Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214561.roa
File: AS214561.roa (raw, json)
Hash identifier: ALcn6t5dLgbyJ7qeoMV63I9u1SLRa1omfy3umG3hYdE=
Subject key identifier: 06:73:88:51:2B:C4:AF:A0:C4:77:E4:24:C9:F6:86:A0:46:DE:DC:02
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 10DA1758E07E520070CDF4E7D08AC661C58B6E3B
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214561.roa
Signing time: Sat 27 Jul 2024 09:08:10 +0000
ROA not before: Sat 27 Jul 2024 09:03:10 +0000
ROA not after: Sat 26 Jul 2025 09:08:10 +0000
asID: 214561
IP address blocks: 2a0f:85c1:830::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:da:17:58:e0:7e:52:00:70:cd:f4:e7:d0:8a:c6:61:c5:8b:6e:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 27 09:03:10 2024 GMT
Not After : Jul 26 09:08:10 2025 GMT
Subject: CN=067388512BC4AFA0C477E424C9F686A046DEDC02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:cf:49:ca:9b:1a:07:cb:05:57:bd:f1:2f:
a1:74:4c:ad:e2:5f:29:df:fb:97:be:30:b2:26:2d:
e4:5d:7e:74:a8:b8:e8:65:88:b3:46:ec:6c:56:8e:
e0:37:ee:dd:48:bc:de:00:6a:e7:19:52:28:1f:ff:
ee:09:39:3b:50:47:14:f5:b6:a1:60:84:e6:3d:28:
b2:76:b3:01:c3:36:3f:89:43:e8:38:c5:5d:3c:47:
89:5b:b9:54:d4:d8:af:37:ee:83:13:89:8e:10:a4:
39:f8:86:91:2e:12:2a:cf:fa:fa:9e:bf:51:f6:18:
ef:30:a3:8e:8b:d2:a5:f3:98:8b:1e:69:0c:f8:61:
71:94:87:ea:0f:27:77:c7:b7:21:57:c2:6d:d5:86:
bc:e5:38:9c:d9:87:34:72:f9:2f:18:a4:ca:1f:22:
90:a0:3f:85:cc:1a:21:cc:d5:97:cc:68:e0:4a:8b:
f4:79:a4:d2:ff:63:9b:61:99:59:0d:24:b8:d7:75:
1a:1b:5f:f5:2e:f5:69:d5:00:4c:ce:af:a0:c7:ec:
f8:35:d1:7d:cd:bc:3d:34:41:8b:f6:4b:5a:ed:d8:
0c:da:64:82:10:8f:be:f4:bc:ec:5a:4d:d8:c6:b8:
8c:3c:31:df:d9:c2:8a:99:df:79:76:52:3b:a6:2d:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:73:88:51:2B:C4:AF:A0:C4:77:E4:24:C9:F6:86:A0:46:DE:DC:02
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214561.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:830::/48
Signature Algorithm: sha256WithRSAEncryption
b8:eb:2b:0f:6b:8f:8c:93:80:3c:7c:f1:27:d3:52:91:3c:43:
87:12:39:43:40:1b:68:08:0f:a0:eb:ca:c2:c3:fa:15:99:0d:
7e:7b:df:76:3c:ef:47:93:e9:f3:85:6b:82:c5:51:aa:47:13:
7e:93:6f:ef:33:59:dd:d7:13:91:90:26:7d:65:0a:84:58:c1:
b8:8c:57:a2:31:50:b9:b5:3b:10:11:44:19:52:13:63:1a:c5:
59:ba:cb:b1:e8:cd:14:81:8b:70:a5:48:4e:43:03:c4:fe:88:
79:3c:31:5f:40:2f:94:0c:06:33:35:e4:b9:d3:1d:c8:f4:1c:
98:44:65:4e:f0:8e:0b:37:77:4e:e1:61:a6:31:62:f9:e2:8f:
20:f5:a1:84:58:62:7b:98:4e:a0:8a:bd:6f:22:79:5e:c9:b9:
58:8d:04:51:3f:b5:f6:d3:28:12:09:4a:86:9e:e0:69:49:6c:
e9:1b:eb:c3:0f:26:1d:d2:33:9a:79:2d:ec:77:45:b6:36:b0:
81:52:6f:03:c3:a1:c9:01:d1:ed:2b:fb:f2:3a:01:00:91:22:
73:8e:7a:88:d6:66:45:a9:cc:ff:15:1b:ea:f8:18:0a:c9:c6:
fc:3c:8a:90:7a:81:fa:ea:6e:ba:f8:1a:58:0c:ba:54:20:88:
96:ad:1e:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUENoXWOB+UgBwzfTn0IrGYcWLbjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MjcwOTAzMTBaFw0yNTA3MjYwOTA4MTBaMDMxMTAvBgNV
BAMTKDA2NzM4ODUxMkJDNEFGQTBDNDc3RTQyNEM5RjY4NkEwNDZERURDMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCC89JypsaB8sFV73xL6F0TK3i
Xynf+5e+MLImLeRdfnSouOhliLNG7GxWjuA37t1IvN4AaucZUigf/+4JOTtQRxT1
tqFghOY9KLJ2swHDNj+JQ+g4xV08R4lbuVTU2K837oMTiY4QpDn4hpEuEirP+vqe
v1H2GO8wo46L0qXzmIseaQz4YXGUh+oPJ3fHtyFXwm3VhrzlOJzZhzRy+S8YpMof
IpCgP4XMGiHM1ZfMaOBKi/R5pNL/Y5thmVkNJLjXdRobX/Uu9WnVAEzOr6DH7Pg1
0X3NvD00QYv2S1rt2AzaZIIQj770vOxaTdjGuIw8Md/ZwoqZ33l2UjumLZF1AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUBnOIUSvEr6DEd+QkyfaGoEbe3AIwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NTYxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgwMA0GCSqGSIb3DQEBCwUAA4IBAQC46ysPa4+Mk4A8fPEn01KRPEOHEjlDQBto
CA+g68rCw/oVmQ1+e992PO9Hk+nzhWuCxVGqRxN+k2/vM1nd1xORkCZ9ZQqEWMG4
jFeiMVC5tTsQEUQZUhNjGsVZusux6M0UgYtwpUhOQwPE/oh5PDFfQC+UDAYzNeS5
0x3I9ByYRGVO8I4LN3dO4WGmMWL54o8g9aGEWGJ7mE6gir1vInleyblYjQRRP7X2
0ygSCUqGnuBpSWzpG+vDDyYd0jOaeS3sd0W2NrCBUm8Dw6HJAdHtK/vyOgEAkSJz
jnqI1mZFqcz/FRvq+BgKycb8PIqQeoH66m66+BpYDLpUIIiWrR7q
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:46:24 2025 by rpki-client