Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214681.roa
File: AS214681.roa (raw, json)
Hash identifier: gx7m7G6ouZo7LKE4LP+OcK4jPQVSvjR0auOeW9w6vQw=
Subject key identifier: B3:94:4C:2A:73:8F:36:3C:0B:8A:A7:34:AB:16:2F:69:58:37:D5:FB
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 5E523F56CB4959B24714F4C73275A8CFD45C8A2D
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214681.roa
Signing time: Sun 23 Jun 2024 10:11:06 +0000
ROA not before: Sun 23 Jun 2024 10:06:06 +0000
ROA not after: Sun 22 Jun 2025 10:11:06 +0000
asID: 214681
IP address blocks: 2a0f:85c1:81e::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:52:3f:56:cb:49:59:b2:47:14:f4:c7:32:75:a8:cf:d4:5c:8a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jun 23 10:06:06 2024 GMT
Not After : Jun 22 10:11:06 2025 GMT
Subject: CN=B3944C2A738F363C0B8AA734AB162F695837D5FB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:28:3c:a1:1c:94:68:b2:04:15:c1:14:91:f5:
60:df:8a:b2:c6:fa:de:b2:d8:71:55:a1:e3:22:f6:
9b:27:24:5c:5c:5c:58:23:99:30:32:01:1b:78:80:
0b:55:47:8d:81:5a:f7:a7:e0:b9:6b:6a:38:5b:fb:
6d:5a:9a:1a:67:46:cb:b9:4b:5b:03:20:28:b3:d0:
b6:7d:76:b7:9a:cc:98:12:46:8c:d6:92:a6:8a:e8:
b4:4b:aa:2a:88:4c:a7:ea:76:19:bc:a0:4d:63:ac:
3e:5a:3b:f2:b8:5e:39:09:2b:df:8f:84:68:ff:e4:
51:50:65:30:a5:1e:56:d8:f3:e7:85:cf:78:64:77:
b0:26:50:91:54:97:6e:2c:7b:a2:e3:84:76:42:89:
38:c3:31:6f:60:4e:27:38:05:88:ee:f0:19:7d:75:
de:5d:0b:e6:05:46:73:97:ca:46:9d:a8:81:e9:99:
af:52:55:3f:fb:1a:92:d1:1b:db:61:5a:e4:e2:27:
0a:ca:ae:b8:2f:a3:0f:d3:1a:e4:38:a0:9b:45:ad:
fb:94:68:67:69:6b:9d:1d:0a:2e:1c:65:db:65:56:
b9:b9:20:e4:27:e1:2e:09:0a:b4:71:41:aa:e0:16:
7c:e2:4d:83:0b:42:70:74:ab:0a:42:29:e7:21:75:
bc:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:94:4C:2A:73:8F:36:3C:0B:8A:A7:34:AB:16:2F:69:58:37:D5:FB
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214681.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:81e::/48
Signature Algorithm: sha256WithRSAEncryption
0d:59:06:f3:f9:1c:95:f2:a2:e0:08:f7:3e:d7:44:d1:e0:d0:
e2:35:a1:8b:70:55:d9:c6:d7:24:ac:00:74:32:f6:78:d6:72:
99:41:50:54:58:f8:57:b5:76:57:dd:d1:79:a6:aa:8c:43:ba:
7e:69:1b:a3:c4:3f:05:2b:dc:41:d3:fb:21:48:6c:52:52:c6:
e2:cf:25:48:87:96:4a:7a:5d:3f:10:e5:bd:65:28:2f:56:61:
22:10:9c:35:8c:05:cc:25:6d:5f:bb:31:52:3e:dd:a8:2a:b2:
91:2a:9c:c3:18:64:f4:6e:8f:07:20:3a:ac:81:4c:ab:1e:60:
22:eb:03:92:55:a1:49:f5:7f:aa:da:72:ca:b6:96:a8:ad:fa:
94:b9:a6:d7:ed:0a:39:59:f6:45:4f:ff:2b:33:c7:cf:24:b7:
49:b2:6e:c5:16:59:d4:1e:88:70:b5:99:3d:83:fd:98:ae:0b:
10:43:46:71:02:32:f4:fc:71:24:ec:7c:0e:66:e1:31:6a:af:
1d:38:4f:28:f0:62:57:e6:98:e1:d9:78:ef:6b:2b:57:9f:5e:
02:b2:a9:e3:53:a2:ce:a2:3b:a9:78:18:91:c6:d1:df:0a:90:
4d:ee:b9:8e:af:60:38:e3:07:b0:5b:97:49:41:dd:c9:c5:07:
bc:76:6b:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUXlI/VstJWbJHFPTHMnWoz9Rcii0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA2MjMxMDA2MDZaFw0yNTA2MjIxMDExMDZaMDMxMTAvBgNV
BAMTKEIzOTQ0QzJBNzM4RjM2M0MwQjhBQTczNEFCMTYyRjY5NTgzN0Q1RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlKDyhHJRosgQVwRSR9WDfirLG
+t6y2HFVoeMi9psnJFxcXFgjmTAyARt4gAtVR42BWven4Llrajhb+21amhpnRsu5
S1sDICiz0LZ9dreazJgSRozWkqaK6LRLqiqITKfqdhm8oE1jrD5aO/K4XjkJK9+P
hGj/5FFQZTClHlbY8+eFz3hkd7AmUJFUl24se6LjhHZCiTjDMW9gTic4BYju8Bl9
dd5dC+YFRnOXykadqIHpma9SVT/7GpLRG9thWuTiJwrKrrgvow/TGuQ4oJtFrfuU
aGdpa50dCi4cZdtlVrm5IOQn4S4JCrRxQargFnziTYMLQnB0qwpCKechdbz/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUs5RMKnOPNjwLiqc0qxYvaVg31fswHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NjgxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgeMA0GCSqGSIb3DQEBCwUAA4IBAQANWQbz+RyV8qLgCPc+10TR4NDiNaGLcFXZ
xtckrAB0MvZ41nKZQVBUWPhXtXZX3dF5pqqMQ7p+aRujxD8FK9xB0/shSGxSUsbi
zyVIh5ZKel0/EOW9ZSgvVmEiEJw1jAXMJW1fuzFSPt2oKrKRKpzDGGT0bo8HIDqs
gUyrHmAi6wOSVaFJ9X+q2nLKtpaorfqUuabX7Qo5WfZFT/8rM8fPJLdJsm7FFlnU
HohwtZk9g/2YrgsQQ0ZxAjL0/HEk7HwOZuExaq8dOE8o8GJX5pjh2XjvaytXn14C
sqnjU6LOojupeBiRxtHfCpBN7rmOr2A44wewW5dJQd3JxQe8dmuC
-----END CERTIFICATE-----
Generated at Fri Aug 23 12:55:04 2024 by rpki-client on console-ams.rpki-client.org