Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20648.roa
File: AS20648.roa (raw, json)
Hash identifier: cMeTzLALOGjOKoZVV54DjKjv1b2KLcOxvyDDJRwVOrI=
Subject key identifier: 18:41:0E:75:29:4F:13:2A:D6:6B:77:E6:3B:60:21:E0:EC:A0:EB:3A
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1331233AE751CF8E7B75B4CA74AABE778B1E0288
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20648.roa
Signing time: Wed 08 Jan 2025 12:11:39 +0000
ROA not before: Wed 08 Jan 2025 12:06:39 +0000
ROA not after: Wed 07 Jan 2026 12:11:39 +0000
asID: 20648
IP address blocks: 96.62.242.0/24 maxlen: 24
96.62.244.0/24 maxlen: 24
150.241.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:31:23:3a:e7:51:cf:8e:7b:75:b4:ca:74:aa:be:77:8b:1e:02:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 8 12:06:39 2025 GMT
Not After : Jan 7 12:11:39 2026 GMT
Subject: CN=18410E75294F132AD66B77E63B6021E0ECA0EB3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:32:f1:be:f0:d8:49:70:a9:7e:2d:98:be:ca:
f7:45:10:27:cb:bb:bc:fa:12:e5:b4:ee:8a:a4:6f:
f3:3b:21:a7:dc:b2:f3:9f:fa:e3:2e:92:5e:d8:ae:
af:86:9f:e4:24:38:e2:4a:b6:0e:76:14:4b:9c:e1:
af:40:b8:f5:29:1a:0a:ef:a7:04:5e:5b:1b:44:98:
73:61:a2:1c:36:a6:12:d4:da:e0:db:be:89:d8:ed:
08:be:80:51:67:d4:6b:98:a3:1e:e1:eb:5f:8f:dc:
c5:43:0c:6d:d3:9c:72:63:16:7b:9a:eb:58:71:16:
56:05:c3:fe:05:8b:01:92:30:c1:8f:d7:28:d3:cd:
52:71:a8:c9:21:75:88:1f:eb:7c:08:c0:e1:07:81:
37:9e:2b:d9:bd:d1:f8:9b:11:aa:2b:33:f7:50:e2:
d3:87:c8:8a:4c:a3:1e:d6:a7:e2:26:9a:11:f2:54:
d4:45:56:ae:53:77:ac:eb:16:8b:8c:6b:ba:0f:34:
20:2a:b2:05:3c:e9:5f:14:91:25:34:39:dc:d5:4e:
5b:89:49:cb:7a:39:7e:a8:4a:97:5e:09:9e:e7:68:
30:09:ba:92:21:24:45:03:fa:04:87:6f:6a:c8:3d:
85:54:e7:52:12:7e:e4:1c:96:d3:58:4c:3e:48:bf:
3d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:41:0E:75:29:4F:13:2A:D6:6B:77:E6:3B:60:21:E0:EC:A0:EB:3A
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20648.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.242.0/24
96.62.244.0/24
150.241.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:7b:fc:82:0d:4c:41:da:eb:4f:4c:d1:88:6b:a9:ef:54:5b:
73:ed:ac:f7:8e:e4:a8:d8:c8:2f:7a:79:a6:53:bd:3f:74:4a:
43:6c:9a:ac:78:fd:37:c8:d8:95:da:1f:59:2a:95:fa:3f:0b:
9b:3e:39:36:ab:4a:fb:b1:59:0b:af:de:6f:ab:5e:58:b7:8a:
96:0e:0e:a6:81:83:5c:17:51:0f:38:d6:e0:08:ee:e9:69:e6:
88:49:59:b6:bc:8a:63:f0:29:6f:e6:d9:72:ff:2a:69:b0:6e:
13:8f:d7:f9:5e:eb:ca:71:8b:17:31:e0:d4:6b:13:8e:34:ce:
3d:c7:7d:cc:52:a9:2b:dc:d7:44:d7:c3:b2:a2:75:03:af:f4:
ee:2c:01:38:2c:44:a0:61:e9:e1:89:10:22:91:67:47:a2:7d:
1e:06:30:22:2c:6e:02:63:4c:01:d9:d7:b6:29:f9:3d:94:38:
02:a3:4c:f7:4f:9b:6b:d1:a6:e2:a4:6f:34:96:c1:cb:3a:e0:
cd:8f:73:11:7c:76:84:3e:0a:d8:45:84:bf:a3:0b:0b:53:88:
db:16:1a:72:b4:f5:75:35:d5:2b:64:7b:7d:e6:1b:a0:47:ae:
a1:75:a0:39:57:eb:c8:e0:36:65:51:97:88:60:68:fc:ba:f8:
21:6b:26:6a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUEzEjOudRz457dbTKdKq+d4seAogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMDgxMjA2MzlaFw0yNjAxMDcxMjExMzlaMDMxMTAvBgNV
BAMTKDE4NDEwRTc1Mjk0RjEzMkFENjZCNzdFNjNCNjAyMUUwRUNBMEVCM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdMvG+8NhJcKl+LZi+yvdFECfL
u7z6EuW07oqkb/M7IafcsvOf+uMukl7Yrq+Gn+QkOOJKtg52FEuc4a9AuPUpGgrv
pwReWxtEmHNhohw2phLU2uDbvonY7Qi+gFFn1GuYox7h61+P3MVDDG3TnHJjFnua
61hxFlYFw/4FiwGSMMGP1yjTzVJxqMkhdYgf63wIwOEHgTeeK9m90fibEaorM/dQ
4tOHyIpMox7Wp+ImmhHyVNRFVq5Td6zrFouMa7oPNCAqsgU86V8UkSU0OdzVTluJ
Sct6OX6oSpdeCZ7naDAJupIhJEUD+gSHb2rIPYVU51ISfuQcltNYTD5Ivz1DAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUGEEOdSlPEyrWa3fmO2Ah4Oyg6zowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA2NDgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABgPvID
BABgPvQDBACW8fwwDQYJKoZIhvcNAQELBQADggEBAKR7/IINTEHa609M0Yhrqe9U
W3PtrPeO5KjYyC96eaZTvT90SkNsmqx4/TfI2JXaH1kqlfo/C5s+OTarSvuxWQuv
3m+rXli3ipYODqaBg1wXUQ841uAI7ulp5ohJWba8imPwKW/m2XL/KmmwbhOP1/le
68pxixcx4NRrE440zj3HfcxSqSvc10TXw7KidQOv9O4sATgsRKBh6eGJECKRZ0ei
fR4GMCIsbgJjTAHZ17Yp+T2UOAKjTPdPm2vRpuKkbzSWwcs64M2PcxF8doQ+CthF
hL+jCwtTiNsWGnK09XU11Stke33mG6BHrqF1oDlX68jgNmVRl4hgaPy6+CFrJmo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:14 2025 by rpki-client