Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214809.roa
File: AS214809.roa (raw, json)
Hash identifier: b9TEhgztDYjdfJ/+A7FUev2s+p+++isIsXk/fEAeLoU=
Subject key identifier: 6E:03:1C:2B:3B:FF:2A:BC:0A:53:AF:97:0C:15:1D:BE:8A:CE:D7:24
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 4040E20956D615D1FBA396988B92B515D1D379EE
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214809.roa
Signing time: Sun 23 Jun 2024 10:10:55 +0000
ROA not before: Sun 23 Jun 2024 10:05:55 +0000
ROA not after: Sun 22 Jun 2025 10:10:55 +0000
asID: 214809
IP address blocks: 2a0f:85c1:807::/48 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:40:e2:09:56:d6:15:d1:fb:a3:96:98:8b:92:b5:15:d1:d3:79:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jun 23 10:05:55 2024 GMT
Not After : Jun 22 10:10:55 2025 GMT
Subject: CN=6E031C2B3BFF2ABC0A53AF970C151DBE8ACED724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:31:09:31:b3:9e:01:6d:9c:0e:eb:33:e3:fb:
6f:d2:79:e6:f3:6e:df:12:52:e3:90:d1:3e:1c:ca:
31:f1:17:f5:b2:c8:66:53:94:f5:49:7e:f1:fd:9a:
ec:2c:7a:b5:44:9c:b7:ea:f1:a4:06:da:ff:31:11:
68:43:6c:71:e1:4f:05:cf:ee:b2:56:7f:ac:e5:62:
58:c0:a9:89:c6:18:fc:04:c1:52:82:dd:4a:38:c5:
f1:35:9a:a7:b0:cf:0d:a8:50:7a:d5:a7:59:dc:7f:
bd:d3:c5:45:c4:99:06:3c:14:34:a8:33:b6:59:6f:
38:ed:81:d8:6d:0d:40:8d:a8:b1:66:22:74:43:f1:
a3:2a:94:a8:74:8d:57:37:87:7b:b0:15:e2:8f:29:
ea:67:57:55:b3:43:4c:86:2e:cf:8e:dd:ab:fa:93:
53:20:af:57:35:8e:3b:ec:99:76:b6:1b:90:db:fd:
37:43:29:63:39:b8:9b:52:0f:ec:b6:c5:0a:91:2c:
9e:8a:c2:d6:3b:4c:f3:c0:aa:6f:5a:fc:70:af:be:
01:ea:19:67:44:5b:a1:ee:1d:c2:c8:5e:ed:18:3f:
f3:d5:b5:84:ff:f2:2c:2e:4b:1b:e7:47:af:42:d9:
75:ce:1b:9d:d7:17:21:fd:03:b0:b0:6c:d2:ca:e7:
f1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:03:1C:2B:3B:FF:2A:BC:0A:53:AF:97:0C:15:1D:BE:8A:CE:D7:24
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214809.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:807::/48
Signature Algorithm: sha256WithRSAEncryption
5e:53:01:95:ec:6b:28:7c:ea:72:eb:c2:94:f0:b6:3c:dc:0b:
4d:8b:49:be:a5:83:b2:c8:ef:a5:6a:01:7e:88:39:17:a7:31:
7a:f1:c5:75:c7:aa:9d:6e:05:02:e9:95:52:e9:28:7c:c9:b2:
62:c3:06:bb:b0:ec:6c:66:96:9c:d7:84:af:05:3f:f9:01:63:
8a:01:5e:03:7c:80:6b:a3:9d:b1:fe:ba:78:3b:dc:e9:3e:ba:
d9:dd:c6:6c:75:3c:c6:1a:c8:64:22:73:3a:d9:01:70:8a:2b:
01:fe:1c:48:42:bf:b6:77:cf:50:1d:44:f9:b9:4f:f6:15:93:
89:79:b6:da:3e:f5:dd:62:75:0c:99:bf:19:dd:12:4e:0c:69:
03:69:2a:ec:aa:a4:64:db:af:7b:aa:56:d9:5c:1b:78:cd:77:
ed:cd:e4:34:20:c6:8c:20:27:55:49:0e:5f:14:b6:b8:81:54:
38:90:96:5a:fe:78:7f:b9:9d:05:2a:90:16:ab:c2:b6:14:25:
46:5a:10:77:8c:c7:5e:16:b9:24:8f:c0:b5:69:de:88:17:6e:
ce:1a:e5:9b:90:c0:c8:2d:31:8e:09:a5:94:44:a4:dc:03:11:
bf:b6:1f:d1:d4:cb:6d:32:ce:2f:b4:af:90:19:c6:a6:e1:9c:
1b:0e:06:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQEDiCVbWFdH7o5aYi5K1FdHTee4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA2MjMxMDA1NTVaFw0yNTA2MjIxMDEwNTVaMDMxMTAvBgNV
BAMTKDZFMDMxQzJCM0JGRjJBQkMwQTUzQUY5NzBDMTUxREJFOEFDRUQ3MjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2MQkxs54BbZwO6zPj+2/Seebz
bt8SUuOQ0T4cyjHxF/WyyGZTlPVJfvH9muwserVEnLfq8aQG2v8xEWhDbHHhTwXP
7rJWf6zlYljAqYnGGPwEwVKC3Uo4xfE1mqewzw2oUHrVp1ncf73TxUXEmQY8FDSo
M7ZZbzjtgdhtDUCNqLFmInRD8aMqlKh0jVc3h3uwFeKPKepnV1WzQ0yGLs+O3av6
k1Mgr1c1jjvsmXa2G5Db/TdDKWM5uJtSD+y2xQqRLJ6KwtY7TPPAqm9a/HCvvgHq
GWdEW6HuHcLIXu0YP/PVtYT/8iwuSxvnR69C2XXOG53XFyH9A7CwbNLK5/GnAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUbgMcKzv/KrwKU6+XDBUdvorO1yQwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0ODA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQgHMA0GCSqGSIb3DQEBCwUAA4IBAQBeUwGV7GsofOpy68KU8LY83AtNi0m+pYOy
yO+lagF+iDkXpzF68cV1x6qdbgUC6ZVS6Sh8ybJiwwa7sOxsZpac14SvBT/5AWOK
AV4DfIBro52x/rp4O9zpPrrZ3cZsdTzGGshkInM62QFwiisB/hxIQr+2d89QHUT5
uU/2FZOJebbaPvXdYnUMmb8Z3RJODGkDaSrsqqRk2697qlbZXBt4zXftzeQ0IMaM
ICdVSQ5fFLa4gVQ4kJZa/nh/uZ0FKpAWq8K2FCVGWhB3jMdeFrkkj8C1ad6IF27O
GuWbkMDILTGOCaWURKTcAxG/th/R1MttMs4vtK+QGcam4ZwbDgZ5
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org