Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
File: AS396356.roa (raw, json)
Hash identifier: yvkb477MfUizlSYvKM2sWjPKTdNVTpMO/LqWpuser1Y=
Subject key identifier: 98:0B:90:C2:23:84:2F:60:68:A0:34:C5:B7:66:F3:39:2E:12:99:D2
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 72B6796B932592E14A3A7B6F64B81D132465FFEB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
Signing time: Thu 20 Feb 2025 14:05:11 +0000
ROA not before: Thu 20 Feb 2025 14:00:11 +0000
ROA not after: Thu 19 Feb 2026 14:05:11 +0000
asID: 396356
IP address blocks: 145.223.40.0/24 maxlen: 24
150.241.135.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:b6:79:6b:93:25:92:e1:4a:3a:7b:6f:64:b8:1d:13:24:65:ff:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 20 14:00:11 2025 GMT
Not After : Feb 19 14:05:11 2026 GMT
Subject: CN=980B90C223842F6068A034C5B766F3392E1299D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:16:f0:6f:90:cc:a8:27:ba:8a:29:7b:13:ee:
ae:2e:91:33:6d:cf:ff:01:9b:ad:71:92:d8:28:7d:
e7:b4:51:eb:60:e5:95:e8:3a:fc:89:74:19:e7:95:
ef:e6:00:29:ae:23:a1:77:6b:b7:d6:a8:b2:59:c8:
30:c7:7f:25:4c:c8:8d:bb:d8:b1:14:20:85:ba:be:
07:68:f4:bd:41:28:cc:e1:02:02:b8:de:eb:fe:94:
89:53:46:80:0a:0d:ee:27:71:0e:58:c9:14:3e:14:
36:5a:20:36:5a:aa:7a:b7:e4:a4:da:16:e9:80:10:
f9:13:58:a2:99:81:56:e5:5e:49:f3:64:3c:e8:27:
1a:88:c0:ba:a5:bf:2f:56:83:9c:97:cf:c5:d8:de:
b3:d9:66:50:ad:a3:f9:d3:b3:79:24:31:8f:b6:f1:
97:29:d7:e4:7d:0a:f9:12:46:ee:28:5d:10:3e:bf:
89:d7:d7:4a:3e:47:8e:65:97:52:59:a0:7a:9a:64:
56:cf:83:3c:05:f3:be:e8:30:5c:fa:d2:a7:90:2d:
25:29:09:91:af:79:e0:33:08:8e:67:f5:6f:b1:29:
3c:c8:fd:db:c5:32:8e:7a:27:ab:f2:e7:d4:bf:1c:
60:2f:f5:cf:d4:c6:05:61:38:f6:59:c0:aa:c4:86:
dc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:0B:90:C2:23:84:2F:60:68:A0:34:C5:B7:66:F3:39:2E:12:99:D2
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS396356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.40.0/24
150.241.135.0/24
Signature Algorithm: sha256WithRSAEncryption
25:24:1b:b0:ef:a9:44:97:5e:ca:10:dd:c3:5d:ca:3c:1b:cd:
ec:b6:3d:7a:9a:42:7d:69:c5:d9:58:01:90:fb:bb:8e:d5:fa:
5a:c5:c1:99:24:15:1d:50:71:e0:3f:fd:82:4a:8d:3b:ad:05:
62:46:9d:53:4c:24:10:a8:a1:cd:4c:a6:f4:36:e7:68:ec:fa:
01:3d:81:06:4b:06:7c:5a:4f:23:4a:4c:20:c8:2b:6e:ed:c3:
6d:64:c8:10:bf:ca:03:ef:dd:70:e0:10:88:7f:15:e6:53:06:
d7:7e:e2:7f:19:b9:70:30:6a:20:9e:b9:fd:8e:53:d9:e9:40:
7d:47:c4:57:b2:ec:5a:ec:81:ca:67:c8:44:1f:19:10:22:6f:
9f:f3:c8:c7:71:2b:57:62:de:f8:b1:e5:3e:ab:4b:e4:68:6f:
c7:a0:7f:80:0a:e7:fe:ad:80:e2:ea:87:ad:e8:f0:70:fe:c6:
ba:cd:cc:be:1a:4e:60:0a:37:d0:22:70:9d:0c:93:84:84:23:
a0:21:60:6b:61:12:25:e3:00:1c:dc:b2:89:b2:50:69:47:e5:
65:ed:39:35:ff:a6:a6:ea:d0:03:88:50:51:c9:e5:2a:4d:c6:
33:e1:12:97:92:e5:3e:a3:35:c8:39:73:c5:b8:f7:a1:a1:01:
2e:14:1b:13
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUcrZ5a5MlkuFKOntvZLgdEyRl/+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMjAxNDAwMTFaFw0yNjAyMTkxNDA1MTFaMDMxMTAvBgNV
BAMTKDk4MEI5MEMyMjM4NDJGNjA2OEEwMzRDNUI3NjZGMzM5MkUxMjk5RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuFvBvkMyoJ7qKKXsT7q4ukTNt
z/8Bm61xktgofee0Uetg5ZXoOvyJdBnnle/mACmuI6F3a7fWqLJZyDDHfyVMyI27
2LEUIIW6vgdo9L1BKMzhAgK43uv+lIlTRoAKDe4ncQ5YyRQ+FDZaIDZaqnq35KTa
FumAEPkTWKKZgVblXknzZDzoJxqIwLqlvy9Wg5yXz8XY3rPZZlCto/nTs3kkMY+2
8Zcp1+R9CvkSRu4oXRA+v4nX10o+R45ll1JZoHqaZFbPgzwF877oMFz60qeQLSUp
CZGveeAzCI5n9W+xKTzI/dvFMo56J6vy59S/HGAv9c/UxgVhOPZZwKrEhty1AgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUmAuQwiOEL2BooDTFt2bzOS4SmdIwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkd8o
AwQAlvGHMA0GCSqGSIb3DQEBCwUAA4IBAQAlJBuw76lEl17KEN3DXco8G83stj16
mkJ9acXZWAGQ+7uO1fpaxcGZJBUdUHHgP/2CSo07rQViRp1TTCQQqKHNTKb0Nudo
7PoBPYEGSwZ8Wk8jSkwgyCtu7cNtZMgQv8oD791w4BCIfxXmUwbXfuJ/GblwMGog
nrn9jlPZ6UB9R8RXsuxa7IHKZ8hEHxkQIm+f88jHcStXYt74seU+q0vkaG/HoH+A
Cuf+rYDi6oet6PBw/sa6zcy+Gk5gCjfQInCdDJOEhCOgIWBrYRIl4wAc3LKJslBp
R+Vl7Tk1/6am6tADiFBRyeUqTcYz4RKXkuU+ozXIOXPFuPehoQEuFBsT
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:47 2025 by rpki-client