Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214000.roa
File: AS214000.roa (raw, json)
Hash identifier: SdPeW2QpAcpjxdJtq36zbZWfhvdj0FyKNHf4bEHEJLQ=
Subject key identifier: FB:5B:25:53:12:29:FE:C5:1F:72:12:E9:C8:56:E9:8F:47:19:F7:57
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 46F129E8AA58D769DEC64E0771FE92CA00BC861E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214000.roa
Signing time: Wed 01 Jan 2025 17:15:04 +0000
ROA not before: Wed 01 Jan 2025 17:10:04 +0000
ROA not after: Wed 31 Dec 2025 17:15:04 +0000
asID: 214000
IP address blocks: 179.61.129.0/24 maxlen: 24
179.61.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:f1:29:e8:aa:58:d7:69:de:c6:4e:07:71:fe:92:ca:00:bc:86:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 17:10:04 2025 GMT
Not After : Dec 31 17:15:04 2025 GMT
Subject: CN=FB5B25531229FEC51F7212E9C856E98F4719F757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:f2:31:08:6d:00:33:ab:fd:d6:c2:8c:b0:
a7:46:62:e3:33:91:58:32:70:09:5e:85:c4:03:43:
1b:2d:b8:66:77:0e:ed:5c:82:be:69:3b:47:1d:9c:
51:99:57:da:ab:23:f0:f8:62:aa:27:44:06:f2:58:
43:b4:e8:dc:44:f0:9f:d9:fd:f6:16:e1:1c:44:9b:
d8:2b:fa:41:b9:76:e4:33:05:cf:a6:cc:16:59:40:
06:b3:60:29:77:53:ee:63:b6:71:68:3e:17:26:9c:
bc:14:24:c5:6b:b4:3b:52:0d:cb:ef:8f:bd:c8:80:
dc:79:83:3e:91:75:a3:14:98:65:f5:0a:21:67:44:
21:69:ef:e2:cb:06:46:1d:0f:6e:ce:16:8a:fe:b8:
c3:85:ba:fa:dd:b5:d9:df:f3:3e:84:fc:24:f8:d7:
3d:2f:18:a5:d4:18:fe:5e:70:ec:ff:95:0a:c3:ad:
ed:b3:d1:6d:5c:66:6c:62:32:06:8a:d3:96:a7:cd:
0e:32:a5:33:9d:60:0d:56:85:35:76:e6:63:5e:de:
9b:e9:6f:04:4c:5b:d7:17:18:ff:77:b2:3a:dc:b3:
c0:f7:41:0f:c5:09:b1:73:a5:b7:b8:c1:54:a2:46:
98:3e:00:4a:94:f8:d0:1b:be:a9:bd:b7:99:e2:71:
36:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:5B:25:53:12:29:FE:C5:1F:72:12:E9:C8:56:E9:8F:47:19:F7:57
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS214000.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.129.0/24
179.61.214.0/24
Signature Algorithm: sha256WithRSAEncryption
20:38:e0:b0:dc:b6:a7:ba:00:da:25:b1:86:2d:d0:4f:15:b8:
d1:5c:44:38:f2:d8:39:2b:af:a3:f4:c4:e8:66:0b:68:bb:2b:
d6:61:98:db:fd:c6:dd:20:86:b5:7e:e3:e2:c8:5c:1d:a7:26:
60:d5:84:3a:5e:c5:27:93:7b:1e:0d:53:4f:c2:60:f1:82:03:
d9:04:47:8c:60:e6:3e:cb:f1:34:5c:93:36:4a:9a:98:c6:70:
f3:f3:0b:a2:0a:61:4e:f7:2d:89:99:99:88:f9:d9:62:41:80:
22:77:6c:98:58:71:50:4e:d1:e1:17:63:f2:b6:4c:fe:df:d4:
19:e5:fc:81:bd:73:37:97:44:2d:d0:17:72:36:25:ef:75:9b:
9e:7e:c2:94:bb:84:3a:8b:b1:f2:c8:98:21:38:9d:0a:93:d5:
64:a4:1e:38:39:21:ca:0d:d8:66:98:33:9f:a7:9a:25:7d:1d:
51:3a:ba:1d:1f:20:ef:39:39:36:e3:e7:4d:77:1f:43:69:ba:
56:1b:40:04:33:60:fa:54:3b:c9:b2:ff:10:f9:a3:33:fe:ec:
96:06:d7:3a:1a:b3:aa:0e:36:08:26:ac:60:9a:49:0a:ad:a7:
7f:6a:67:cc:cc:a7:cd:b5:bc:f3:f5:d9:84:2f:e6:97:3e:2c:
0d:9f:3e:d9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIURvEp6KpY12nexk4Hcf6SygC8hh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDExNzEwMDRaFw0yNTEyMzExNzE1MDRaMDMxMTAvBgNV
BAMTKEZCNUIyNTUzMTIyOUZFQzUxRjcyMTJFOUM4NTZFOThGNDcxOUY3NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2tfIxCG0AM6v91sKMsKdGYuMz
kVgycAlehcQDQxstuGZ3Du1cgr5pO0cdnFGZV9qrI/D4YqonRAbyWEO06NxE8J/Z
/fYW4RxEm9gr+kG5duQzBc+mzBZZQAazYCl3U+5jtnFoPhcmnLwUJMVrtDtSDcvv
j73IgNx5gz6RdaMUmGX1CiFnRCFp7+LLBkYdD27OFor+uMOFuvrdtdnf8z6E/CT4
1z0vGKXUGP5ecOz/lQrDre2z0W1cZmxiMgaK05anzQ4ypTOdYA1WhTV25mNe3pvp
bwRMW9cXGP93sjrcs8D3QQ/FCbFzpbe4wVSiRpg+AEqU+NAbvqm9t5nicTabAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQU+1slUxIp/sUfchLpyFbpj0cZ91cwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE0MDAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsz2B
AwQAsz3WMA0GCSqGSIb3DQEBCwUAA4IBAQAgOOCw3LanugDaJbGGLdBPFbjRXEQ4
8tg5K6+j9MToZgtouyvWYZjb/cbdIIa1fuPiyFwdpyZg1YQ6XsUnk3seDVNPwmDx
ggPZBEeMYOY+y/E0XJM2SpqYxnDz8wuiCmFO9y2JmZmI+dliQYAid2yYWHFQTtHh
F2Pytkz+39QZ5fyBvXM3l0Qt0BdyNiXvdZuefsKUu4Q6i7HyyJghOJ0Kk9VkpB44
OSHKDdhmmDOfp5olfR1ROrodHyDvOTk24+dNdx9DabpWG0AEM2D6VDvJsv8Q+aMz
/uyWBtc6GrOqDjYIJqxgmkkKrad/amfMzKfNtbzz9dmEL+aXPiwNnz7Z
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:12:34 2025 by rpki-client