Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214376.roa
File: AS214376.roa (raw, json)
Hash identifier: OlIiKOaR7E4nP3dWCEH+s79h2667gTc1Rm5jeUL8YP0=
Subject key identifier: 4B:7E:95:DA:F9:D5:AC:42:E3:6E:5C:CD:A1:7E:16:9C:3B:30:D8:C4
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 451854D86DAE5A2A851C6F3DAA72E462003AF91F
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214376.roa
Signing time: Tue 13 Aug 2024 00:59:33 +0000
ROA not before: Tue 13 Aug 2024 00:54:33 +0000
ROA not after: Tue 12 Aug 2025 00:59:33 +0000
asID: 214376
IP address blocks: 2a0f:85c1:84f::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:18:54:d8:6d:ae:5a:2a:85:1c:6f:3d:aa:72:e4:62:00:3a:f9:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Aug 13 00:54:33 2024 GMT
Not After : Aug 12 00:59:33 2025 GMT
Subject: CN=4B7E95DAF9D5AC42E36E5CCDA17E169C3B30D8C4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:29:17:32:32:f7:f7:e9:4c:18:de:16:ca:ef:
23:73:0e:48:e7:7e:e6:20:89:24:3c:66:51:50:1e:
35:6f:6b:e4:c8:e4:4e:8d:9b:4a:bc:dd:41:f2:1d:
e5:45:e8:37:83:88:46:1e:b5:48:c8:33:7b:d1:4f:
67:91:2f:30:a0:ce:8d:dd:d3:86:97:65:f9:da:97:
9b:6d:ec:3b:4e:6a:2e:ac:b7:ca:7e:1d:82:64:4a:
a0:a4:19:67:a3:59:96:9d:7c:c4:bc:31:b4:23:79:
21:69:97:5c:40:14:6b:8f:4e:c6:70:a6:09:d6:c4:
e7:2a:81:2b:89:d8:7a:bb:34:81:56:2d:02:ab:28:
11:07:9a:fa:5e:48:20:3f:6a:5d:90:47:3e:5d:9b:
35:55:08:0e:a9:af:e4:5f:87:97:85:6c:30:81:4f:
ff:e7:77:bd:f8:3a:fb:df:c9:cc:43:83:8b:fb:0d:
ca:42:56:28:58:1a:49:07:f1:d3:81:e5:29:94:35:
52:23:f9:f6:d0:38:b7:bd:54:3e:47:7e:15:7c:e1:
ff:d2:b4:7b:18:cf:24:97:20:77:b8:f1:fc:83:e6:
94:f1:de:98:d5:4b:13:e9:98:a7:48:1f:f5:e5:d3:
60:c8:c2:dc:6f:7e:e0:a4:29:5c:22:5e:7c:df:40:
2c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7E:95:DA:F9:D5:AC:42:E3:6E:5C:CD:A1:7E:16:9C:3B:30:D8:C4
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214376.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:84f::/48
Signature Algorithm: sha256WithRSAEncryption
99:8e:f7:8b:4f:91:d5:4c:83:e9:de:27:a9:d2:5c:89:de:b6:
23:38:6b:ba:21:4c:97:9d:ec:0b:cb:6e:cb:2d:18:03:22:eb:
a9:85:74:30:f8:a4:77:eb:6f:d8:0c:1d:de:52:a4:a7:e8:8e:
72:dc:cc:69:4c:f2:e7:ab:97:d6:6a:c4:5e:36:f0:61:6d:5b:
1b:0c:26:f6:6a:1b:b0:9f:2d:19:0a:e7:2b:6f:49:ac:08:ee:
ab:76:61:df:15:b0:4e:82:4d:ae:c7:c7:24:d7:64:62:71:11:
5e:92:2b:78:34:f8:13:e6:b7:80:69:e0:29:d9:86:74:17:69:
3d:6f:79:a3:3e:5f:a2:dc:e7:29:a6:e1:ed:47:55:ea:eb:09:
99:2f:27:06:5f:d1:55:42:c8:85:c9:b2:7e:28:34:da:a6:7e:
cd:8b:de:9a:e3:33:de:99:a6:4b:16:ea:34:d6:1f:fe:08:a5:
32:dc:eb:c1:4f:a8:70:15:78:b7:80:37:45:22:f9:b1:67:68:
60:33:e4:04:96:9a:54:1b:fa:b0:95:d9:ff:c3:de:8c:60:67:
92:a0:d0:fc:25:a1:61:89:9a:ea:57:37:d3:ae:ac:fe:74:fc:
30:09:62:7d:ae:26:20:e4:1d:cf:13:90:54:4c:af:e4:a2:57:
c4:03:8a:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIURRhU2G2uWiqFHG89qnLkYgA6+R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MTMwMDU0MzNaFw0yNTA4MTIwMDU5MzNaMDMxMTAvBgNV
BAMTKDRCN0U5NURBRjlENUFDNDJFMzZFNUNDREExN0UxNjlDM0IzMEQ4QzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiKRcyMvf36UwY3hbK7yNzDkjn
fuYgiSQ8ZlFQHjVva+TI5E6Nm0q83UHyHeVF6DeDiEYetUjIM3vRT2eRLzCgzo3d
04aXZfnal5tt7DtOai6st8p+HYJkSqCkGWejWZadfMS8MbQjeSFpl1xAFGuPTsZw
pgnWxOcqgSuJ2Hq7NIFWLQKrKBEHmvpeSCA/al2QRz5dmzVVCA6pr+Rfh5eFbDCB
T//nd734OvvfycxDg4v7DcpCVihYGkkH8dOB5SmUNVIj+fbQOLe9VD5HfhV84f/S
tHsYzySXIHe48fyD5pTx3pjVSxPpmKdIH/Xl02DIwtxvfuCkKVwiXnzfQCydAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUS36V2vnVrELjblzNoX4WnDsw2MQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0Mzc2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQhPMA0GCSqGSIb3DQEBCwUAA4IBAQCZjveLT5HVTIPp3iep0lyJ3rYjOGu6IUyX
newLy27LLRgDIuuphXQw+KR362/YDB3eUqSn6I5y3MxpTPLnq5fWasReNvBhbVsb
DCb2ahuwny0ZCucrb0msCO6rdmHfFbBOgk2ux8ck12RicRFekit4NPgT5reAaeAp
2YZ0F2k9b3mjPl+i3OcppuHtR1Xq6wmZLycGX9FVQsiFybJ+KDTapn7Ni96a4zPe
maZLFuo01h/+CKUy3OvBT6hwFXi3gDdFIvmxZ2hgM+QElppUG/qwldn/w96MYGeS
oND8JaFhiZrqVzfTrqz+dPwwCWJ9riYg5B3PE5BUTK/kolfEA4qC
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org