Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214481.roa
File: AS214481.roa (raw, json)
Hash identifier: ME3VdxN13alruNnSq43RsQVn6PBOr/65UtTQxRFlhJs=
Subject key identifier: A7:83:5D:1B:8B:60:DC:A4:E9:C3:95:33:40:84:6C:A8:05:47:60:49
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 52D23AA35646E2253D706F78F2E9D02063CC263B
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214481.roa
Signing time: Tue 13 Aug 2024 00:58:58 +0000
ROA not before: Tue 13 Aug 2024 00:53:58 +0000
ROA not after: Tue 12 Aug 2025 00:58:58 +0000
asID: 214481
IP address blocks: 2a0f:85c1:840::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:d2:3a:a3:56:46:e2:25:3d:70:6f:78:f2:e9:d0:20:63:cc:26:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Aug 13 00:53:58 2024 GMT
Not After : Aug 12 00:58:58 2025 GMT
Subject: CN=A7835D1B8B60DCA4E9C3953340846CA805476049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:5f:47:c3:1b:50:2d:53:3f:72:da:c2:1f:fe:
54:23:e9:e4:45:a2:c6:25:b4:cd:00:cf:30:68:98:
99:b8:de:1c:d5:f4:b2:d1:51:69:1d:3f:65:4c:ad:
9d:54:8f:e2:4e:df:6b:33:fa:1e:5e:da:19:d2:2e:
7b:f8:cc:a1:56:f8:f7:e7:0c:e2:7d:59:6d:c1:a1:
b7:68:a4:4d:5b:80:9f:e7:ed:6e:8d:e0:21:fd:f7:
5e:cd:54:28:67:be:56:dd:1c:8c:a5:50:e7:37:fe:
89:0a:8c:84:f3:82:5b:1c:05:56:7c:5f:8d:e9:fa:
e2:bc:32:f6:04:33:b3:9f:61:c2:8f:6b:9e:b0:c0:
1b:a1:c3:2b:0e:de:0c:25:be:96:db:f0:3e:b3:77:
da:a6:05:c0:a1:70:4e:50:11:f9:1c:dc:95:a4:0a:
bb:54:e5:12:44:a0:d0:69:f3:51:f3:12:1c:94:5d:
59:88:60:6e:ee:60:5d:c3:00:27:62:43:2d:97:e9:
6f:a8:6b:46:ab:40:8a:c9:b1:fb:7c:9c:6c:15:7a:
27:de:02:4d:eb:02:49:96:37:1e:b3:da:bb:e2:32:
f2:f4:68:12:c2:3b:78:63:6d:39:7d:7b:07:03:e2:
c2:18:7b:5c:be:73:7d:62:06:19:a1:cf:00:ea:03:
55:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:83:5D:1B:8B:60:DC:A4:E9:C3:95:33:40:84:6C:A8:05:47:60:49
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214481.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:840::/48
Signature Algorithm: sha256WithRSAEncryption
22:ee:c1:c8:29:2f:c9:86:12:92:84:b8:89:98:39:80:1c:4f:
4a:cd:75:09:11:a8:0c:05:1d:3f:15:30:c1:ab:4d:18:dd:f0:
fd:0f:91:cd:d8:d3:43:be:d7:00:cd:92:6c:1e:62:15:c3:67:
1c:0c:eb:ed:9f:fd:8d:2a:37:a6:02:e0:a8:c9:45:73:5a:62:
64:6a:10:93:75:89:08:75:86:51:c0:2b:93:5b:dd:7c:c2:1f:
9c:b9:27:34:e7:2a:75:4d:83:d0:d7:b3:3b:22:fe:53:49:c0:
73:fe:ff:d7:a0:72:44:dd:fc:54:bb:87:fb:d0:74:a5:bb:b6:
58:cb:ce:3c:58:86:5c:d7:19:25:12:60:7b:70:76:73:3f:25:
a0:26:0b:de:a7:86:05:15:6f:60:82:70:8d:ec:2c:7e:d0:30:
e7:a8:2a:39:c9:e8:59:fa:ca:99:3e:40:b7:6b:05:cb:10:f3:
be:71:ee:04:29:16:0c:0a:a1:82:dc:f1:6b:8f:fc:99:42:f0:
63:99:0e:af:9b:25:70:b3:dd:09:45:b3:b1:38:93:b7:a4:92:
63:3b:ec:fd:2e:66:27:45:e8:65:79:3c:90:8a:73:c2:c1:39:
e7:d7:59:3d:fb:99:94:0b:ba:c6:68:60:06:0f:bd:1b:a7:de:
b6:35:61:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUUtI6o1ZG4iU9cG948unQIGPMJjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA4MTMwMDUzNThaFw0yNTA4MTIwMDU4NThaMDMxMTAvBgNV
BAMTKEE3ODM1RDFCOEI2MERDQTRFOUMzOTUzMzQwODQ2Q0E4MDU0NzYwNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeX0fDG1AtUz9y2sIf/lQj6eRF
osYltM0AzzBomJm43hzV9LLRUWkdP2VMrZ1Uj+JO32sz+h5e2hnSLnv4zKFW+Pfn
DOJ9WW3BobdopE1bgJ/n7W6N4CH9917NVChnvlbdHIylUOc3/okKjITzglscBVZ8
X43p+uK8MvYEM7OfYcKPa56wwBuhwysO3gwlvpbb8D6zd9qmBcChcE5QEfkc3JWk
CrtU5RJEoNBp81HzEhyUXVmIYG7uYF3DACdiQy2X6W+oa0arQIrJsft8nGwVeife
Ak3rAkmWNx6z2rviMvL0aBLCO3hjbTl9ewcD4sIYe1y+c31iBhmhzwDqA1VRAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUp4NdG4tg3KTpw5UzQIRsqAVHYEkwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NDgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQhAMA0GCSqGSIb3DQEBCwUAA4IBAQAi7sHIKS/JhhKShLiJmDmAHE9KzXUJEagM
BR0/FTDBq00Y3fD9D5HN2NNDvtcAzZJsHmIVw2ccDOvtn/2NKjemAuCoyUVzWmJk
ahCTdYkIdYZRwCuTW918wh+cuSc05yp1TYPQ17M7Iv5TScBz/v/XoHJE3fxUu4f7
0HSlu7ZYy848WIZc1xklEmB7cHZzPyWgJgvep4YFFW9ggnCN7Cx+0DDnqCo5yehZ
+sqZPkC3awXLEPO+ce4EKRYMCqGC3PFrj/yZQvBjmQ6vmyVws90JRbOxOJO3pJJj
O+z9LmYnRehleTyQinPCwTnn11k9+5mUC7rGaGAGD70bp962NWHr
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org