Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
File: AS215304.roa (raw, json)
Hash identifier: FEaHE+CwDC/I784a+QUnlDpI9b6qt+9UcnRfcl0hDSU=
Subject key identifier: E8:97:3E:4C:77:5A:7E:54:CC:D6:E6:55:1D:14:08:B5:4A:68:F4:EC
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 58F6AEC22E7C60F5CF183CF4BAA13E0E08278A9F
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
Signing time: Thu 28 Nov 2024 12:00:46 +0000
ROA not before: Thu 28 Nov 2024 11:55:46 +0000
ROA not after: Thu 27 Nov 2025 12:00:46 +0000
asID: 215304
IP address blocks: 140.233.185.0/24 maxlen: 24
148.135.172.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
148.135.175.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:f6:ae:c2:2e:7c:60:f5:cf:18:3c:f4:ba:a1:3e:0e:08:27:8a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 28 11:55:46 2024 GMT
Not After : Nov 27 12:00:46 2025 GMT
Subject: CN=E8973E4C775A7E54CCD6E6551D1408B54A68F4EC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:07:9a:06:52:6e:aa:70:60:e4:76:96:d9:20:
0e:c4:2e:1a:d8:35:3f:2c:a5:46:b6:48:bf:a4:d5:
47:f9:13:19:8c:dc:e7:8e:9b:7f:33:e7:74:61:aa:
08:e1:c3:3f:a4:ae:67:dd:ca:19:6a:de:15:00:b6:
84:30:2c:d6:78:52:29:36:2b:e8:b7:cf:fe:90:03:
f2:70:2f:0a:3f:d4:e8:71:ac:27:42:8d:23:72:c8:
19:b6:33:23:fa:d8:e7:84:46:0d:bb:12:6b:b6:e3:
8a:70:9d:0d:0e:a3:66:e7:15:a1:c4:f8:fb:b1:05:
a9:77:18:21:ad:b9:4c:5c:1d:16:1e:54:c4:17:06:
42:ae:f7:ec:e5:3c:62:b5:b4:e7:cd:d3:aa:ac:4d:
7f:03:df:fe:cb:2a:82:6f:ea:15:69:71:fa:a9:41:
d6:4c:c6:5f:26:49:6a:d1:2c:56:7b:0f:6b:c2:00:
bb:f8:e0:c7:6f:39:ac:52:2e:96:5c:cf:69:ab:2b:
99:1d:65:de:17:be:69:5e:a3:7d:2a:68:5c:dd:1e:
74:95:cc:0b:1b:95:02:58:54:1f:e3:39:28:8b:50:
5d:49:2e:4b:5e:6d:6f:cf:58:06:ea:4f:f1:78:77:
cd:7b:12:16:de:0a:77:23:2a:0a:bb:28:b2:5e:2c:
d3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:97:3E:4C:77:5A:7E:54:CC:D6:E6:55:1D:14:08:B5:4A:68:F4:EC
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
148.135.172.0/22
148.135.180.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:40:7c:9e:b1:c1:a3:f4:21:ff:e8:64:00:96:cd:5b:5e:ab:
9a:2a:85:34:bb:18:42:7f:e4:5c:a3:8f:fb:71:72:37:eb:e7:
c4:70:3d:2b:e6:d7:4d:00:4a:ed:84:b0:ba:8c:e1:f7:3b:7c:
0b:10:b0:bd:7d:f8:ff:5f:3e:6d:9c:08:b8:d0:2a:04:b5:49:
0f:d0:e1:e6:0d:fd:5f:f6:a1:5a:93:d1:db:8d:46:18:16:34:
e8:e9:63:0d:cb:09:d9:66:be:9f:8e:b9:c5:ab:2b:af:a2:99:
4d:81:63:0a:80:d0:32:27:70:ad:52:fe:72:fb:cf:45:aa:a6:
86:95:c8:9a:6e:fd:ec:a2:e7:34:34:65:22:78:50:5e:72:b8:
d1:41:0d:5c:85:fc:59:c7:74:c6:7c:46:be:71:d8:cd:7b:e8:
5c:6d:01:ef:a7:32:ae:6c:a2:6b:b0:9e:1a:62:e1:b1:6e:09:
de:85:df:3b:14:0b:7f:6d:dc:c9:8c:ea:3b:f3:36:0c:54:9b:
d5:48:92:de:a7:33:4f:89:37:f5:c3:f7:40:e5:c7:8e:ad:df:
ea:81:3f:24:8c:f4:b2:47:0a:cc:e9:ee:56:10:1e:2a:38:7b:
e2:1f:48:98:01:6a:20:49:02:35:ab:cb:77:3b:e4:c5:df:f4:
d9:fc:dd:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUWPauwi58YPXPGDz0uqE+Dggnip8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDExMjgxMTU1NDZaFw0yNTExMjcxMjAwNDZaMDMxMTAvBgNV
BAMTKEU4OTczRTRDNzc1QTdFNTRDQ0Q2RTY1NTFEMTQwOEI1NEE2OEY0RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOB5oGUm6qcGDkdpbZIA7ELhrY
NT8spUa2SL+k1Uf5ExmM3OeOm38z53Rhqgjhwz+krmfdyhlq3hUAtoQwLNZ4Uik2
K+i3z/6QA/JwLwo/1OhxrCdCjSNyyBm2MyP62OeERg27Emu244pwnQ0Oo2bnFaHE
+PuxBal3GCGtuUxcHRYeVMQXBkKu9+zlPGK1tOfN06qsTX8D3/7LKoJv6hVpcfqp
QdZMxl8mSWrRLFZ7D2vCALv44MdvOaxSLpZcz2mrK5kdZd4Xvmleo30qaFzdHnSV
zAsblQJYVB/jOSiLUF1JLktebW/PWAbqT/F4d817EhbeCncjKgq7KLJeLNPzAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQU6Jc+THdaflTM1uZVHRQItUpo9OwwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjOm5
AwQClIesAwQBlIe0MA0GCSqGSIb3DQEBCwUAA4IBAQAKQHyescGj9CH/6GQAls1b
XquaKoU0uxhCf+Rco4/7cXI36+fEcD0r5tdNAErthLC6jOH3O3wLELC9ffj/Xz5t
nAi40CoEtUkP0OHmDf1f9qFak9HbjUYYFjTo6WMNywnZZr6fjrnFqyuvoplNgWMK
gNAyJ3CtUv5y+89FqqaGlciabv3souc0NGUieFBecrjRQQ1chfxZx3TGfEa+cdjN
e+hcbQHvpzKubKJrsJ4aYuGxbgnehd87FAt/bdzJjOo78zYMVJvVSJLepzNPiTf1
w/dA5ceOrd/qgT8kjPSyRwrM6e5WEB4qOHviH0iYAWogSQI1q8t3O+TF3/TZ/N11
-----END CERTIFICATE-----
Generated at Fri Apr 25 22:12:32 2025 by rpki-client