Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211241.roa
File: AS211241.roa (raw, json)
Hash identifier: domTQzg6MqBki1wXEhSwvFsBDL2yB28mG7YVWV9igiM=
Subject key identifier: BA:8C:C8:6F:E5:BF:9C:CD:65:14:BB:C8:4B:33:A7:7C:7C:39:25:A4
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 5287CB269C90149A8FBE84B016ABA956CA3E99BF
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211241.roa
Signing time: Wed 09 Apr 2025 13:02:28 +0000
ROA not before: Wed 09 Apr 2025 12:57:28 +0000
ROA not after: Wed 08 Apr 2026 13:02:28 +0000
asID: 211241
IP address blocks: 2a0f:85c1:bf9::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:87:cb:26:9c:90:14:9a:8f:be:84:b0:16:ab:a9:56:ca:3e:99:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Apr 9 12:57:28 2025 GMT
Not After : Apr 8 13:02:28 2026 GMT
Subject: CN=BA8CC86FE5BF9CCD6514BBC84B33A77C7C3925A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:8a:15:c7:65:32:12:f7:64:18:18:83:ba:05:
58:a4:33:d3:13:08:2f:9e:2b:66:d3:86:44:1f:49:
b7:b8:db:36:94:7f:da:ff:6d:92:e2:e5:39:60:a1:
ab:24:71:74:8e:b6:54:d6:e8:83:d4:32:57:ce:be:
2c:6f:3f:fe:bd:aa:5e:08:81:42:97:cc:15:2d:75:
c3:8b:c0:3d:08:66:d5:b0:33:b3:06:b1:fd:50:00:
47:2e:73:3c:6c:da:44:3c:4f:e0:41:34:93:19:e1:
a7:06:aa:34:5e:8c:1b:a6:62:44:86:9b:e0:c4:44:
d5:95:94:f8:34:08:5a:e1:b5:5d:44:2b:e3:76:81:
75:20:ef:ef:f4:b1:02:79:ef:7b:a3:16:0a:fe:4c:
97:c1:e8:39:f3:8b:1e:b8:f4:78:96:2c:2c:02:66:
86:0c:6f:84:78:57:c2:12:42:5b:1c:3b:5d:88:3e:
27:f3:00:b9:44:7a:51:a7:de:3f:79:b0:33:fa:06:
b0:4b:f0:47:18:fe:a5:ec:33:e9:2f:b0:20:c2:f4:
fb:d6:d7:3a:26:e8:b4:03:ce:8a:15:24:53:4d:a4:
cb:63:0a:9e:f5:b6:4f:84:b0:f6:aa:5c:9d:34:e4:
18:8e:50:65:f9:b8:76:63:06:a1:cc:7d:1c:d3:34:
5f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8C:C8:6F:E5:BF:9C:CD:65:14:BB:C8:4B:33:A7:7C:7C:39:25:A4
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211241.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:bf9::/48
Signature Algorithm: sha256WithRSAEncryption
0d:b9:1e:19:94:a9:70:a6:41:bf:d6:d8:02:d0:31:45:fc:42:
9d:96:c2:24:7e:77:89:01:4b:74:99:07:2e:76:5c:24:49:a4:
09:71:d6:da:6a:be:27:3a:a3:87:0c:2f:97:a8:73:82:e6:08:
e9:d5:4c:a6:d2:d8:fe:62:cf:a3:ba:74:b5:4d:2b:a5:6e:06:
22:1a:13:40:63:4e:55:5c:8b:a1:05:3d:f5:c7:64:16:9a:75:
1d:51:f3:4c:74:92:45:86:a2:45:80:7f:67:6a:47:3c:16:79:
e3:1e:de:26:2e:62:2f:e1:bd:21:f7:88:63:27:2f:3d:44:6b:
e6:1d:14:38:db:61:42:7e:e8:b7:c3:78:38:d9:87:12:01:f8:
8e:d2:38:1a:04:2c:d9:5c:33:e0:09:77:ea:5e:13:e8:cc:61:
2c:47:a1:ae:a7:31:bd:71:98:ee:7d:5d:3a:fb:47:4b:69:3e:
bf:49:9b:61:e0:c1:24:47:fe:fe:ee:09:86:00:4f:72:fb:04:
b6:d5:f3:db:ab:54:cb:5a:f6:66:7b:d7:58:4a:97:33:c6:5a:
cb:62:a8:3f:f3:5c:fc:db:2a:f4:86:c7:1c:cd:1a:48:59:5c:
7f:7f:4b:b8:23:0f:b5:5f:d2:2e:58:c8:9b:40:5e:8c:6b:3f:
20:00:48:5a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUUofLJpyQFJqPvoSwFqupVso+mb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA0MDkxMjU3MjhaFw0yNjA0MDgxMzAyMjhaMDMxMTAvBgNV
BAMTKEJBOENDODZGRTVCRjlDQ0Q2NTE0QkJDODRCMzNBNzdDN0MzOTI1QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuihXHZTIS92QYGIO6BVikM9MT
CC+eK2bThkQfSbe42zaUf9r/bZLi5TlgoaskcXSOtlTW6IPUMlfOvixvP/69ql4I
gUKXzBUtdcOLwD0IZtWwM7MGsf1QAEcuczxs2kQ8T+BBNJMZ4acGqjRejBumYkSG
m+DERNWVlPg0CFrhtV1EK+N2gXUg7+/0sQJ573ujFgr+TJfB6Dnzix649HiWLCwC
ZoYMb4R4V8ISQlscO12IPifzALlEelGn3j95sDP6BrBL8EcY/qXsM+kvsCDC9PvW
1zom6LQDzooVJFNNpMtjCp71tk+EsPaqXJ005BiOUGX5uHZjBqHMfRzTNF8DAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUuozIb+W/nM1lFLvISzOnfHw5JaQwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjExMjQxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQv5MA0GCSqGSIb3DQEBCwUAA4IBAQANuR4ZlKlwpkG/1tgC0DFF/EKdlsIkfneJ
AUt0mQcudlwkSaQJcdbaar4nOqOHDC+XqHOC5gjp1Uym0tj+Ys+junS1TSulbgYi
GhNAY05VXIuhBT31x2QWmnUdUfNMdJJFhqJFgH9nakc8FnnjHt4mLmIv4b0h94hj
Jy89RGvmHRQ422FCfui3w3g42YcSAfiO0jgaBCzZXDPgCXfqXhPozGEsR6GupzG9
cZjufV06+0dLaT6/SZth4MEkR/7+7gmGAE9y+wS21fPbq1TLWvZme9dYSpczxlrL
Yqg/81z82yr0hscczRpIWVx/f0u4Iw+1X9IuWMibQF6Maz8gAEha
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:28 2025 by rpki-client on console.sobornost.net