Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
File: AS214989.roa (raw, json)
Hash identifier: qHOc+E7v6JMzxxQizzIw8jrUuIgtsQW2s52tpW9WpyE=
Subject key identifier: 03:4F:F6:35:76:67:C5:B2:D2:3E:2D:6A:2F:4E:0E:36:D2:BB:C8:D9
Certificate issuer: /CN=5ae4437029659539f54f900b35e43be06a94b37b
Certificate serial: 2851A8A8356C36FC7C6501A37AE3383582FEC05E
Authority key identifier: 5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
Signing time: Fri 12 Jul 2024 03:33:34 +0000
ROA not before: Fri 12 Jul 2024 03:28:34 +0000
ROA not after: Fri 11 Jul 2025 03:33:34 +0000
asID: 214989
IP address blocks: 2a0f:85c1:3cf::/48 maxlen: 48
2a0f:85c1:3e0::/44 maxlen: 44
2a0f:85c1:500::/40 maxlen: 48
Validation: Failed, unable to get certificate CRL
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:51:a8:a8:35:6c:36:fc:7c:65:01:a3:7a:e3:38:35:82:fe:c0:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ae4437029659539f54f900b35e43be06a94b37b
Validity
Not Before: Jul 12 03:28:34 2024 GMT
Not After : Jul 11 03:33:34 2025 GMT
Subject: CN=034FF6357667C5B2D23E2D6A2F4E0E36D2BBC8D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:71:59:86:c8:28:16:d2:db:8c:b0:1c:37:e8:
f5:d0:5d:34:a1:93:da:82:88:bf:78:02:6c:75:8d:
5c:9e:f1:51:bf:fd:03:83:59:6b:92:90:d8:0e:ca:
c4:c4:24:46:fe:1f:b1:b4:fe:75:5f:b3:8e:94:fc:
eb:8d:0d:bd:c7:be:10:77:08:96:20:c5:e6:89:cc:
ad:b7:53:81:8e:bb:f7:58:ca:01:82:ad:a7:25:f5:
79:05:a5:54:b2:ae:c5:c5:fc:b0:5f:fc:d2:10:06:
f5:9d:df:53:0f:33:b0:74:4b:d4:f8:ef:d0:f6:e8:
f4:ac:da:7d:39:5d:14:6d:17:6e:bb:0e:63:36:98:
2f:bf:3a:7f:d8:19:bf:7c:20:2d:5b:bb:e6:20:5c:
fd:55:7d:00:46:91:f7:5a:97:4d:78:d2:10:af:63:
00:61:06:8a:c6:75:b2:8a:ec:88:4f:4f:7e:39:79:
04:a5:c6:ef:a8:0b:c4:8c:60:43:07:01:cc:34:cc:
6d:34:45:ae:05:46:f9:2c:38:32:f2:f6:6d:16:bd:
81:7d:4a:b9:2b:34:98:9e:2f:2c:8b:1d:6c:4a:ae:
5f:f3:51:e6:22:ef:5c:7b:8b:7a:40:50:6a:26:aa:
47:e9:41:01:31:08:bd:8e:ad:8b:f9:b4:31:ca:e3:
34:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:4F:F6:35:76:67:C5:B2:D2:3E:2D:6A:2F:4E:0E:36:D2:BB:C8:D9
X509v3 Authority Key Identifier:
keyid:5A:E4:43:70:29:65:95:39:F5:4F:90:0B:35:E4:3B:E0:6A:94:B3:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/5AE4437029659539F54F900B35E43BE06A94B37B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WuRDcClllTn1T5ALNeQ74GqUs3s.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fc20add3-a88e-4bb2-a84d-55da2128f196/0/AS214989.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:3cf::/48
2a0f:85c1:3e0::/44
2a0f:85c1:500::/40
Signature Algorithm: sha256WithRSAEncryption
