Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29066.roa
File: AS29066.roa (raw, json)
Hash identifier: 5vUXI1knFvYn8vjPiQEOE9hoqpYj3lYqIYC4cAu/6HU=
Subject key identifier: 88:47:61:EA:D5:FA:86:03:36:77:EE:AF:3E:A5:EF:9C:0D:5E:01:9D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0242B93AA5C135EAFA7A0EC0FB198A1E48DFFEC0
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29066.roa
Signing time: Sat 08 Mar 2025 11:53:56 +0000
ROA not before: Sat 08 Mar 2025 11:48:56 +0000
ROA not after: Sat 07 Mar 2026 11:53:56 +0000
asID: 29066
IP address blocks: 146.103.8.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:42:b9:3a:a5:c1:35:ea:fa:7a:0e:c0:fb:19:8a:1e:48:df:fe:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 8 11:48:56 2025 GMT
Not After : Mar 7 11:53:56 2026 GMT
Subject: CN=884761EAD5FA86033677EEAF3EA5EF9C0D5E019D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:6e:44:8b:45:da:c0:08:1b:42:ad:41:44:
62:08:09:ca:1f:5d:2b:d6:e9:3c:c4:f3:32:e1:57:
65:26:45:21:55:27:3f:72:8c:62:8d:79:13:50:1d:
c8:0d:78:4b:de:8a:54:ca:1c:52:34:49:f5:c1:9e:
7c:cb:93:ed:e9:bc:4c:db:93:f8:b3:78:14:51:4a:
80:61:05:4d:29:9e:57:b4:ee:0e:b3:9c:d6:a8:bf:
19:d1:b2:88:69:57:b3:48:1c:85:26:00:c6:e5:84:
b2:27:3d:d8:ed:82:aa:4f:51:34:64:03:a3:df:ec:
8b:0b:88:11:48:b5:32:ab:f8:24:30:e5:48:e0:ce:
ad:2e:8a:96:38:53:58:97:07:e7:cb:6c:f5:2f:da:
b3:df:b8:79:78:41:92:9e:d6:b1:a2:fe:d1:58:62:
a5:04:82:11:4f:ef:a0:7a:d2:05:0b:97:de:2d:11:
63:0a:a9:d7:0b:40:1c:22:58:eb:59:c4:62:33:24:
15:f2:45:8a:da:a2:c7:2e:57:86:f9:6a:4c:b7:8f:
96:f3:d2:1e:cb:8c:31:b3:c5:59:97:d0:07:b5:23:
c9:da:b9:6b:01:42:1f:ec:31:1d:af:2c:94:99:f8:
7a:86:d7:73:ce:91:3d:65:fe:bd:fc:b4:e1:34:24:
be:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:47:61:EA:D5:FA:86:03:36:77:EE:AF:3E:A5:EF:9C:0D:5E:01:9D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29066.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.103.8.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:b3:f0:e1:55:19:e4:b8:82:58:8b:66:77:dd:56:81:d6:ec:
2e:46:2e:47:03:94:d9:99:01:19:87:60:bf:9c:25:65:a0:e0:
51:c0:3a:7b:c9:b7:24:90:ba:33:41:e4:dd:18:1b:9a:09:e9:
9d:f6:2b:03:68:55:09:9a:2e:66:5f:64:26:e7:59:6f:d9:6d:
d3:18:05:73:c3:30:0c:b4:ce:1e:4c:e4:d4:93:f4:66:1a:ab:
e0:e9:74:25:6c:3c:be:15:6c:28:f2:90:6c:d3:c6:ab:01:5f:
fa:6f:e5:69:2c:0c:39:7a:84:3f:fb:9c:35:9c:99:b7:94:f8:
b1:a2:b8:30:a7:0b:24:7c:da:4c:fe:78:12:f3:ff:1f:03:83:
5d:a8:db:3d:75:44:05:22:2a:b8:4c:7f:1b:7a:80:79:22:fd:
75:f5:47:91:cb:ea:83:d9:b3:83:fa:b8:c5:6e:2e:35:96:f5:
38:4a:54:37:f5:61:87:9a:7c:44:af:04:89:d9:8e:87:4a:53:
c8:de:2c:9e:ea:ec:ca:90:84:fc:91:a9:b2:66:77:8f:c5:6f:
83:f3:4c:fd:84:0a:9f:a0:61:63:11:42:1b:3c:4c:3e:70:23:
80:84:a7:0f:07:32:e0:2e:4e:2d:d5:44:42:3f:31:c0:8e:39:
ce:48:46:9e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUAkK5OqXBNer6eg7A+xmKHkjf/sAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMDgxMTQ4NTZaFw0yNjAzMDcxMTUzNTZaMDMxMTAvBgNV
BAMTKDg4NDc2MUVBRDVGQTg2MDMzNjc3RUVBRjNFQTVFRjlDMEQ1RTAxOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvy25Ei0XawAgbQq1BRGIICcof
XSvW6TzE8zLhV2UmRSFVJz9yjGKNeRNQHcgNeEveilTKHFI0SfXBnnzLk+3pvEzb
k/izeBRRSoBhBU0pnle07g6znNaovxnRsohpV7NIHIUmAMblhLInPdjtgqpPUTRk
A6Pf7IsLiBFItTKr+CQw5Ujgzq0uipY4U1iXB+fLbPUv2rPfuHl4QZKe1rGi/tFY
YqUEghFP76B60gULl94tEWMKqdcLQBwiWOtZxGIzJBXyRYraoscuV4b5aky3j5bz
0h7LjDGzxVmX0Ae1I8nauWsBQh/sMR2vLJSZ+HqG13POkT1l/r38tOE0JL7DAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUiEdh6tX6hgM2d+6vPqXvnA1eAZ0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjkwNjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGSZwgw
DQYJKoZIhvcNAQELBQADggEBAA+z8OFVGeS4gliLZnfdVoHW7C5GLkcDlNmZARmH
YL+cJWWg4FHAOnvJtySQujNB5N0YG5oJ6Z32KwNoVQmaLmZfZCbnWW/ZbdMYBXPD
MAy0zh5M5NST9GYaq+DpdCVsPL4VbCjykGzTxqsBX/pv5WksDDl6hD/7nDWcmbeU
+LGiuDCnCyR82kz+eBLz/x8Dg12o2z11RAUiKrhMfxt6gHki/XX1R5HL6oPZs4P6
uMVuLjWW9ThKVDf1YYeafESvBInZjodKU8jeLJ7q7MqQhPyRqbJmd4/Fb4PzTP2E
Cp+gYWMRQhs8TD5wI4CEpw8HMuAuTi3VREI/McCOOc5IRp4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:55 2025 by rpki-client