Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214486.roa
File: AS214486.roa (raw, json)
Hash identifier: QlC7jDv5J6qF7ETvh3IrMKqSEZhqEAmwL+xd5cEtvY4=
Subject key identifier: DF:A5:2A:B5:6C:9F:2A:9B:BE:18:6D:D0:4A:71:22:C3:6F:EF:CA:D4
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 2FCAE6DC0387553A240770AC4EAEA8F61D5C5953
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214486.roa
Signing time: Tue 30 Jul 2024 02:02:30 +0000
ROA not before: Tue 30 Jul 2024 01:57:30 +0000
ROA not after: Tue 29 Jul 2025 02:02:30 +0000
asID: 214486
IP address blocks: 2a0f:85c1:83d::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:ca:e6:dc:03:87:55:3a:24:07:70:ac:4e:ae:a8:f6:1d:5c:59:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 30 01:57:30 2024 GMT
Not After : Jul 29 02:02:30 2025 GMT
Subject: CN=DFA52AB56C9F2A9BBE186DD04A7122C36FEFCAD4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:9f:be:e4:a0:73:ff:82:16:8b:65:8f:51:
c3:e0:18:d1:e1:68:08:fb:21:d4:29:7e:61:44:e7:
aa:35:39:17:9c:64:82:3d:5c:3d:4a:6e:e2:ad:00:
41:20:16:30:c1:8b:bf:0b:2b:68:f1:17:0e:02:d6:
5a:76:d5:fb:a5:ba:fa:0e:3f:7c:c3:8f:96:a2:a1:
2a:a9:9a:65:98:4e:0e:3e:e4:b2:14:10:f7:31:08:
81:d9:c9:64:98:53:fe:cd:a6:13:89:9d:35:17:2d:
66:3e:9f:e3:f9:4d:32:5a:e4:21:39:f8:98:15:60:
5e:9f:5c:40:a0:4e:92:c9:7e:f7:a2:20:2f:d7:a4:
c0:97:20:37:7d:8d:67:e4:e8:3b:0f:e4:a2:9a:70:
bd:ff:38:26:5e:73:09:ac:be:dc:25:7e:4d:67:e0:
ff:cb:36:83:1c:35:dd:2e:65:0d:95:3e:b8:fa:55:
02:d7:6c:25:ac:23:24:74:19:68:7b:e9:33:7d:ad:
78:4d:f5:e7:41:ea:2d:f7:ae:50:44:f4:8d:7d:a6:
b9:c2:c8:0e:8a:07:b7:fb:73:63:91:b2:5d:4b:00:
75:35:ad:64:96:ad:20:89:96:93:65:a5:fd:b6:76:
9a:9a:8f:1b:74:3e:d8:45:18:e6:08:19:10:35:2b:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:A5:2A:B5:6C:9F:2A:9B:BE:18:6D:D0:4A:71:22:C3:6F:EF:CA:D4
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:83d::/48
Signature Algorithm: sha256WithRSAEncryption
84:49:9a:c4:f8:03:93:67:81:70:6c:d6:72:dd:22:46:b4:07:
13:61:84:6f:84:fc:1c:0f:b5:24:33:f7:7d:b3:f9:2f:39:d8:
da:df:83:d1:e0:c3:eb:3c:34:24:ea:3c:95:21:d8:d3:ea:46:
6b:64:94:e0:f9:8a:17:18:40:ff:e9:23:ce:ad:24:ff:41:20:
c6:36:b6:ba:7c:34:a1:63:56:11:d1:a2:05:3c:80:54:76:a3:
27:d0:28:50:29:7e:0b:ec:b9:00:49:ae:97:e6:68:15:f8:92:
75:e3:c0:2f:75:bd:d6:2f:1a:61:d5:ac:a1:0e:f0:50:c8:19:
de:2e:08:d9:fa:0b:0a:bc:7c:db:4c:a7:d2:0f:12:62:9d:b1:
28:cd:7f:32:13:7e:47:39:ae:0d:16:1a:f9:50:7e:c0:37:7a:
fd:fe:76:83:13:dd:6e:00:44:14:b3:c8:48:a5:ca:6b:12:cd:
07:22:12:73:b0:26:37:b9:87:9d:65:e6:46:6d:f3:90:6f:50:
2e:30:7f:f3:a3:32:5e:fa:2b:1b:a1:43:71:20:43:b9:f4:d4:
e6:77:a5:7e:99:5b:f5:74:fb:cc:23:ad:0c:d5:e9:ae:7a:8f:
33:38:d3:64:cd:c2:b9:f8:4d:ff:f2:f0:1a:f8:54:73:02:8d:
d2:2f:da:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUL8rm3AOHVTokB3CsTq6o9h1cWVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MzAwMTU3MzBaFw0yNTA3MjkwMjAyMzBaMDMxMTAvBgNV
BAMTKERGQTUyQUI1NkM5RjJBOUJCRTE4NkREMDRBNzEyMkMzNkZFRkNBRDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC62p++5KBz/4IWi2WPUcPgGNHh
aAj7IdQpfmFE56o1ORecZII9XD1KbuKtAEEgFjDBi78LK2jxFw4C1lp21fuluvoO
P3zDj5aioSqpmmWYTg4+5LIUEPcxCIHZyWSYU/7NphOJnTUXLWY+n+P5TTJa5CE5
+JgVYF6fXECgTpLJfveiIC/XpMCXIDd9jWfk6DsP5KKacL3/OCZecwmsvtwlfk1n
4P/LNoMcNd0uZQ2VPrj6VQLXbCWsIyR0GWh76TN9rXhN9edB6i33rlBE9I19prnC
yA6KB7f7c2ORsl1LAHU1rWSWrSCJlpNlpf22dpqajxt0PthFGOYIGRA1K+P9AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU36UqtWyfKpu+GG3QSnEiw2/vytQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NDg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQg9MA0GCSqGSIb3DQEBCwUAA4IBAQCESZrE+AOTZ4FwbNZy3SJGtAcTYYRvhPwc
D7UkM/d9s/kvOdja34PR4MPrPDQk6jyVIdjT6kZrZJTg+YoXGED/6SPOrST/QSDG
Nra6fDShY1YR0aIFPIBUdqMn0ChQKX4L7LkASa6X5mgV+JJ148Avdb3WLxph1ayh
DvBQyBneLgjZ+gsKvHzbTKfSDxJinbEozX8yE35HOa4NFhr5UH7AN3r9/naDE91u
AEQUs8hIpcprEs0HIhJzsCY3uYedZeZGbfOQb1AuMH/zozJe+isboUNxIEO59NTm
d6V+mVv1dPvMI60M1emueo8zONNkzcK5+E3/8vAa+FRzAo3SL9oQ
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org