:1c:cc:2d:83:38:c1:e1:c4:23:27:2d:
b5:b0:6a:d9:db:d6:65:ea:87:6f:5d:2c:ee:eb:2e:
98:d5:a8:a4:af:c4:47:eb:12:ed:cd:ec:6b:2a:52:
d5:39:15:df:bd:51:57:cc:7c:18:51:fe:56:e4:a9:
02:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B5:E8:BF:0E:18:49:9F:16:A0:26:FD:6E:F2:95:28:5A:A0:8A:1E
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214340.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:889::/48
Signature Algorithm: sha256WithRSAEncryption
48:a5:8e:82:3b:cb:39:2f:c6:68:94:af:ef:22:28:5c:f2:3a:
43:35:9e:97:2c:fc:65:fb:e8:dc:8d:f4:b6:6d:5d:f1:c3:e9:
88:60:60:70:e3:fe:8a:b0:ca:1d:aa:03:dd:04:33:50:2d:35:
68:62:d0:41:c7:aa:9a:b3:33:18:fa:df:6e:3e:22:07:a4:0d:
51:6e:74:7f:78:ae:94:a3:b2:63:b9:35:87:b9:87:8d:60:cd:
95:3a:de:c6:bc:30:22:c3:40:c3:d6:83:bf:06:0e:b9:fb:c7:
5e:e4:d4:47:b5:93:a5:ac:5e:51:a5:96:36:cf:67:95:de:ab:
4b:b4:8b:42:55:dc:ac:27:1d:9d:3e:32:fb:3b:96:42:3f:61:
ec:84:43:a4:9c:d3:1c:c6:88:89:e7:21:83:c9:63:2f:46:2a:
af:df:bd:52:87:5c:1c:0d:e7:78:6d:2e:b2:8e:ba:4d:ea:50:
ea:1d:49:e9:a6:b3:90:a0:15:5e:d2:63:0b:26:59:cb:c4:27:
8c:10:8b:6c:69:1b:b4:16:4d:81:dc:4f:f4:85:48:29:77:2d:
e6:61:e8:ba:8b:fe:6b:b1:ff:65:b7:43:22:7e:2b:40:3e:7e:
30:7e:25:6d:8c:3b:c3:b3:53:24:4f:7d:7d:eb:b0:1f:c9:59:
73:66:02:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUW9+0KdHCjOqcCe5kDsppeLZ+efcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MTkxNTM1MjRaFw0yNTA4MTgxNTQwMjRaMDMxMTAvBgNV
BAMTKDk0QjVFOEJGMEUxODQ5OUYxNkEwMjZGRDZFRjI5NTI4NUFBMDhBMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYKf49E0px6fynEt9UICWzcpKF
H67rdvSGV2/RV5qnhGbk2zY3k5cKDiT/B60Lb8u/e74cg13dynv4YFiK/iIWwwq4
sgVrGlKWlJYQMj0NzQQWw4vRuIt77UU85Cc9ohoCHF4HaB4DjQmIKzI/C18Z9enV
DAWn1aEeYH7o9Mwe8H8Tft0PAkV3A233g5JCKINDfZMMX8qq6eVUhcu1wDtD5Q1l
WPe/nz/uiZiO7BXa1xDpROnp+FgI0oB6HIgeZLVA3wnzklIczC2DOMHhxCMnLbWw
atnb1mXqh29dLO7rLpjVqKSvxEfrEu3N7GsqUtU5Fd+9UVfMfBhR/lbkqQK3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUlLXovw4YSZ8WoCb9bvKVKFqgih4wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0MzQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQiJMA0GCSqGSIb3DQEBCwUAA4IBAQBIpY6CO8s5L8ZolK/vIihc8jpDNZ6XLPxl
++jcjfS2bV3xw+mIYGBw4/6KsModqgPdBDNQLTVoYtBBx6qaszMY+t9uPiIHpA1R
bnR/eK6Uo7JjuTWHuYeNYM2VOt7GvDAiw0DD1oO/Bg65+8de5NRHtZOlrF5RpZY2
z2eV3qtLtItCVdysJx2dPjL7O5ZCP2HshEOknNMcxoiJ5yGDyWMvRiqv371Sh1wc
Ded4bS6yjrpN6lDqHUnpprOQoBVe0mMLJlnLxCeMEItsaRu0Fk2B3E/0hUgpdy3m
Yei6i/5rsf9lt0MifitAPn4wfiVtjDvDs1MkT31967AfyVlzZgJ6
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org