Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214522.roa
File: AS214522.roa (raw, json)
Hash identifier: /bfRdm06cCATtGvXhk8OVlrop6dhw8jLM+TzRmo+GZ0=
Subject key identifier: 20:99:11:2D:64:FF:A3:BA:C0:65:57:95:E5:B2:4B:6B:63:84:1F:1E
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 3C02A83B627DF97609B224B0282F14630116371C
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214522.roa
Signing time: Wed 17 Jul 2024 19:42:14 +0000
ROA not before: Wed 17 Jul 2024 19:37:14 +0000
ROA not after: Wed 16 Jul 2025 19:42:14 +0000
asID: 214522
IP address blocks: 2a0f:85c1:3f4::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:02:a8:3b:62:7d:f9:76:09:b2:24:b0:28:2f:14:63:01:16:37:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 17 19:37:14 2024 GMT
Not After : Jul 16 19:42:14 2025 GMT
Subject: CN=2099112D64FFA3BAC0655795E5B24B6B63841F1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:8b:e4:ca:56:dc:34:73:f8:b9:23:b0:c8:56:
7c:e3:0c:9a:6e:fc:68:df:db:ef:68:96:fe:7f:a7:
7d:f3:77:d8:59:11:65:b6:51:d0:cd:a7:a0:72:6a:
15:46:14:53:0b:65:53:be:62:b7:16:63:d0:21:14:
18:8f:31:92:9f:56:c4:d3:a9:d6:95:56:12:4b:52:
e9:28:17:3c:3d:c2:8c:5d:86:d5:52:d6:b8:f0:26:
86:e6:cc:20:3d:1b:e0:93:18:0f:88:c3:86:fc:1c:
a1:7e:8f:47:32:8e:0d:d1:ec:52:71:f8:f7:db:ff:
99:90:04:96:fa:a7:66:32:83:b8:53:73:e6:c4:f7:
97:31:2d:e3:95:07:8c:22:a0:08:8f:6a:3e:39:86:
92:cc:43:69:81:f3:cb:99:63:10:66:61:ee:0f:ed:
47:d9:65:99:b7:e3:9b:4c:69:2c:d6:81:ae:e9:3a:
0e:a3:ff:37:0f:38:f3:7a:44:eb:87:84:28:c7:13:
66:d4:32:9b:5e:eb:b0:9a:84:9f:f9:eb:3d:1f:3a:
96:f4:18:e3:4a:e0:b4:ec:a3:67:be:f1:05:78:1a:
1b:06:9c:05:ec:2a:19:17:ef:43:f4:57:33:cf:bd:
f7:c1:93:f5:28:97:ea:0f:d2:f9:40:45:67:62:34:
78:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:99:11:2D:64:FF:A3:BA:C0:65:57:95:E5:B2:4B:6B:63:84:1F:1E
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214522.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3f4::/48
Signature Algorithm: sha256WithRSAEncryption
00:07:bd:73:25:cd:68:25:05:3d:fd:b4:c4:07:2f:bf:4b:52:
cb:ca:c7:40:87:f7:9a:ce:2d:48:4b:a0:6a:0c:d0:c6:06:ee:
73:b7:4c:35:2a:1a:03:5a:25:8e:fb:8e:e2:12:cd:3f:62:df:
d4:f5:69:47:eb:ab:be:e5:83:8c:72:8d:83:dc:25:9e:e5:13:
fb:38:c8:00:e5:df:4e:be:02:5c:2f:e9:65:eb:e2:fa:4e:d5:
2c:3d:36:af:ef:a1:6d:f3:7a:e1:3b:0f:16:fd:01:69:22:bf:
72:f7:24:d0:d1:0a:84:25:cb:e3:c6:7c:d0:86:3a:4f:fa:1e:
1b:62:f8:33:52:40:3c:e2:3f:4f:c8:cb:ba:9c:8e:61:89:d7:
e5:2f:bc:f9:aa:b9:26:f8:23:d9:ae:a0:4f:ba:a1:18:1e:d6:
d6:88:5a:18:98:81:cf:cf:e0:e2:46:d5:4e:aa:e7:d8:5c:ab:
de:74:32:c4:a5:b6:7a:91:be:9e:47:f7:c6:9e:2a:c0:79:c5:
19:6b:96:03:2e:bb:cf:a1:ab:09:7e:12:5c:8c:93:78:4f:76:
9e:64:6e:16:4d:d5:1b:1c:09:1c:bb:54:46:c0:63:bf:c5:b2:
04:d8:0c:54:7a:e6:7a:e7:bc:44:fb:90:f5:44:72:95:9c:53:
ab:16:7b:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUPAKoO2J9+XYJsiSwKC8UYwEWNxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MTcxOTM3MTRaFw0yNTA3MTYxOTQyMTRaMDMxMTAvBgNV
BAMTKDIwOTkxMTJENjRGRkEzQkFDMDY1NTc5NUU1QjI0QjZCNjM4NDFGMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWi+TKVtw0c/i5I7DIVnzjDJpu
/Gjf2+9olv5/p33zd9hZEWW2UdDNp6ByahVGFFMLZVO+YrcWY9AhFBiPMZKfVsTT
qdaVVhJLUukoFzw9woxdhtVS1rjwJobmzCA9G+CTGA+Iw4b8HKF+j0cyjg3R7FJx
+Pfb/5mQBJb6p2Yyg7hTc+bE95cxLeOVB4wioAiPaj45hpLMQ2mB88uZYxBmYe4P
7UfZZZm345tMaSzWga7pOg6j/zcPOPN6ROuHhCjHE2bUMpte67CahJ/56z0fOpb0
GONK4LTso2e+8QV4GhsGnAXsKhkX70P0VzPPvffBk/Uol+oP0vlARWdiNHglAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUIJkRLWT/o7rAZVeV5bJLa2OEHx4wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NTIyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQP0MA0GCSqGSIb3DQEBCwUAA4IBAQAAB71zJc1oJQU9/bTEBy+/S1LLysdAh/ea
zi1IS6BqDNDGBu5zt0w1KhoDWiWO+47iEs0/Yt/U9WlH66u+5YOMco2D3CWe5RP7
OMgA5d9OvgJcL+ll6+L6TtUsPTav76Ft83rhOw8W/QFpIr9y9yTQ0QqEJcvjxnzQ
hjpP+h4bYvgzUkA84j9PyMu6nI5hidflL7z5qrkm+CPZrqBPuqEYHtbWiFoYmIHP
z+DiRtVOqufYXKvedDLEpbZ6kb6eR/fGnirAecUZa5YDLrvPoasJfhJcjJN4T3ae
ZG4WTdUbHAkcu1RGwGO/xbIE2AxUeuZ657xE+5D1RHKVnFOrFnt/
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org