Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214451.roa
File: AS214451.roa (raw, json)
Hash identifier: yvOT+gAO6j9GUrp9Ls8G4YE/i1YxfTLTNcnFf8VQFXA=
Subject key identifier: 89:1C:70:B6:B5:6D:0F:9F:20:E6:2D:67:7E:21:54:CF:D3:AE:85:D0
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 3E8DE6056F0AE7DCB53583D2314E1F5312FF7F86
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214451.roa
Signing time: Tue 06 Aug 2024 03:24:55 +0000
ROA not before: Tue 06 Aug 2024 03:19:55 +0000
ROA not after: Tue 05 Aug 2025 03:24:55 +0000
asID: 214451
IP address blocks: 2a0f:85c1:846::/48 maxlen: 48
2a0f:85c1:870::/44 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:8d:e6:05:6f:0a:e7:dc:b5:35:83:d2:31:4e:1f:53:12:ff:7f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Aug 6 03:19:55 2024 GMT
Not After : Aug 5 03:24:55 2025 GMT
Subject: CN=891C70B6B56D0F9F20E62D677E2154CFD3AE85D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:12:9d:49:c3:cd:6d:da:85:3a:0e:7d:4a:23:
d9:8d:16:d7:b1:8c:de:95:85:3d:bf:ba:48:9d:3b:
51:f5:d4:ca:16:29:28:41:05:e7:34:da:ad:ba:62:
59:25:00:47:5f:51:02:06:91:73:bb:37:38:9d:d3:
fe:54:bb:2e:30:c0:a5:a5:03:36:ad:60:c2:10:6c:
fe:34:66:ab:de:94:de:e9:22:cb:bd:43:63:bd:a0:
a0:a7:05:c6:bc:5a:29:3a:1c:99:d3:2c:13:b4:c2:
70:1c:1e:cc:14:d5:3f:d6:6e:bb:ba:6f:be:4b:fb:
54:13:26:52:d6:f1:94:17:d9:2c:50:cd:be:0f:7a:
b2:d6:48:cb:50:11:cc:06:f3:c9:9c:9e:2a:ae:10:
50:f1:e9:0f:b8:ce:60:1e:c5:06:41:7d:c2:57:19:
01:a7:3f:c0:8a:56:8d:8b:f6:5f:33:f0:34:53:24:
be:d2:6b:98:27:fd:9e:b8:02:74:79:08:30:0a:27:
3f:81:76:b8:77:4f:e1:b8:12:78:be:7d:0e:f3:6c:
43:28:cf:eb:c0:c7:e2:6a:77:39:04:92:78:3e:ad:
81:67:a8:b5:ca:de:91:02:d9:81:81:32:4f:a5:48:
0b:c3:85:da:59:67:f0:4c:34:d6:16:aa:dc:d1:80:
69:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:1C:70:B6:B5:6D:0F:9F:20:E6:2D:67:7E:21:54:CF:D3:AE:85:D0
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214451.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:846::/48
2a0f:85c1:870::/44
Signature Algorithm: sha256WithRSAEncryption
b8:a9:10:50:13:50:10:ee:61:ed:6b:1c:6c:8d:c3:40:6d:27:
96:45:b8:f2:0f:ba:86:a7:75:23:60:e7:4d:bb:15:7b:69:91:
c7:26:3b:53:ad:c3:e3:7e:95:bc:b2:08:3e:df:2e:8a:42:19:
97:7a:70:0f:62:24:0b:84:b3:ce:11:9d:71:90:36:1d:55:a9:
f8:0d:c3:ca:80:1e:1f:65:a0:7b:b6:e8:be:5c:50:c3:23:85:
34:dd:ff:e5:fc:92:51:ae:25:f4:00:47:a7:86:8a:e3:1b:d5:
7a:ad:19:b4:24:b7:20:02:49:fb:74:79:91:7a:ab:ee:ef:c8:
7f:58:ef:8e:7c:07:56:6b:15:21:8d:17:86:b6:30:f7:91:63:
24:83:87:61:13:5a:e4:14:e5:38:64:27:cb:1a:37:a9:73:79:
dd:29:a8:60:8c:94:f5:bc:73:69:43:8d:9a:23:d4:d3:78:f5:
ce:af:3e:70:e2:7a:74:97:81:ed:28:be:72:7b:34:4c:e3:d3:
59:ac:34:29:55:50:49:a9:74:4d:7a:98:25:7d:c1:05:c6:af:
ac:75:04:92:80:a3:56:40:36:38:29:96:0b:d5:46:1d:50:15:
1a:33:74:f8:7f:3a:a2:ff:b8:64:eb:ea:1a:c4:6d:7b:29:b2:
f3:cf:e7:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUPo3mBW8K59y1NYPSMU4fUxL/f4YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MDYwMzE5NTVaFw0yNTA4MDUwMzI0NTVaMDMxMTAvBgNV
BAMTKDg5MUM3MEI2QjU2RDBGOUYyMEU2MkQ2NzdFMjE1NENGRDNBRTg1RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdEp1Jw81t2oU6Dn1KI9mNFtex
jN6VhT2/ukidO1H11MoWKShBBec02q26YlklAEdfUQIGkXO7Nzid0/5Uuy4wwKWl
AzatYMIQbP40ZqvelN7pIsu9Q2O9oKCnBca8Wik6HJnTLBO0wnAcHswU1T/Wbru6
b75L+1QTJlLW8ZQX2SxQzb4PerLWSMtQEcwG88mcniquEFDx6Q+4zmAexQZBfcJX
GQGnP8CKVo2L9l8z8DRTJL7Sa5gn/Z64AnR5CDAKJz+Bdrh3T+G4Eni+fQ7zbEMo
z+vAx+JqdzkEkng+rYFnqLXK3pEC2YGBMk+lSAvDhdpZZ/BMNNYWqtzRgGm9AgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQUiRxwtrVtD58g5i1nfiFUz9OuhdAwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NDUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F
wQhGAwcEKg+FwQhwMA0GCSqGSIb3DQEBCwUAA4IBAQC4qRBQE1AQ7mHtaxxsjcNA
bSeWRbjyD7qGp3UjYOdNuxV7aZHHJjtTrcPjfpW8sgg+3y6KQhmXenAPYiQLhLPO
EZ1xkDYdVan4DcPKgB4fZaB7tui+XFDDI4U03f/l/JJRriX0AEenhorjG9V6rRm0
JLcgAkn7dHmReqvu78h/WO+OfAdWaxUhjReGtjD3kWMkg4dhE1rkFOU4ZCfLGjep
c3ndKahgjJT1vHNpQ42aI9TTePXOrz5w4np0l4HtKL5yezRM49NZrDQpVVBJqXRN
epglfcEFxq+sdQSSgKNWQDY4KZYL1UYdUBUaM3T4fzqi/7hk6+oaxG17KbLzz+dI
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org