Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
File: AS1257.roa (raw, json)
Hash identifier: +1O8XxhIRZl9xXnynFNHN7iyH2+o74EHLsmyxBEIZJQ=
Subject key identifier: BC:01:FA:B6:CA:FA:EA:FD:81:EF:D1:C2:B6:49:5A:CC:8D:53:D6:F9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7A802A024BE8847A494A96005162ECD86B0955D4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
Signing time: Mon 24 Mar 2025 11:40:56 +0000
ROA not before: Mon 24 Mar 2025 11:35:56 +0000
ROA not after: Mon 23 Mar 2026 11:40:56 +0000
asID: 1257
IP address blocks: 96.62.59.0/24 maxlen: 24
96.62.194.0/24 maxlen: 24
96.62.195.0/24 maxlen: 24
96.62.229.0/24 maxlen: 24
96.62.253.0/24 maxlen: 24
150.241.196.0/24 maxlen: 24
150.241.197.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:80:2a:02:4b:e8:84:7a:49:4a:96:00:51:62:ec:d8:6b:09:55:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 24 11:35:56 2025 GMT
Not After : Mar 23 11:40:56 2026 GMT
Subject: CN=BC01FAB6CAFAEAFD81EFD1C2B6495ACC8D53D6F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:40:01:b4:05:e5:27:84:97:5c:a0:51:c4:72:
94:92:53:b1:b0:a8:2e:da:56:f4:30:b6:4d:c5:cc:
1d:4e:3d:d7:cc:fa:b8:59:85:61:a8:c7:f1:1c:d1:
df:9e:7c:b6:6e:30:a4:bf:aa:18:cd:2b:64:59:ea:
10:39:05:61:09:df:28:4f:db:4a:a0:86:75:87:e5:
c0:23:8f:d2:07:33:93:6c:1d:c6:89:2b:91:47:c9:
28:bb:dc:f1:84:fb:45:1c:b3:f0:3e:e9:3c:db:7c:
e8:3e:30:03:08:5c:03:b7:b3:26:dc:df:a0:30:0d:
6b:7b:b9:95:87:ea:fe:40:9d:bf:c1:2e:49:ba:0d:
d7:f6:db:4d:d5:8c:d0:2e:42:34:d3:66:1d:7e:ef:
0b:46:7b:b4:ee:c0:0a:a7:0f:33:ea:08:e0:6c:5b:
25:6c:88:a9:54:fa:1f:41:30:b2:6b:32:b1:38:40:
e8:52:86:99:1a:c1:5f:14:cb:13:1a:e8:e9:ca:e4:
03:e6:f4:c8:26:40:8a:ae:19:b0:fd:de:c8:a9:19:
47:c7:fc:02:c2:35:a5:fb:06:35:4c:0f:2d:b9:d5:
e7:cc:e4:f2:41:0b:8c:e0:e2:06:22:3e:42:0b:4d:
7b:6e:69:2a:04:53:70:69:4b:65:aa:41:f8:69:5b:
12:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:01:FA:B6:CA:FA:EA:FD:81:EF:D1:C2:B6:49:5A:CC:8D:53:D6:F9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS1257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.59.0/24
96.62.194.0/23
96.62.229.0/24
96.62.253.0/24
150.241.196.0/23
Signature Algorithm: sha256WithRSAEncryption
33:40:4c:a7:a9:52:9d:4e:b1:3d:a8:33:69:53:3d:ca:e8:16:
cb:af:6e:5a:48:26:e2:b4:c0:d6:47:6c:cc:8f:50:c9:e2:18:
e3:e9:87:ac:97:1d:17:2f:f2:15:41:3c:56:77:4f:37:da:d8:
a2:37:ed:c8:e9:5f:32:1e:85:f2:4c:fa:2d:b0:3a:ef:c2:d3:
7a:58:d9:92:d5:e2:58:47:f9:61:5e:35:e5:87:50:3e:de:ab:
67:43:22:74:5d:05:75:03:db:4f:ac:c3:38:09:a4:33:da:bc:
d4:41:59:9a:33:6a:02:3b:b6:b0:56:fb:f1:6d:17:44:4e:59:
e9:53:d7:22:7b:7c:90:64:1f:07:01:a2:59:9a:05:a0:85:49:
12:eb:b1:25:3c:96:6c:ed:46:de:8f:0e:2c:d8:ee:c0:86:8e:
5d:af:d3:17:1d:d7:33:37:e2:74:b6:c6:84:29:b3:54:b5:65:
86:2e:62:d0:a2:10:ca:37:73:ee:b1:64:17:d7:4d:5b:35:35:
6d:28:f8:16:9c:c3:53:bd:f3:e3:49:1d:9a:f1:72:1f:f2:de:
34:05:90:3e:f1:dc:d3:59:ad:22:52:16:74:3c:65:0d:11:de:
56:dc:1c:1f:bb:a8:a1:5b:7d:86:0a:6c:3a:c1:66:77:5f:8a:
54:67:49:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUeoAqAkvohHpJSpYAUWLs2GsJVdQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMjQxMTM1NTZaFw0yNjAzMjMxMTQwNTZaMDMxMTAvBgNV
BAMTKEJDMDFGQUI2Q0FGQUVBRkQ4MUVGRDFDMkI2NDk1QUNDOEQ1M0Q2RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHQAG0BeUnhJdcoFHEcpSSU7Gw
qC7aVvQwtk3FzB1OPdfM+rhZhWGox/Ec0d+efLZuMKS/qhjNK2RZ6hA5BWEJ3yhP
20qghnWH5cAjj9IHM5NsHcaJK5FHySi73PGE+0Ucs/A+6TzbfOg+MAMIXAO3sybc
36AwDWt7uZWH6v5Anb/BLkm6Ddf2203VjNAuQjTTZh1+7wtGe7TuwAqnDzPqCOBs
WyVsiKlU+h9BMLJrMrE4QOhShpkawV8UyxMa6OnK5APm9MgmQIquGbD93sipGUfH
/ALCNaX7BjVMDy251efM5PJBC4zg4gYiPkILTXtuaSoEU3BpS2WqQfhpWxKrAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUvAH6tsr66v2B79HCtklazI1T1vkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAGA+OwME
AWA+wgMEAGA+5QMEAGA+/QMEAZbxxDANBgkqhkiG9w0BAQsFAAOCAQEAM0BMp6lS
nU6xPagzaVM9yugWy69uWkgm4rTA1kdszI9QyeIY4+mHrJcdFy/yFUE8VndPN9rY
ojftyOlfMh6F8kz6LbA678LTeljZktXiWEf5YV415YdQPt6rZ0MidF0FdQPbT6zD
OAmkM9q81EFZmjNqAju2sFb78W0XRE5Z6VPXInt8kGQfBwGiWZoFoIVJEuuxJTyW
bO1G3o8OLNjuwIaOXa/TFx3XMzfidLbGhCmzVLVlhi5i0KIQyjdz7rFkF9dNWzU1
bSj4FpzDU73z40kdmvFyH/LeNAWQPvHc01mtIlIWdDxlDRHeVtwcH7uooVt9hgps
OsFmd1+KVGdJ6w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:29:56 2025 by rpki-client