Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: E1ogJA+YXaWNRmcfwAtWrOtfjCFCWP9wnpCJ8gOxSiY=
Subject key identifier: 4B:8F:75:84:3B:C3:54:AB:15:78:6A:C9:31:FE:C8:4F:4F:90:94:6D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 44456B495297ED08CE1F64F3EC94344FDA3921C5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
Signing time: Fri 28 Feb 2025 08:07:24 +0000
ROA not before: Fri 28 Feb 2025 08:02:24 +0000
ROA not after: Fri 27 Feb 2026 08:07:24 +0000
asID: 16276
IP address blocks: 96.62.105.0/24 maxlen: 24
146.103.10.0/24 maxlen: 24
146.103.49.0/24 maxlen: 24
150.241.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:45:6b:49:52:97:ed:08:ce:1f:64:f3:ec:94:34:4f:da:39:21:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 28 08:02:24 2025 GMT
Not After : Feb 27 08:07:24 2026 GMT
Subject: CN=4B8F75843BC354AB15786AC931FEC84F4F90946D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0c:e6:a3:a3:96:b5:a1:60:f2:51:9b:28:0a:
a6:08:99:2d:be:92:ed:31:28:13:c8:6d:98:6f:88:
0a:d1:58:74:33:76:d8:bf:62:9f:17:ba:15:56:6d:
12:68:1c:95:e5:9e:22:36:d8:82:f6:80:27:27:06:
b2:10:38:09:57:80:fc:bc:54:73:c8:df:c3:db:5a:
bc:2d:39:85:84:5b:33:cd:fd:a4:22:53:e9:c3:7b:
f6:45:3a:39:ab:33:d7:09:ab:cd:26:f3:ec:99:44:
a7:cc:0f:53:9c:d0:e5:2e:73:68:14:87:24:f1:6b:
4d:db:c9:d7:4e:56:67:c6:a8:50:ac:9f:d1:3d:aa:
8a:2d:4e:2a:94:2b:68:c1:8e:18:63:21:ef:5b:b5:
f0:ae:20:d9:51:70:19:50:38:02:79:98:94:71:cd:
75:c7:47:f5:8f:88:1c:51:ed:2e:21:ed:be:9e:aa:
a1:d6:44:f2:a5:f4:1e:3f:b2:46:73:54:ab:d7:b3:
27:b0:95:6e:82:0c:fd:ed:08:48:ff:e9:75:b9:38:
d9:ce:19:44:02:c6:de:f4:44:8c:1e:17:a9:01:0d:
6c:ca:73:ac:3f:f0:18:21:15:72:0a:78:92:e4:26:
9c:cd:70:ea:ea:64:60:6d:a3:df:db:db:1c:dc:9f:
3e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:8F:75:84:3B:C3:54:AB:15:78:6A:C9:31:FE:C8:4F:4F:90:94:6D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.105.0/24
146.103.10.0/24
146.103.49.0/24
150.241.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:99:6b:1b:dd:45:75:7b:de:ed:1f:d8:f2:af:be:8e:1f:13:
4d:2b:e3:8e:35:a8:8e:2d:b7:96:89:7c:da:fe:80:d1:9d:86:
96:06:f4:b9:2a:b5:85:a1:ae:db:e7:bd:1e:83:4a:51:9f:7d:
45:86:2f:98:f2:87:46:ce:95:8a:21:79:19:75:72:ef:2b:ac:
33:fb:b2:2b:49:d6:59:4e:78:2b:ea:2b:37:18:07:ad:a9:7b:
47:55:fe:ac:7a:f7:74:68:99:72:60:b2:c6:27:29:fe:21:bf:
09:82:e7:6c:f2:98:dd:a7:4e:89:a2:a0:47:06:2b:8a:ad:59:
13:f2:aa:78:c5:88:b9:b4:d0:d6:92:71:ba:b7:3c:51:0e:c3:
95:b4:ea:a3:73:73:e6:c2:6a:d4:de:c2:31:e2:e0:e2:c0:3d:
23:31:8a:96:0a:4b:c3:b5:35:52:25:ee:f1:4b:b0:15:6a:34:
bb:e0:25:38:37:b1:32:07:f5:0c:c0:28:0f:b9:d3:2d:b1:4b:
3e:9e:db:89:7d:a1:2f:10:54:bf:a2:80:17:2f:02:a1:c0:8f:
c7:7b:52:1d:a9:20:9f:67:18:27:0f:6f:e1:51:1f:43:4a:f2:
8b:09:62:a3:dd:f9:75:55:75:aa:a5:56:5e:48:36:00:f4:a3:
a0:14:85:c2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUREVrSVKX7QjOH2Tz7JQ0T9o5IcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMjgwODAyMjRaFw0yNjAyMjcwODA3MjRaMDMxMTAvBgNV
BAMTKDRCOEY3NTg0M0JDMzU0QUIxNTc4NkFDOTMxRkVDODRGNEY5MDk0NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqDOajo5a1oWDyUZsoCqYImS2+
ku0xKBPIbZhviArRWHQzdti/Yp8XuhVWbRJoHJXlniI22IL2gCcnBrIQOAlXgPy8
VHPI38PbWrwtOYWEWzPN/aQiU+nDe/ZFOjmrM9cJq80m8+yZRKfMD1Oc0OUuc2gU
hyTxa03byddOVmfGqFCsn9E9qootTiqUK2jBjhhjIe9btfCuINlRcBlQOAJ5mJRx
zXXHR/WPiBxR7S4h7b6eqqHWRPKl9B4/skZzVKvXsyewlW6CDP3tCEj/6XW5ONnO
GUQCxt70RIweF6kBDWzKc6w/8BghFXIKeJLkJpzNcOrqZGBto9/b2xzcnz4dAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUS491hDvDVKsVeGrJMf7IT0+QlG0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABgPmkD
BACSZwoDBACSZzEDBACW8dEwDQYJKoZIhvcNAQELBQADggEBAKSZaxvdRXV73u0f
2PKvvo4fE00r4441qI4tt5aJfNr+gNGdhpYG9LkqtYWhrtvnvR6DSlGffUWGL5jy
h0bOlYoheRl1cu8rrDP7sitJ1llOeCvqKzcYB62pe0dV/qx693RomXJgssYnKf4h
vwmC52zymN2nTomioEcGK4qtWRPyqnjFiLm00NaScbq3PFEOw5W06qNzc+bCatTe
wjHi4OLAPSMxipYKS8O1NVIl7vFLsBVqNLvgJTg3sTIH9QzAKA+50y2xSz6e24l9
oS8QVL+igBcvAqHAj8d7Uh2pIJ9nGCcPb+FRH0NK8osJYqPd+XVVdaqlVl5INgD0
o6AUhcI=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:56:53 2025 by rpki-client