Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214377.roa
File: AS214377.roa (raw, json)
Hash identifier: LFV8eAm8lGih4reDafTd01W+hT+XJokHlyzppradmH4=
Subject key identifier: 75:C1:01:47:4C:BD:45:89:66:4C:97:E9:D0:22:85:0A:5D:D6:99:A7
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 53856F87C1F46B8BE76CE6383F7367F23A277E98
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214377.roa
Signing time: Tue 13 Aug 2024 00:59:52 +0000
ROA not before: Tue 13 Aug 2024 00:54:52 +0000
ROA not after: Tue 12 Aug 2025 00:59:52 +0000
asID: 214377
IP address blocks: 2a0f:85c1:844::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:85:6f:87:c1:f4:6b:8b:e7:6c:e6:38:3f:73:67:f2:3a:27:7e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Aug 13 00:54:52 2024 GMT
Not After : Aug 12 00:59:52 2025 GMT
Subject: CN=75C101474CBD4589664C97E9D022850A5DD699A7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:75:89:9f:27:b0:ab:f0:01:91:7c:ef:f5:fd:
3b:bd:00:72:69:4f:63:41:17:19:80:77:d6:5f:1c:
16:bb:15:03:9f:05:a5:4f:3c:4c:d5:c4:62:24:69:
96:65:75:7c:b8:0d:da:65:50:50:1b:85:fd:a4:b2:
40:3c:94:4f:88:78:4b:50:e6:da:9e:5e:9b:af:06:
71:1d:cf:4a:0a:49:00:8f:fa:b5:d4:af:e0:5c:3a:
1a:25:4c:30:26:97:21:07:df:4a:0f:ee:00:31:6e:
73:dc:cf:26:4f:81:ca:c6:66:5d:e2:3c:74:51:bf:
54:f8:d8:f1:19:7e:88:f0:4d:c1:df:a7:37:3a:30:
10:04:f7:23:ea:9c:f2:6d:1c:5d:b5:67:39:ae:4b:
a2:d9:97:09:a1:7c:c4:52:87:c9:d5:c9:db:2f:87:
b6:33:bc:99:de:76:fc:f5:60:e7:22:00:74:7a:38:
98:a0:e5:d3:5b:55:1a:ff:34:75:7e:6e:ae:d4:09:
34:67:ba:1b:79:f3:8e:74:ec:db:0c:ae:89:cd:a6:
59:22:06:d3:76:a9:1f:fb:51:48:f1:49:1a:88:e7:
f1:bf:d9:1c:29:fa:20:e6:87:a4:3e:a9:ab:2d:57:
9b:52:09:22:09:01:91:18:36:30:45:14:70:e0:d8:
01:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C1:01:47:4C:BD:45:89:66:4C:97:E9:D0:22:85:0A:5D:D6:99:A7
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214377.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:844::/48
Signature Algorithm: sha256WithRSAEncryption
76:f8:e9:51:6d:aa:c6:45:e6:c7:aa:29:c1:54:45:67:5e:16:
53:c1:ef:a0:5e:be:e3:30:50:16:21:9c:af:93:ac:0a:68:c1:
49:82:71:ac:2e:59:11:86:c5:72:bb:9b:4f:65:5d:cb:fc:58:
39:46:dd:e7:66:d8:59:55:af:30:0a:15:a1:72:e4:0f:ea:84:
cc:03:a3:21:58:b0:b1:c2:45:36:15:e1:f0:a6:c8:26:0f:4a:
5b:ec:14:24:78:75:84:ff:d2:33:3c:40:e2:25:85:f7:9f:d6:
a3:25:5f:4c:cc:e5:ce:52:a6:04:81:f1:09:2c:f8:29:f7:44:
45:19:71:a9:8e:e2:a9:f7:2a:7f:f9:bf:f0:c9:86:ed:0e:7e:
cb:8d:8a:88:85:84:79:1e:a8:06:fb:a6:5d:59:91:6b:32:ea:
23:8e:ba:93:aa:93:2f:8d:f3:48:d7:3d:54:7e:fb:02:1e:ae:
68:0b:6f:3c:15:a3:48:a6:97:50:2f:08:8e:3a:0b:2e:4f:96:
92:c6:a7:46:b8:72:04:95:b3:6f:a8:73:75:e8:d0:1b:13:6e:
88:bf:7d:94:61:42:aa:5c:41:1a:2e:10:2a:f0:d6:78:90:11:
93:5a:4a:9d:77:fd:90:b0:ff:c0:82:f5:59:82:27:3c:27:7d:
3c:53:30:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUU4Vvh8H0a4vnbOY4P3Nn8jonfpgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MTMwMDU0NTJaFw0yNTA4MTIwMDU5NTJaMDMxMTAvBgNV
BAMTKDc1QzEwMTQ3NENCRDQ1ODk2NjRDOTdFOUQwMjI4NTBBNURENjk5QTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHdYmfJ7Cr8AGRfO/1/Tu9AHJp
T2NBFxmAd9ZfHBa7FQOfBaVPPEzVxGIkaZZldXy4DdplUFAbhf2kskA8lE+IeEtQ
5tqeXpuvBnEdz0oKSQCP+rXUr+BcOholTDAmlyEH30oP7gAxbnPczyZPgcrGZl3i
PHRRv1T42PEZfojwTcHfpzc6MBAE9yPqnPJtHF21ZzmuS6LZlwmhfMRSh8nVydsv
h7YzvJnedvz1YOciAHR6OJig5dNbVRr/NHV+bq7UCTRnuht584507NsMronNplki
BtN2qR/7UUjxSRqI5/G/2Rwp+iDmh6Q+qastV5tSCSIJAZEYNjBFFHDg2AFxAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUdcEBR0y9RYlmTJfp0CKFCl3WmacwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0Mzc3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQhEMA0GCSqGSIb3DQEBCwUAA4IBAQB2+OlRbarGRebHqinBVEVnXhZTwe+gXr7j
MFAWIZyvk6wKaMFJgnGsLlkRhsVyu5tPZV3L/Fg5Rt3nZthZVa8wChWhcuQP6oTM
A6MhWLCxwkU2FeHwpsgmD0pb7BQkeHWE/9IzPEDiJYX3n9ajJV9MzOXOUqYEgfEJ
LPgp90RFGXGpjuKp9yp/+b/wyYbtDn7LjYqIhYR5HqgG+6ZdWZFrMuojjrqTqpMv
jfNI1z1UfvsCHq5oC288FaNIppdQLwiOOgsuT5aSxqdGuHIElbNvqHN16NAbE26I
v32UYUKqXEEaLhAq8NZ4kBGTWkqdd/2QsP/AgvVZgic8J308UzBz
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org