Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
File: AS14618.roa (raw, json)
Hash identifier: JfAzX12hAG+2IVR3xq+TPXEBpcROPm5ftf9fbszyqF8=
Subject key identifier: 21:C1:59:D8:6E:2D:99:9E:0E:C5:22:97:F8:07:4C:C7:69:C8:1C:30
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 74C75EA297CFA65E618432C025015C412203AC2F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
Signing time: Sat 30 Nov 2024 00:00:19 +0000
ROA not before: Fri 29 Nov 2024 23:55:19 +0000
ROA not after: Sat 29 Nov 2025 00:00:19 +0000
asID: 14618
IP address blocks: 140.233.128.0/19 maxlen: 24
145.223.64.0/24 maxlen: 24
145.223.65.0/24 maxlen: 24
146.103.60.0/24 maxlen: 24
146.103.62.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c7:5e:a2:97:cf:a6:5e:61:84:32:c0:25:01:5c:41:22:03:ac:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 29 23:55:19 2024 GMT
Not After : Nov 29 00:00:19 2025 GMT
Subject: CN=21C159D86E2D999E0EC52297F8074CC769C81C30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e1:ce:08:b2:62:8e:1f:39:d2:32:35:0b:cd:
65:df:84:45:ca:13:e1:f2:ad:fe:a1:52:97:aa:f1:
a0:a4:26:a0:a8:12:c7:a7:98:ae:e3:16:cb:65:2f:
a8:a3:41:80:29:4c:fa:62:00:4c:43:73:76:60:38:
06:4f:ee:ea:11:a6:18:a3:e4:b4:d1:8b:36:9a:43:
5c:f6:50:b5:85:7d:a5:40:c2:e2:51:c2:fc:d5:71:
b7:9f:3c:31:cb:4d:c9:c4:8a:cd:f3:db:99:c5:61:
32:bb:e9:5f:d8:7b:b2:73:c8:b8:0d:16:b8:14:b6:
bf:25:7c:a8:21:d8:76:8d:ef:0b:93:65:9c:21:b1:
45:86:80:7d:7f:de:47:4a:16:32:1c:82:df:48:aa:
05:8e:49:01:73:e8:61:e4:35:61:57:3c:88:9d:da:
de:68:9c:1a:fe:55:69:cf:64:b0:ec:6e:9a:54:72:
04:c6:e1:5d:43:77:91:fe:2f:00:5f:0f:2a:62:a9:
50:d3:23:75:23:ce:3b:07:c5:3a:d7:08:43:62:6d:
d1:b6:39:8e:49:27:dd:4b:b0:d5:eb:78:d2:f0:c5:
1d:c5:92:5a:db:d4:08:ac:66:0e:5b:dd:cc:b7:60:
41:c8:8e:21:84:fb:9c:1a:82:f8:39:34:c8:aa:eb:
c9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C1:59:D8:6E:2D:99:9E:0E:C5:22:97:F8:07:4C:C7:69:C8:1C:30
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.128.0/19
145.223.64.0/23
146.103.60.0/24
146.103.62.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:31:10:bf:96:de:03:5c:cd:e2:23:c8:ef:f2:fa:d8:d1:10:
f2:77:a2:a2:6c:c5:f5:16:17:d4:47:76:e5:fd:ec:33:3b:a0:
1f:93:36:ae:4a:77:0f:08:68:9c:b3:17:d1:37:3c:a8:a2:f7:
9f:2b:75:32:7c:6f:ca:da:5b:c9:a1:19:17:76:ea:5c:82:f2:
4e:8b:67:07:a8:f7:39:3b:e6:4e:ca:6a:f4:a0:d1:57:9d:d3:
06:c7:a8:57:e1:0b:13:13:c5:c4:8b:bc:42:ed:a0:44:99:74:
64:5c:31:22:37:f8:78:9b:69:0f:fe:53:d2:15:8b:4f:de:17:
d5:11:be:61:fe:54:cd:88:bb:59:07:e5:d7:c8:c1:e0:c3:67:
b0:11:99:88:54:e0:ad:82:3d:93:3f:4e:52:1e:6b:e5:a3:37:
81:cf:4c:fd:88:ee:94:50:5a:c7:a0:16:ea:60:65:41:ed:3f:
78:ec:65:22:f0:d6:f4:32:44:d5:0a:49:7c:3a:ff:ea:9a:c3:
1a:a6:23:78:36:06:99:d6:50:07:31:0e:5e:9e:68:b5:cf:91:
88:e8:f8:e8:7d:63:48:a6:39:28:9d:b7:5c:e0:ce:4d:bb:61:
05:0a:1c:2f:7d:47:e3:ba:a0:34:42:04:75:60:38:4b:fe:2d:
42:0f:f4:c9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUdMdeopfPpl5hhDLAJQFcQSIDrC8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMjkyMzU1MTlaFw0yNTExMjkwMDAwMTlaMDMxMTAvBgNV
BAMTKDIxQzE1OUQ4NkUyRDk5OUUwRUM1MjI5N0Y4MDc0Q0M3NjlDODFDMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt4c4IsmKOHznSMjULzWXfhEXK
E+Hyrf6hUpeq8aCkJqCoEsenmK7jFstlL6ijQYApTPpiAExDc3ZgOAZP7uoRphij
5LTRizaaQ1z2ULWFfaVAwuJRwvzVcbefPDHLTcnEis3z25nFYTK76V/Ye7JzyLgN
FrgUtr8lfKgh2HaN7wuTZZwhsUWGgH1/3kdKFjIcgt9IqgWOSQFz6GHkNWFXPIid
2t5onBr+VWnPZLDsbppUcgTG4V1Dd5H+LwBfDypiqVDTI3UjzjsHxTrXCENibdG2
OY5JJ91LsNXreNLwxR3Fklrb1AisZg5b3cy3YEHIjiGE+5wagvg5NMiq68m1AgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUIcFZ2G4tmZ4OxSKX+AdMx2nIHDAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAWM6YAD
BAGR30ADBACSZzwDBAGSZz4wDQYJKoZIhvcNAQELBQADggEBADoxEL+W3gNczeIj
yO/y+tjREPJ3oqJsxfUWF9RHduX97DM7oB+TNq5Kdw8IaJyzF9E3PKii958rdTJ8
b8raW8mhGRd26lyC8k6LZweo9zk75k7KavSg0Ved0wbHqFfhCxMTxcSLvELtoESZ
dGRcMSI3+HibaQ/+U9IVi0/eF9URvmH+VM2Iu1kH5dfIweDDZ7ARmYhU4K2CPZM/
TlIea+WjN4HPTP2I7pRQWsegFupgZUHtP3jsZSLw1vQyRNUKSXw6/+qawxqmI3g2
BpnWUAcxDl6eaLXPkYjo+Oh9Y0imOSidt1zgzk27YQUKHC99R+O6oDRCBHVgOEv+
LUIP9Mk=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:35:04 2025 by rpki-client