Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9232.roa
File: AS9232.roa (raw, json)
Hash identifier: jMWrbO52SAlOeM6RZ+MJVwnYaxyG2iSEePruH+jC808=
Subject key identifier: 5E:F5:97:D0:8B:B9:B1:B7:57:D9:12:14:89:3A:D3:0A:0D:FE:62:74
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0A997629F368DC6257396ADC357FA74C2ECE7A28
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9232.roa
Signing time: Wed 26 Mar 2025 07:43:43 +0000
ROA not before: Wed 26 Mar 2025 07:38:43 +0000
ROA not after: Wed 25 Mar 2026 07:43:43 +0000
asID: 9232
IP address blocks: 82.22.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:99:76:29:f3:68:dc:62:57:39:6a:dc:35:7f:a7:4c:2e:ce:7a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 26 07:38:43 2025 GMT
Not After : Mar 25 07:43:43 2026 GMT
Subject: CN=5EF597D08BB9B1B757D91214893AD30A0DFE6274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:41:d8:d3:d2:a3:21:47:39:70:fe:f0:30:a3:
45:76:1b:37:75:b8:63:d5:2f:77:fb:8d:f3:e3:27:
f4:a9:20:0f:ab:78:ee:d2:82:ce:9c:a2:d3:d4:b3:
e3:ed:36:a3:5c:5d:3d:9c:f3:b4:99:5b:da:29:a0:
9e:9a:dc:81:36:4d:c0:23:c6:d4:51:54:39:2c:8c:
39:bc:e7:9a:e5:e2:7b:0e:f5:2e:37:c5:c9:c0:0e:
2a:f9:8d:c4:3b:2b:65:80:e4:e2:26:2f:f4:4d:1e:
b1:76:9b:4e:70:3b:c3:34:56:03:3e:e3:8e:47:53:
fd:2f:d6:d1:b5:a9:cf:66:36:59:f1:7e:74:70:40:
32:5a:98:f6:52:20:ed:a9:f1:5f:d5:af:da:54:c4:
03:80:5e:c4:93:34:51:f2:53:b4:6d:9b:af:71:a4:
9c:dd:eb:57:7b:f0:af:24:47:49:a3:7e:98:37:d8:
4c:49:e6:9b:9e:e5:bf:b4:a7:09:17:4c:76:d0:ad:
e0:09:7f:6d:59:eb:f3:1a:43:26:91:42:2b:bf:e6:
2d:38:fe:db:a0:87:fa:d3:3d:d5:75:33:f1:13:a1:
31:ff:e6:30:dd:6d:a5:a8:07:53:2d:d2:6d:4b:c5:
d0:28:c9:54:d2:5f:2b:97:09:c8:86:79:9b:ea:94:
b1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F5:97:D0:8B:B9:B1:B7:57:D9:12:14:89:3A:D3:0A:0D:FE:62:74
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.99.0/24
Signature Algorithm: sha256WithRSAEncryption
40:2e:11:bf:38:07:58:15:d1:a4:cc:e6:f3:00:94:ac:f7:d0:
30:37:e1:b7:aa:6f:bf:9f:f4:34:9e:ea:d0:23:dd:9c:64:96:
dd:e1:84:b5:29:35:71:c8:97:96:19:8a:5e:0d:f4:45:da:b8:
1e:e3:5b:9d:4b:c9:60:b4:50:64:f1:40:14:42:55:25:3e:5a:
ee:70:ac:bf:38:d6:a9:fa:94:e4:40:6c:38:b1:0b:8e:71:d3:
86:e6:f1:fa:21:b0:c7:7b:f1:cb:3e:82:af:b6:0f:c8:c4:24:
8e:b6:b6:5b:fe:26:aa:09:87:5d:f2:6c:75:1d:92:eb:ad:b2:
4e:37:cd:19:bb:85:4f:45:43:14:27:35:5a:80:0b:54:df:89:
aa:8f:b3:3f:9d:19:20:e5:56:a9:ad:84:a4:6b:85:05:c1:69:
18:b1:ed:77:77:47:04:79:a4:cd:94:00:fa:53:87:30:9f:d0:
81:e5:50:bb:65:b9:df:79:39:f1:ac:11:a6:1a:3c:2c:20:69:
44:6b:66:82:29:d4:fe:e5:ab:33:fa:f6:ee:5f:29:74:3d:93:
aa:9d:8d:d9:03:38:f7:ce:f0:dc:20:5d:de:db:9c:1a:e3:7b:
b7:5c:e6:df:bf:7c:c1:02:89:32:43:7f:a8:8c:58:4a:9c:92:
f7:49:c3:0d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUCpl2KfNo3GJXOWrcNX+nTC7OeigwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjYwNzM4NDNaFw0yNjAzMjUwNzQzNDNaMDMxMTAvBgNV
BAMTKDVFRjU5N0QwOEJCOUIxQjc1N0Q5MTIxNDg5M0FEMzBBMERGRTYyNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8QdjT0qMhRzlw/vAwo0V2Gzd1
uGPVL3f7jfPjJ/SpIA+reO7Sgs6cotPUs+PtNqNcXT2c87SZW9opoJ6a3IE2TcAj
xtRRVDksjDm855rl4nsO9S43xcnADir5jcQ7K2WA5OImL/RNHrF2m05wO8M0VgM+
445HU/0v1tG1qc9mNlnxfnRwQDJamPZSIO2p8V/Vr9pUxAOAXsSTNFHyU7Rtm69x
pJzd61d78K8kR0mjfpg32ExJ5pue5b+0pwkXTHbQreAJf21Z6/MaQyaRQiu/5i04
/tugh/rTPdV1M/EToTH/5jDdbaWoB1Mt0m1LxdAoyVTSXyuXCciGeZvqlLEvAgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUXvWX0Iu5sbdX2RIUiTrTCg3+YnQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTIzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIWYzAN
BgkqhkiG9w0BAQsFAAOCAQEAQC4RvzgHWBXRpMzm8wCUrPfQMDfht6pvv5/0NJ7q
0CPdnGSW3eGEtSk1cciXlhmKXg30Rdq4HuNbnUvJYLRQZPFAFEJVJT5a7nCsvzjW
qfqU5EBsOLELjnHThubx+iGwx3vxyz6Cr7YPyMQkjra2W/4mqgmHXfJsdR2S662y
TjfNGbuFT0VDFCc1WoALVN+Jqo+zP50ZIOVWqa2EpGuFBcFpGLHtd3dHBHmkzZQA
+lOHMJ/QgeVQu2W533k58awRpho8LCBpRGtmginU/uWrM/r27l8pdD2Tqp2N2QM4
987w3CBd3tucGuN7t1zm3798wQKJMkN/qIxYSpyS90nDDQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:32:40 2025 by rpki-client