Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa
File: AS213733.roa (raw, json)
Hash identifier: mZqZJdf7u2zFXo6QF+WBq4EbUEtcDfGeoNLiFiBGygU=
Subject key identifier: D0:99:46:5D:F5:E0:FC:22:F8:A7:3D:7B:8B:ED:49:D0:1F:93:96:BF
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 07D8B5D88ACFE4546CB1DB8823032067D4254D77
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa
Signing time: Wed 15 Jan 2025 02:05:11 +0000
ROA not before: Wed 15 Jan 2025 02:00:11 +0000
ROA not after: Wed 14 Jan 2026 02:05:11 +0000
asID: 213733
IP address blocks: 2a0f:85c1:b43::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:d8:b5:d8:8a:cf:e4:54:6c:b1:db:88:23:03:20:67:d4:25:4d:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 15 02:00:11 2025 GMT
Not After : Jan 14 02:05:11 2026 GMT
Subject: CN=D099465DF5E0FC22F8A73D7B8BED49D01F9396BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:95:5f:57:85:1f:5d:e9:7d:84:dd:e2:0e:2a:
df:8b:f9:d7:ef:a5:04:28:5c:8e:11:e0:69:90:ab:
a8:53:da:c1:8e:99:5a:b8:0d:4c:4a:28:0e:cb:94:
67:f5:de:7f:8d:f1:99:d7:a2:be:dd:a9:d4:60:d2:
bf:2b:d8:35:56:c4:4a:0c:f4:29:b8:e5:50:bf:5f:
b1:31:e5:42:77:9c:77:10:a8:71:06:1f:e3:55:e4:
31:1c:77:40:42:c0:9f:54:c9:80:ea:10:62:05:2d:
ad:26:e6:cb:9b:62:b0:aa:db:35:21:38:63:3e:e4:
c7:70:7d:64:bb:da:fb:0d:7d:a7:a6:ec:55:a8:47:
f5:65:a7:d3:d1:df:6f:07:93:30:47:ec:2c:a4:6f:
8f:a9:8e:43:f7:6a:de:29:85:20:69:ba:6b:fd:7c:
95:c7:d2:23:78:cb:a5:83:4a:b8:db:89:7f:e9:cf:
0c:93:61:08:1c:7d:4b:54:20:a0:e7:c4:69:18:b9:
b4:3b:f9:7b:48:ec:e5:32:e6:ed:9c:73:d6:1c:1a:
65:6d:ba:c7:b6:7b:e0:be:1c:e6:35:85:e6:d5:84:
3b:08:79:73:dc:34:da:2d:01:cc:f0:d8:76:69:75:
4f:7f:05:5d:fd:77:6b:8e:e1:40:e8:da:b0:21:ac:
7d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:99:46:5D:F5:E0:FC:22:F8:A7:3D:7B:8B:ED:49:D0:1F:93:96:BF
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b43::/48
Signature Algorithm: sha256WithRSAEncryption
1b:1f:f3:fa:24:cd:c9:43:eb:c0:01:e8:33:d5:d0:d0:89:e0:
8e:45:5d:8c:2e:86:b3:b6:88:31:76:73:0e:10:28:dc:2b:2c:
ce:cd:d1:44:13:39:62:1c:93:9f:2f:de:48:c4:27:32:27:42:
e0:22:1b:b7:e5:29:d7:a3:dc:74:c0:fa:c8:d7:7f:2b:3a:32:
2a:40:8d:5d:87:3e:c8:b0:97:a8:43:f0:16:d8:ad:b1:ad:5e:
8c:7c:2b:9b:23:31:e4:9f:ff:65:2a:28:81:e4:90:65:48:e1:
c9:73:44:16:22:9d:b5:5b:d8:b1:6f:65:e3:b1:22:84:a7:17:
b0:c3:62:62:e2:a9:ab:dd:46:87:d7:67:e7:2d:6f:f1:2e:c8:
6a:2a:9e:a6:1a:f1:cb:b5:df:00:ca:9e:07:9f:99:4f:5b:d4:
9e:b7:1b:2a:18:63:b9:91:0e:37:34:d8:af:d6:6a:8b:6a:87:
3e:d7:e8:fe:48:c0:21:32:06:fa:f3:65:57:12:1f:bf:90:58:
82:b7:48:90:82:d1:ea:95:75:f0:2c:e1:be:2e:45:33:9c:5b:
64:10:37:7e:22:80:f8:74:d8:4b:5d:ad:6a:8a:f9:cd:54:a3:
13:2e:0a:2b:fb:8f:4c:1c:90:c6:85:09:07:30:d7:99:2a:d7:
e6:3e:5f:ec
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUB9i12IrP5FRssduIIwMgZ9QlTXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTUwMjAwMTFaFw0yNjAxMTQwMjA1MTFaMDMxMTAvBgNV
BAMTKEQwOTk0NjVERjVFMEZDMjJGOEE3M0Q3QjhCRUQ0OUQwMUY5Mzk2QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFlV9XhR9d6X2E3eIOKt+L+dfv
pQQoXI4R4GmQq6hT2sGOmVq4DUxKKA7LlGf13n+N8ZnXor7dqdRg0r8r2DVWxEoM
9Cm45VC/X7Ex5UJ3nHcQqHEGH+NV5DEcd0BCwJ9UyYDqEGIFLa0m5subYrCq2zUh
OGM+5MdwfWS72vsNfaem7FWoR/Vlp9PR328HkzBH7Cykb4+pjkP3at4phSBpumv9
fJXH0iN4y6WDSrjbiX/pzwyTYQgcfUtUIKDnxGkYubQ7+XtI7OUy5u2cc9YcGmVt
use2e+C+HOY1hebVhDsIeXPcNNotAczw2HZpdU9/BV39d2uO4UDo2rAhrH0hAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU0JlGXfXg/CL4pz17i+1J0B+Tlr8wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNzMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQtDMA0GCSqGSIb3DQEBCwUAA4IBAQAbH/P6JM3JQ+vAAegz1dDQieCORV2MLoaz
togxdnMOECjcKyzOzdFEEzliHJOfL95IxCcyJ0LgIhu35SnXo9x0wPrI138rOjIq
QI1dhz7IsJeoQ/AW2K2xrV6MfCubIzHkn/9lKiiB5JBlSOHJc0QWIp21W9ixb2Xj
sSKEpxeww2Ji4qmr3UaH12fnLW/xLshqKp6mGvHLtd8Ayp4Hn5lPW9SetxsqGGO5
kQ43NNiv1mqLaoc+1+j+SMAhMgb682VXEh+/kFiCt0iQgtHqlXXwLOG+LkUznFtk
EDd+IoD4dNhLXa1qivnNVKMTLgor+49MHJDGhQkHMNeZKtfmPl/s
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:52:26 2025 by rpki-client