Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214641.roa
File: AS214641.roa (raw, json)
Hash identifier: WZWN4QWsKqhjXgnMtrV/2u9p7rAh9FaueCfjKA2ZYHU=
Subject key identifier: 6C:63:BF:96:63:13:65:7F:CA:40:98:02:C6:1E:44:8A:25:12:C7:8F
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 3B897FEE098F54F1385315894DB5EE5050DC320C
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214641.roa
Signing time: Sun 07 Jul 2024 11:23:45 +0000
ROA not before: Sun 07 Jul 2024 11:18:44 +0000
ROA not after: Sun 06 Jul 2025 11:23:44 +0000
asID: 214641
IP address blocks: 2a0f:85c1:827::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:89:7f:ee:09:8f:54:f1:38:53:15:89:4d:b5:ee:50:50:dc:32:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 7 11:18:44 2024 GMT
Not After : Jul 6 11:23:44 2025 GMT
Subject: CN=6C63BF966313657FCA409802C61E448A2512C78F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3c:ca:ab:b7:15:45:9f:76:c0:2a:ce:4d:2d:
ea:3e:93:1b:ed:df:11:f9:cd:e9:81:b2:d6:86:66:
8b:b3:d1:f4:fa:da:af:22:37:40:ff:33:15:81:43:
65:b9:0a:e8:fc:45:07:f7:79:40:cf:11:b2:fd:1b:
e7:e2:92:b7:6e:a8:11:d0:c7:28:18:e8:a9:a3:8a:
e8:ac:38:8d:1c:82:07:8e:f4:b8:88:1f:50:6b:81:
96:83:bf:67:e1:27:4e:e1:5b:bb:28:2e:bf:db:c9:
69:4b:6d:a2:00:0a:d4:c6:aa:92:2b:f1:94:c4:96:
56:9c:a3:49:91:0d:26:2a:57:cc:f7:c7:61:01:a0:
d5:e4:0a:70:d2:72:99:0b:1b:87:ca:a5:a0:ba:0f:
d3:f7:9f:58:5e:43:88:1a:d9:84:38:ce:bc:6f:64:
d5:29:17:54:8b:13:a7:08:b5:e2:2b:a8:01:b8:d9:
1b:05:38:93:91:84:67:d7:a8:ae:42:85:d4:46:5c:
d4:c5:4b:07:3b:12:a8:67:4e:e8:86:83:b7:2a:41:
8b:10:dd:71:e8:f0:17:f2:7f:15:4b:5a:0b:52:a6:
4d:8d:1f:e1:02:03:9b:8b:d6:b4:4d:4d:b2:2d:4d:
4e:11:6a:9d:a6:df:bc:95:60:98:94:56:ee:76:48:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:63:BF:96:63:13:65:7F:CA:40:98:02:C6:1E:44:8A:25:12:C7:8F
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:827::/48
Signature Algorithm: sha256WithRSAEncryption
28:6c:2b:56:e7:f5:50:36:b3:5b:36:96:1d:0a:37:b3:8a:7e:
ee:73:3c:b8:ab:43:b6:1c:9d:19:6e:d3:98:14:a1:5a:a4:f8:
08:62:3d:f5:e5:e7:bc:2f:03:35:6e:cc:cd:ab:b0:e6:b3:d3:
0f:c6:30:c9:fd:2d:18:2e:8d:b5:c8:30:51:54:e8:fa:c5:2a:
30:59:07:53:fb:40:ff:7e:d3:b1:bd:3a:dd:fd:4d:98:6b:3a:
b4:75:75:0b:63:c8:d6:55:60:20:8c:c4:50:86:0c:c5:0f:fa:
2c:81:7c:ac:b4:c9:e3:c0:b6:73:4f:ed:2d:85:5b:f4:92:59:
8b:98:e4:25:c5:a9:0e:e3:43:a8:84:14:2c:21:7e:f8:fc:fa:
28:d7:85:8e:5c:9c:b0:82:08:fb:ca:5f:d6:1b:3c:a5:a3:63:
f8:56:2f:10:17:15:ef:61:ea:86:5a:5f:be:f7:9b:43:e1:d8:
70:0d:a6:69:dc:54:ab:58:61:74:05:bd:ba:14:40:bf:3e:4a:
20:18:2b:b3:9b:92:77:94:a0:fd:b1:3d:ce:78:16:79:94:a7:
d5:ad:53:89:a6:91:b6:74:10:ab:be:3a:fd:b5:b9:c2:fb:ae:
c8:9c:97:0e:fd:02:4f:b9:1a:ce:8b:4e:f2:7e:0b:68:10:ee:
1c:1d:c0:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUO4l/7gmPVPE4UxWJTbXuUFDcMgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MDcxMTE4NDRaFw0yNTA3MDYxMTIzNDRaMDMxMTAvBgNV
BAMTKDZDNjNCRjk2NjMxMzY1N0ZDQTQwOTgwMkM2MUU0NDhBMjUxMkM3OEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGPMqrtxVFn3bAKs5NLeo+kxvt
3xH5zemBstaGZouz0fT62q8iN0D/MxWBQ2W5Cuj8RQf3eUDPEbL9G+fikrduqBHQ
xygY6KmjiuisOI0cggeO9LiIH1BrgZaDv2fhJ07hW7soLr/byWlLbaIACtTGqpIr
8ZTEllaco0mRDSYqV8z3x2EBoNXkCnDScpkLG4fKpaC6D9P3n1heQ4ga2YQ4zrxv
ZNUpF1SLE6cIteIrqAG42RsFOJORhGfXqK5ChdRGXNTFSwc7EqhnTuiGg7cqQYsQ
3XHo8BfyfxVLWgtSpk2NH+ECA5uL1rRNTbItTU4Rap2m37yVYJiUVu52SDW3AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbGO/lmMTZX/KQJgCxh5EiiUSx48wHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgnMA0GCSqGSIb3DQEBCwUAA4IBAQAobCtW5/VQNrNbNpYdCjezin7uczy4q0O2
HJ0ZbtOYFKFapPgIYj315ee8LwM1bszNq7Dms9MPxjDJ/S0YLo21yDBRVOj6xSow
WQdT+0D/ftOxvTrd/U2Yazq0dXULY8jWVWAgjMRQhgzFD/osgXystMnjwLZzT+0t
hVv0klmLmOQlxakO40OohBQsIX74/Poo14WOXJywggj7yl/WGzylo2P4Vi8QFxXv
YeqGWl++95tD4dhwDaZp3FSrWGF0Bb26FEC/PkogGCuzm5J3lKD9sT3OeBZ5lKfV
rVOJppG2dBCrvjr9tbnC+67InJcO/QJPuRrOi07yfgtoEO4cHcDH
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org