Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213563.roa
File: AS213563.roa (raw, json)
Hash identifier: SHwihiGd+xnRZwCUyheUTPaChe6lf6X9Mlvsj4Ok1S0=
Subject key identifier: 8B:9D:67:28:E5:31:AC:2D:79:12:2E:17:D2:65:77:8B:0F:DB:01:C9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 238998C49EA2CDFB9B429877A9BED725E86E0F50
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213563.roa
Signing time: Mon 10 Feb 2025 18:57:47 +0000
ROA not before: Mon 10 Feb 2025 18:52:47 +0000
ROA not after: Mon 09 Feb 2026 18:57:47 +0000
asID: 213563
IP address blocks: 150.241.232.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:89:98:c4:9e:a2:cd:fb:9b:42:98:77:a9:be:d7:25:e8:6e:0f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 10 18:52:47 2025 GMT
Not After : Feb 9 18:57:47 2026 GMT
Subject: CN=8B9D6728E531AC2D79122E17D265778B0FDB01C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3d:fd:ca:ef:a8:0a:08:c7:16:2c:86:2c:4c:
e9:27:84:ef:d8:1c:8a:70:2e:cf:26:fe:ee:16:b3:
66:94:8e:6f:bf:17:2b:b8:1c:21:3d:95:1d:0c:62:
c3:76:fb:38:33:1e:ce:c5:de:ee:38:53:3d:45:0b:
db:98:9f:88:e2:f2:cf:9a:74:d9:a0:7e:6d:8a:02:
07:64:7e:24:8e:d8:2b:e0:fe:ce:10:7e:2a:29:74:
22:e0:b7:cb:2f:a1:47:18:18:e1:d2:b1:78:ea:69:
f9:6c:28:0b:b0:2f:36:80:a8:01:df:51:f1:b3:2f:
95:0b:97:91:bd:cd:d6:05:f5:94:0d:7f:a3:7b:08:
aa:41:6c:a5:2e:93:7b:b1:32:cd:c4:32:3e:5f:56:
fb:65:4f:90:45:69:8c:75:f4:c8:ef:a0:85:d1:0d:
c6:3f:7c:47:c1:ac:68:2f:ac:56:16:52:f4:81:90:
20:db:38:36:29:8c:f7:3b:cc:2c:a2:6e:fc:5a:4b:
17:6c:a6:12:12:9b:cb:ba:3c:20:27:9b:95:ac:78:
2a:3c:f9:2e:78:c7:0d:74:85:3b:61:bc:a1:87:9c:
68:72:91:42:5c:16:41:80:43:1d:77:72:3b:3e:16:
92:c2:c6:ff:cd:b6:0a:6d:f9:7c:29:26:48:cd:e3:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9D:67:28:E5:31:AC:2D:79:12:2E:17:D2:65:77:8B:0F:DB:01:C9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS213563.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.232.0/24
Signature Algorithm: sha256WithRSAEncryption
44:4e:2b:c6:86:ef:db:84:05:69:dc:5f:e5:4c:f5:6b:41:47:
58:23:88:f2:b3:f6:45:54:12:d9:98:ec:b3:8c:0e:63:19:ea:
38:e2:ac:23:44:ee:e4:48:f4:a5:13:d5:7b:4c:18:89:4c:83:
21:97:57:67:e5:7d:1d:c6:15:94:60:0c:62:b7:fc:10:ea:3a:
22:ba:d8:8f:c6:14:15:56:6e:dd:41:c5:c5:37:25:2f:6e:4c:
2c:bf:6d:f2:e4:18:a3:8f:57:37:38:89:85:65:3e:85:8d:0b:
4a:74:4e:6d:27:07:b3:3f:da:87:98:71:63:6b:6e:12:88:00:
c2:45:ee:8e:9d:3f:89:6c:3a:85:4d:41:76:f6:bb:0a:f4:de:
7f:0e:35:9d:95:6a:41:64:ee:92:c4:b4:a0:89:f5:0c:b1:22:
92:04:3b:5c:b5:7c:29:34:88:65:b0:ec:7d:76:e4:a3:7b:4d:
9f:53:a9:9e:c9:6e:90:f3:0c:b3:68:0a:36:77:2b:79:44:1f:
2a:2f:63:8b:f5:55:57:e7:47:b6:d4:ab:9e:d6:98:69:c5:e6:
d7:4f:31:4e:58:2a:1e:fb:67:a8:9d:54:90:17:c2:36:d0:d5:
ae:47:56:a4:7f:fe:49:aa:c2:98:86:6b:9f:f8:0a:65:33:06:
77:28:da:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUI4mYxJ6izfubQph3qb7XJehuD1AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMTAxODUyNDdaFw0yNjAyMDkxODU3NDdaMDMxMTAvBgNV
BAMTKDhCOUQ2NzI4RTUzMUFDMkQ3OTEyMkUxN0QyNjU3NzhCMEZEQjAxQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Pf3K76gKCMcWLIYsTOknhO/Y
HIpwLs8m/u4Ws2aUjm+/Fyu4HCE9lR0MYsN2+zgzHs7F3u44Uz1FC9uYn4ji8s+a
dNmgfm2KAgdkfiSO2Cvg/s4QfiopdCLgt8svoUcYGOHSsXjqaflsKAuwLzaAqAHf
UfGzL5ULl5G9zdYF9ZQNf6N7CKpBbKUuk3uxMs3EMj5fVvtlT5BFaYx19MjvoIXR
DcY/fEfBrGgvrFYWUvSBkCDbODYpjPc7zCyibvxaSxdsphISm8u6PCAnm5WseCo8
+S54xw10hTthvKGHnGhykUJcFkGAQx13cjs+FpLCxv/Ntgpt+XwpJkjN4xAdAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUi51nKOUxrC15Ei4X0mV3iw/bAckwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEzNTYzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlvHo
MA0GCSqGSIb3DQEBCwUAA4IBAQBETivGhu/bhAVp3F/lTPVrQUdYI4jys/ZFVBLZ
mOyzjA5jGeo44qwjRO7kSPSlE9V7TBiJTIMhl1dn5X0dxhWUYAxit/wQ6joiutiP
xhQVVm7dQcXFNyUvbkwsv23y5Bijj1c3OImFZT6FjQtKdE5tJwezP9qHmHFja24S
iADCRe6OnT+JbDqFTUF29rsK9N5/DjWdlWpBZO6SxLSgifUMsSKSBDtctXwpNIhl
sOx9duSje02fU6meyW6Q8wyzaAo2dyt5RB8qL2OL9VVX50e21Kue1phpxebXTzFO
WCoe+2eonVSQF8I20NWuR1akf/5JqsKYhmuf+AplMwZ3KNrm
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:28 2025 by rpki-client