Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa
File: AS214769.roa (raw, json)
Hash identifier: 2ntrKq/Qc9CksQ0nzuGzCIJSshgWWcZmVqhl3bZ638k=
Subject key identifier: 3B:0C:7A:4E:40:A0:03:5F:6F:04:54:F6:DD:E1:CA:24:3E:E7:A7:04
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 7E2E47B3934E404F60809983D9819C155B23F96E
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa
Signing time: Thu 06 Jun 2024 03:38:46 +0000
ROA not before: Thu 06 Jun 2024 03:33:46 +0000
ROA not after: Thu 05 Jun 2025 03:38:46 +0000
asID: 214769
IP address blocks: 2a0f:85c1:3d5::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:2e:47:b3:93:4e:40:4f:60:80:99:83:d9:81:9c:15:5b:23:f9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jun 6 03:33:46 2024 GMT
Not After : Jun 5 03:38:46 2025 GMT
Subject: CN=3B0C7A4E40A0035F6F0454F6DDE1CA243EE7A704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ec:ec:a9:b9:f3:97:e6:72:13:4a:b2:8d:d2:
15:3c:31:ca:73:76:45:20:60:05:c1:39:82:1a:ee:
ea:14:50:69:56:f1:af:48:99:8a:4e:6d:fe:d3:b9:
be:53:7b:58:3f:6e:9b:7a:9f:b1:8b:ae:d3:07:f6:
65:c8:9a:5c:35:3c:4c:29:c4:93:74:b0:d7:6d:aa:
71:8b:ab:35:ba:4e:c5:b4:db:b6:6c:8e:4d:a2:ae:
46:3d:1e:c3:88:dc:91:5a:43:c2:60:b8:b8:85:1a:
dd:7b:59:fb:42:5b:fb:4f:d0:71:b2:52:09:2f:cb:
64:20:1e:5a:21:ee:17:c8:6a:c3:89:cc:2a:3a:8c:
14:87:b2:a2:e5:d6:19:9c:2d:25:00:ab:01:a4:38:
0b:02:c9:6d:01:08:d4:98:c7:33:7c:69:46:45:5d:
76:04:1b:17:74:37:76:fa:a6:f9:d5:ff:80:b2:70:
6c:cc:8e:d2:75:e2:5a:cd:9e:4a:2c:1b:63:57:48:
21:91:9d:c9:f5:38:69:ec:16:60:12:f7:80:7a:d7:
6a:60:37:cb:9a:2d:71:a1:b8:91:74:49:9e:1e:6b:
91:33:14:7a:73:a0:3b:f8:f4:21:ac:b3:d0:28:a2:
16:14:c0:df:b4:c9:42:fc:dc:c4:37:1c:3a:ed:47:
9c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0C:7A:4E:40:A0:03:5F:6F:04:54:F6:DD:E1:CA:24:3E:E7:A7:04
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214769.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3d5::/48
Signature Algorithm: sha256WithRSAEncryption
8c:59:9a:2c:0d:55:f6:6c:16:6c:6f:6f:a7:fe:b1:5f:bc:62:
af:f0:45:a2:09:57:8d:6d:4e:86:db:e7:98:69:64:63:80:b5:
07:09:8f:fe:04:52:bb:1c:3c:0d:d1:cf:4d:f2:d4:4c:42:0c:
9e:52:17:ad:22:a2:a3:d8:69:2e:df:e2:00:fc:c5:91:cc:0f:
ec:be:91:7d:6a:db:81:82:1e:de:71:9b:d1:27:3b:fa:67:33:
64:08:e1:36:4f:cf:4d:36:4c:32:5e:86:ee:26:1c:07:bb:b0:
7a:73:13:67:d3:66:76:de:af:97:ea:ff:f1:ae:e5:b9:7e:30:
42:18:4b:2c:59:a8:4a:2c:56:58:1e:be:1b:a6:51:5c:5e:14:
fa:76:db:76:1e:bc:ad:0d:30:f5:34:5b:39:db:a8:7e:9b:48:
31:f1:11:d7:b8:da:60:ac:5e:41:00:86:70:fb:02:bc:9b:3a:
7c:43:cf:d9:1e:19:54:7d:d1:c3:b7:9f:82:7b:a1:0b:76:03:
0e:d6:cb:14:5e:ec:f5:63:02:ea:36:b5:c6:5e:86:ba:fc:3a:
30:af:4f:63:a3:ea:4d:9b:ef:50:2b:df:28:c1:b1:52:67:7f:
73:c5:af:4d:73:54:ad:31:c2:10:dc:eb:a3:7d:9a:72:4c:50:
6d:d7:c4:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUfi5Hs5NOQE9ggJmD2YGcFVsj+W4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA2MDYwMzMzNDZaFw0yNTA2MDUwMzM4NDZaMDMxMTAvBgNV
BAMTKDNCMEM3QTRFNDBBMDAzNUY2RjA0NTRGNkRERTFDQTI0M0VFN0E3MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7OypufOX5nITSrKN0hU8Mcpz
dkUgYAXBOYIa7uoUUGlW8a9ImYpObf7Tub5Te1g/bpt6n7GLrtMH9mXImlw1PEwp
xJN0sNdtqnGLqzW6TsW027Zsjk2irkY9HsOI3JFaQ8JguLiFGt17WftCW/tP0HGy
Ugkvy2QgHloh7hfIasOJzCo6jBSHsqLl1hmcLSUAqwGkOAsCyW0BCNSYxzN8aUZF
XXYEGxd0N3b6pvnV/4CycGzMjtJ14lrNnkosG2NXSCGRncn1OGnsFmAS94B612pg
N8uaLXGhuJF0SZ4ea5EzFHpzoDv49CGss9AoohYUwN+0yUL83MQ3HDrtR5x7AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUOwx6TkCgA19vBFT23eHKJD7npwQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0NzY5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQPVMA0GCSqGSIb3DQEBCwUAA4IBAQCMWZosDVX2bBZsb2+n/rFfvGKv8EWiCVeN
bU6G2+eYaWRjgLUHCY/+BFK7HDwN0c9N8tRMQgyeUhetIqKj2Gku3+IA/MWRzA/s
vpF9atuBgh7ecZvRJzv6ZzNkCOE2T89NNkwyXobuJhwHu7B6cxNn02Z23q+X6v/x
ruW5fjBCGEssWahKLFZYHr4bplFcXhT6dtt2HrytDTD1NFs526h+m0gx8RHXuNpg
rF5BAIZw+wK8mzp8Q8/ZHhlUfdHDt5+Ce6ELdgMO1ssUXuz1YwLqNrXGXoa6/Dow
r09jo+pNm+9QK98owbFSZ39zxa9Nc1StMcIQ3OujfZpyTFBt18Qm
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org