7b:73:89:18:9a:9f:14:19:b7:ce:73:c5:49:a5:8c:2e:82:92:
ad:22:d0:8e:17:0e:36:5e:a9:83:df:50:5c:5d:32:c4:2b:2b:
c7:94:46:01:97:94:30:19:89:c1:51:e7:f0:e9:7b:eb:f8:4a:
04:02:a6:d4:5a:8e:dc:6d:16:77:e0:fb:5d:27:2a:b6:fb:f1:
95:0f:36:bb:65:57:81:6f:52:84:3b:22:ee:38:7e:b6:b0:7f:
92:17:6f:9b:49:a8:7c:af:bb:55:c3:3c:0a:01:d7:ff:b8:f5:
51:66:a1:e0:1a:17:d3:9d:ff:30:44:aa:f5:e4:51:04:b2:77:
da:9b:63:13:b1:ac:f3:2f:16:87:16:84:43:27:21:37:b6:f3:
5c:7b:7a:c9:70:a2:bb:6f:a3:1e:63:69:35:aa:8c:09:cb:ef:
83:4a:96:f6:22:13:d9:4a:1b:30:00:e0:c0:a0:d2:58:3a:b6:
34:97:c4:81:dd:b6:74:92:04:d5:5f:4d:19:1b:d9:d6:fc:ab:
93:18:4b:17:6b:14:2e:14:b9:39:1a:24:70:13:29:33:f1:3c:
ca:ec:c7:e0:03:b5:cf:83:ea:c2:a1:cf:33:19:04:53:55:62:
34:f6:23:dc:5d:ff:52:f6:36:71:a3:a0:d2:1e:cc:91:17:16:
65:3a:9c:fb
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIUKFGoqDVsNvx8ZQGjeuM4NYL+wF4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNWFlNDQzNzAyOTY1OTUzOWY1NGY5MDBiMzVlNDNiZTA2
YTk0YjM3YjAeFw0yNDA3MTIwMzI4MzRaFw0yNTA3MTEwMzMzMzRaMDMxMTAvBgNV
BAMTKDAzNEZGNjM1NzY2N0M1QjJEMjNFMkQ2QTJGNEUwRTM2RDJCQkM4RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbcVmGyCgW0tuMsBw36PXQXTSh
k9qCiL94Amx1jVye8VG//QODWWuSkNgOysTEJEb+H7G0/nVfs46U/OuNDb3HvhB3
CJYgxeaJzK23U4GOu/dYygGCracl9XkFpVSyrsXF/LBf/NIQBvWd31MPM7B0S9T4
79D26PSs2n05XRRtF267DmM2mC+/On/YGb98IC1bu+YgXP1VfQBGkfdal0140hCv
YwBhBorGdbKK7IhPT345eQSlxu+oC8SMYEMHAcw0zG00Ra4FRvksODLy9m0WvYF9
SrkrNJieLyyLHWxKrl/zUeYi71x7i3pAUGomqkfpQQExCL2OrYv5tDHK4zR5AgMB
AAGjggIeMIICGjAdBgNVHQ4EFgQUA0/2NXZnxbLSPi1qL04ONtK7yNkwHwYDVR0j
BBgwFoAUWuRDcClllTn1T5ALNeQ74GqUs3swDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmMyMGFkZDMtYTg4ZS00YmIyLWE4NGQtNTVkYTIxMjhm
MTk2LzAvNUFFNDQzNzAyOTY1OTUzOUY1NEY5MDBCMzVFNDNCRTA2QTk0QjM3Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1d1UkRjQ2xsbFRuMVQ1QUxOZVE3NEdx
VXMzcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2ZjMjBhZGQzLWE4OGUt
NGJiMi1hODRkLTU1ZGEyMTI4ZjE5Ni8wL0FTMjE0OTg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcAKg+F
wQPPAwcEKg+FwQPgAwYAKg+FwQUwDQYJKoZIhvcNAQELBQADggEBAHtziRianxQZ
t85zxUmljC6Ckq0i0I4XDjZeqYPfUFxdMsQrK8eURgGXlDAZicFR5/Dpe+v4SgQC
ptRajtxtFnfg+10nKrb78ZUPNrtlV4FvUoQ7Iu44frawf5IXb5tJqHyvu1XDPAoB
1/+49VFmoeAaF9Od/zBEqvXkUQSyd9qbYxOxrPMvFocWhEMnITe281x7eslwortv
ox5jaTWqjAnL74NKlvYiE9lKGzAA4MCg0lg6tjSXxIHdtnSSBNVfTRkb2db8q5MY
SxdrFC4UuTkaJHATKTPxPMrsx+ADtc+D6sKhzzMZBFNVYjT2I9xd/1L2NnGjoNIe
zJEXFmU6nPs=
-----END CERTIFICATE-----
Generated at Thu Aug 22 23:44:02 2024 by rpki-client on console-fra.rpki-client.org