Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
File: AS395793.roa (raw, json)
Hash identifier: 7JDpCTcDqidZPBTdunVwtt1Y5Vq5cLGS++m6oe1Apvg=
Subject key identifier: BA:36:69:FC:15:68:C2:20:62:15:0F:EA:4C:53:10:06:E4:BC:ED:A4
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 671301D1571C4E7AB3A2FCFB3F7DE0B32C13ABD4
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
Signing time: Sat 01 Mar 2025 04:30:29 +0000
ROA not before: Sat 01 Mar 2025 04:25:29 +0000
ROA not after: Sat 28 Feb 2026 04:30:29 +0000
asID: 395793
IP address blocks: 96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.144.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:13:01:d1:57:1c:4e:7a:b3:a2:fc:fb:3f:7d:e0:b3:2c:13:ab:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 1 04:25:29 2025 GMT
Not After : Feb 28 04:30:29 2026 GMT
Subject: CN=BA3669FC1568C22062150FEA4C531006E4BCEDA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9f:8d:d0:36:d7:77:89:bd:72:f0:17:a4:0f:
77:17:20:7b:8a:2c:2c:19:b0:52:9e:44:ac:df:e9:
ab:e4:aa:00:d1:81:e3:59:e8:5b:9d:30:e2:aa:47:
92:c4:a9:4b:f6:57:0a:2d:55:6e:22:28:37:a8:9d:
cf:d6:59:86:4d:d5:81:1d:7c:0c:07:19:d9:52:35:
24:96:e7:01:16:c5:66:88:d8:21:fb:b5:00:22:64:
64:f4:fd:dc:db:59:34:42:ba:93:31:df:5e:33:de:
0a:d4:59:47:99:5f:21:67:e5:2d:2b:22:cb:6e:74:
8b:4f:79:23:97:d8:98:b3:10:57:95:bf:99:eb:82:
87:3d:bd:6a:a8:a5:79:55:20:7c:c6:da:5a:bd:cc:
d3:e7:24:1e:b6:57:5e:35:88:3a:3f:bf:53:1b:f3:
99:a2:d7:ab:57:9e:e6:37:9f:3c:ab:5b:2f:b1:38:
61:44:6d:79:49:f5:5d:00:b1:b4:df:e4:7a:87:27:
df:5c:a6:90:27:3a:8e:37:76:ef:ff:3b:90:63:8b:
e9:33:db:0b:60:f3:8c:7a:cf:a9:72:f5:cf:89:f3:
ad:56:ae:68:e9:41:6a:fa:cb:d4:f1:8a:9f:99:ac:
cf:e3:58:c7:cc:66:c7:f6:a9:a1:57:6b:09:dc:98:
8b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:36:69:FC:15:68:C2:20:62:15:0F:EA:4C:53:10:06:E4:BC:ED:A4
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395793.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.73.0-96.62.74.255
96.62.144.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:81:e3:9c:3e:98:ea:36:4e:53:7e:dd:a3:de:f6:aa:ac:15:
fc:50:7d:18:8a:b2:46:07:4c:d3:07:1b:09:b4:b2:41:b7:1d:
98:cc:ee:58:6a:bc:11:14:e5:8d:be:c9:55:a7:d7:ec:10:70:
21:30:6a:58:56:a8:00:aa:2a:94:81:d8:de:c9:c1:ce:d0:5f:
d9:e5:bd:e5:64:ef:63:1e:a1:06:2d:bb:1c:26:dc:7c:76:0d:
b1:19:9e:71:2b:5a:bf:0d:8b:88:91:7e:e8:88:3c:c2:b7:f2:
9f:b5:98:f7:e8:94:a9:e9:e0:ab:f1:e7:5f:ad:06:9b:a9:2a:
a3:75:5e:23:d8:66:ed:fe:18:c8:22:1c:3d:c6:79:31:ce:8c:
13:62:e3:59:65:fc:fb:50:d4:de:04:4f:5f:71:71:55:c1:e3:
1a:ab:b7:4f:19:22:12:86:33:65:84:6e:7b:fa:34:d1:9a:74:
52:cd:b9:7a:72:e6:af:98:e4:56:f8:f3:a3:80:96:2c:92:8a:
bf:8c:de:ee:3d:71:25:a0:b3:54:57:c9:42:2c:1b:6c:a4:e3:
09:03:27:b3:25:05:4f:ea:87:1e:3e:2f:fc:8e:62:a4:d8:93:
60:60:2f:a1:a5:b6:71:a0:8e:af:85:43:20:7c:35:6a:09:cb:
78:c0:cf:b8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIUZxMB0VccTnqzovz7P33gsywTq9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAzMDEwNDI1MjlaFw0yNjAyMjgwNDMwMjlaMDMxMTAvBgNV
BAMTKEJBMzY2OUZDMTU2OEMyMjA2MjE1MEZFQTRDNTMxMDA2RTRCQ0VEQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXn43QNtd3ib1y8BekD3cXIHuK
LCwZsFKeRKzf6avkqgDRgeNZ6FudMOKqR5LEqUv2VwotVW4iKDeonc/WWYZN1YEd
fAwHGdlSNSSW5wEWxWaI2CH7tQAiZGT0/dzbWTRCupMx314z3grUWUeZXyFn5S0r
IstudItPeSOX2JizEFeVv5nrgoc9vWqopXlVIHzG2lq9zNPnJB62V141iDo/v1Mb
85mi16tXnuY3nzyrWy+xOGFEbXlJ9V0AsbTf5HqHJ99cppAnOo43du//O5Bji+kz
2wtg84x6z6ly9c+J861WrmjpQWr6y9Txip+ZrM/jWMfMZsf2qaFXawncmIsrAgMB
AAGjggIYMIICFDAdBgNVHQ4EFgQUujZp/BVowiBiFQ/qTFMQBuS87aQwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1NzkzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABg
PkkDBABgPkoDBAFgPpAwDQYJKoZIhvcNAQELBQADggEBAE+B45w+mOo2TlN+3aPe
9qqsFfxQfRiKskYHTNMHGwm0skG3HZjM7lhqvBEU5Y2+yVWn1+wQcCEwalhWqACq
KpSB2N7Jwc7QX9nlveVk72MeoQYtuxwm3Hx2DbEZnnErWr8Ni4iRfuiIPMK38p+1
mPfolKnp4Kvx51+tBpupKqN1XiPYZu3+GMgiHD3GeTHOjBNi41ll/PtQ1N4ET19x
cVXB4xqrt08ZIhKGM2WEbnv6NNGadFLNuXpy5q+Y5Fb486OAliySir+M3u49cSWg
s1RXyUIsG2yk4wkDJ7MlBU/qhx4+L/yOYqTYk2BgL6GltnGgjq+FQyB8NWoJy3jA
z7g=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:49 2025 by rpki-client