Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214751.roa
File: AS214751.roa (raw, json)
Hash identifier: n9AsYQoqpua+TxaihExD+qbHxxKyFCrUo3LqIj04VSQ=
Subject key identifier: D7:FC:84:67:35:0A:DB:BE:A0:5A:3F:F6:36:C7:A5:44:A8:26:91:D5
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 5AC67457961EB931F1EA71DDD3F162AA0C09798D
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214751.roa
Signing time: Tue 11 Jun 2024 00:17:34 +0000
ROA not before: Tue 11 Jun 2024 00:12:34 +0000
ROA not after: Tue 10 Jun 2025 00:17:34 +0000
asID: 214751
IP address blocks: 2a0f:85c1:813::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c6:74:57:96:1e:b9:31:f1:ea:71:dd:d3:f1:62:aa:0c:09:79:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jun 11 00:12:34 2024 GMT
Not After : Jun 10 00:17:34 2025 GMT
Subject: CN=D7FC8467350ADBBEA05A3FF636C7A544A82691D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:43:58:44:5a:bd:4a:31:7b:5d:0f:50:8a:3e:
2d:f3:c2:54:46:e6:76:de:c0:08:cc:5f:8c:4e:ba:
c3:c2:f3:92:e8:7b:63:84:0d:22:06:42:91:0e:0d:
76:2e:c8:95:80:a2:02:12:e3:bf:21:3e:cc:3c:1f:
38:ea:83:df:07:cd:42:6f:f0:43:06:4b:26:32:69:
db:27:4e:5c:89:dd:ad:b8:7e:0f:0f:8b:c2:c0:8e:
d0:c9:fc:b9:c6:f0:d4:1c:96:67:f4:26:92:b5:29:
6a:6b:de:5a:8b:b8:9f:a8:1f:72:e9:dd:df:cd:99:
d4:1e:cd:8d:03:6c:a0:6b:85:30:dd:8d:5e:5c:df:
23:1c:5f:a1:49:44:37:dd:78:0e:b4:e6:b8:2d:3a:
1a:74:ec:a8:af:14:80:31:15:be:5d:73:74:96:08:
1d:37:a2:5b:4b:22:c9:b0:8e:f7:40:27:a1:fe:70:
8c:66:b3:a7:66:bf:4c:47:dc:ff:42:6c:e3:2a:60:
bf:91:60:a1:c1:65:6e:a8:2a:5e:57:5b:e6:4c:b4:
27:61:17:0c:1b:2f:d2:fc:ca:1d:90:c0:33:f5:44:
62:92:cb:be:81:c7:66:20:15:ac:aa:c7:8c:b4:8f:
35:3e:30:46:bc:e7:08:42:17:0a:3b:a7:60:55:09:
67:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FC:84:67:35:0A:DB:BE:A0:5A:3F:F6:36:C7:A5:44:A8:26:91:D5
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214751.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:813::/48
Signature Algorithm: sha256WithRSAEncryption
4a:6e:3c:9f:d3:2a:2c:b9:3b:a2:08:bb:7f:d1:c3:d5:8a:ce:
f0:2a:78:38:94:85:4e:14:2f:30:18:a4:d4:e5:8a:e9:18:5e:
18:33:d1:bb:59:e3:ae:a6:d5:59:2f:21:83:2b:2d:dd:b1:32:
16:18:dc:f3:6e:d7:c3:ab:e4:fd:5c:0e:e6:e6:dc:9b:8a:13:
05:b8:8b:69:27:b0:be:b1:11:2b:99:f9:29:c5:46:e1:72:ff:
02:b3:c1:05:f3:da:8f:35:43:88:af:35:01:99:19:f9:fa:7f:
55:dd:b4:2d:2a:33:c8:8a:fd:51:a5:f2:40:74:4c:ef:71:d3:
13:f6:d5:f9:8c:bf:24:47:11:3e:54:7a:8b:43:05:a8:26:b5:
3e:d3:3e:df:a6:04:4d:b7:1c:80:42:81:69:85:6a:2b:4d:0b:
c2:cd:f3:59:d4:1a:58:70:53:5d:2e:00:b3:39:93:43:73:32:
63:97:9c:76:f4:73:a6:10:75:eb:b9:80:d1:f6:fb:54:3b:01:
80:b3:53:d1:63:5a:2b:78:3d:03:bc:a8:36:e7:3c:ec:b9:57:
cb:77:4d:e3:c7:90:e6:44:ea:44:df:8e:41:04:b9:9d:0c:6f:
c2:80:d5:a7:2f:3b:6b:1f:99:e3:f2:45:1a:36:e1:d3:79:a2:
63:57:17:88
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUWsZ0V5YeuTHx6nHd0/FiqgwJeY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA2MTEwMDEyMzRaFw0yNTA2MTAwMDE3MzRaMDMxMTAvBgNV
BAMTKEQ3RkM4NDY3MzUwQURCQkVBMDVBM0ZGNjM2QzdBNTQ0QTgyNjkxRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuQ1hEWr1KMXtdD1CKPi3zwlRG
5nbewAjMX4xOusPC85Loe2OEDSIGQpEODXYuyJWAogIS478hPsw8Hzjqg98HzUJv
8EMGSyYyadsnTlyJ3a24fg8Pi8LAjtDJ/LnG8NQclmf0JpK1KWpr3lqLuJ+oH3Lp
3d/NmdQezY0DbKBrhTDdjV5c3yMcX6FJRDfdeA605rgtOhp07KivFIAxFb5dc3SW
CB03oltLIsmwjvdAJ6H+cIxms6dmv0xH3P9CbOMqYL+RYKHBZW6oKl5XW+ZMtCdh
FwwbL9L8yh2QwDP1RGKSy76Bx2YgFayqx4y0jzU+MEa85whCFwo7p2BVCWdBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU1/yEZzUK276gWj/2NselRKgmkdUwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NzUxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgTMA0GCSqGSIb3DQEBCwUAA4IBAQBKbjyf0yosuTuiCLt/0cPVis7wKng4lIVO
FC8wGKTU5YrpGF4YM9G7WeOuptVZLyGDKy3dsTIWGNzzbtfDq+T9XA7m5tybihMF
uItpJ7C+sRErmfkpxUbhcv8Cs8EF89qPNUOIrzUBmRn5+n9V3bQtKjPIiv1RpfJA
dEzvcdMT9tX5jL8kRxE+VHqLQwWoJrU+0z7fpgRNtxyAQoFphWorTQvCzfNZ1BpY
cFNdLgCzOZNDczJjl5x29HOmEHXruYDR9vtUOwGAs1PRY1oreD0DvKg25zzsuVfL
d03jx5DmROpE345BBLmdDG/CgNWnLztrH5nj8kUaNuHTeaJjVxeI
-----END CERTIFICATE-----
Generated at Fri Aug 23 12:55:04 2024 by rpki-client on console-ams.rpki-client.org