Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: jo1V9IlYU5QaVcaDc7ISXRYY8JyZrEyIc35PycqofYs=
Subject key identifier: 69:19:BA:47:83:0A:54:4B:49:16:65:A3:8A:4A:E4:4F:6E:77:FD:98
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0BD587970D1A7364239FF687319FB4186FFD3F70
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
Signing time: Sat 21 Dec 2024 09:35:40 +0000
ROA not before: Sat 21 Dec 2024 09:30:40 +0000
ROA not after: Sat 20 Dec 2025 09:35:40 +0000
asID: 397423
IP address blocks: 145.223.44.0/24 maxlen: 24
145.223.54.0/24 maxlen: 24
145.223.58.0/24 maxlen: 24
146.103.5.0/24 maxlen: 24
150.241.226.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:d5:87:97:0d:1a:73:64:23:9f:f6:87:31:9f:b4:18:6f:fd:3f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 21 09:30:40 2024 GMT
Not After : Dec 20 09:35:40 2025 GMT
Subject: CN=6919BA47830A544B491665A38A4AE44F6E77FD98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:33:e7:31:60:13:36:33:10:bf:87:b2:aa:
0f:24:57:c7:12:4f:87:ce:0d:bc:c9:69:3d:69:83:
ed:16:53:05:43:fb:5e:65:bb:64:e8:18:0d:17:ff:
6d:e1:d4:d8:12:c1:d7:2b:18:97:e1:1e:c7:bf:ce:
2d:b0:8e:a5:ce:80:2c:ff:2b:99:3f:67:4c:bd:bd:
2b:79:2c:9a:28:56:a8:c3:b2:79:f0:df:a2:c9:33:
ad:12:84:4f:f5:a8:64:47:72:9a:b4:12:69:90:f7:
30:4c:61:df:af:10:9f:c7:3b:ce:22:c5:36:a0:04:
68:f8:85:cb:3a:ac:de:dd:51:92:c6:80:68:7a:d7:
d2:77:1d:3d:c4:55:3b:8f:51:c8:72:cf:a3:8e:98:
c6:c3:95:de:ad:ed:fd:4c:8f:33:f1:cd:e2:1f:a7:
2a:89:40:2b:66:cc:5e:9d:4e:f4:6f:ca:46:e7:1e:
e3:0b:f2:93:02:b2:d2:b7:5d:98:a4:f5:67:e1:cb:
77:64:1d:b3:ce:cd:64:cd:47:88:ee:f6:67:67:e0:
06:09:66:97:b6:c6:77:62:68:1a:46:df:a2:29:ea:
b6:2f:ce:df:a8:af:be:63:fc:ce:16:45:42:54:5e:
ee:f5:35:7f:f6:6f:83:ed:cf:bc:dc:6e:5f:80:aa:
0e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:19:BA:47:83:0A:54:4B:49:16:65:A3:8A:4A:E4:4F:6E:77:FD:98
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.223.44.0/24
145.223.54.0/24
145.223.58.0/24
146.103.5.0/24
150.241.226.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:0d:ba:30:b2:f8:a9:29:43:46:16:5b:30:eb:a4:bb:07:a0:
76:47:bc:11:e9:a3:c9:cf:26:b7:1c:a2:f9:a1:9b:00:12:85:
31:05:5f:a6:b2:59:13:8f:24:39:f2:e4:2e:27:a4:26:67:50:
b1:44:3c:f3:db:6e:ea:2c:5e:d6:ca:da:9c:39:69:ed:88:16:
52:a3:24:d9:f5:76:31:33:91:3c:7a:db:e3:42:2c:08:17:86:
fa:72:12:1c:da:83:0a:92:03:16:06:41:ea:67:52:7b:b8:e3:
b3:26:8f:4e:2d:52:56:78:ab:b9:4a:a0:97:a7:e9:42:0c:84:
bd:3d:6d:80:4f:05:6e:f4:c7:5d:25:3d:33:45:75:21:61:6a:
bb:71:46:41:49:f4:03:ec:99:f5:ce:d4:b4:4d:5e:e8:7e:f3:
69:c4:c1:e6:3b:bc:36:09:ab:54:b0:f8:4b:06:5b:03:e0:ea:
13:c1:e9:55:2b:4d:3c:15:83:f9:93:ea:5c:33:b3:1b:d0:3f:
63:21:30:35:f0:28:ec:d7:6d:e9:1c:bf:c7:a0:9d:2e:28:72:
36:5c:ed:9a:80:8a:84:45:ce:fd:30:71:e1:44:2b:4e:82:93:
9a:75:ed:d6:9d:47:bf:51:da:6f:1f:4d:b2:9d:11:cd:11:fb:
16:d8:a2:f3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUC9WHlw0ac2Qjn/aHMZ+0GG/9P3AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMjEwOTMwNDBaFw0yNTEyMjAwOTM1NDBaMDMxMTAvBgNV
BAMTKDY5MTlCQTQ3ODMwQTU0NEI0OTE2NjVBMzhBNEFFNDRGNkU3N0ZEOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNXTPnMWATNjMQv4eyqg8kV8cS
T4fODbzJaT1pg+0WUwVD+15lu2ToGA0X/23h1NgSwdcrGJfhHse/zi2wjqXOgCz/
K5k/Z0y9vSt5LJooVqjDsnnw36LJM60ShE/1qGRHcpq0EmmQ9zBMYd+vEJ/HO84i
xTagBGj4hcs6rN7dUZLGgGh619J3HT3EVTuPUchyz6OOmMbDld6t7f1MjzPxzeIf
pyqJQCtmzF6dTvRvykbnHuML8pMCstK3XZik9Wfhy3dkHbPOzWTNR4ju9mdn4AYJ
Zpe2xndiaBpG36Ip6rYvzt+or75j/M4WRUJUXu71NX/2b4Ptz7zcbl+Aqg4vAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUaRm6R4MKVEtJFmWjikrkT253/ZgwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAkd8s
AwQAkd82AwQAkd86AwQAkmcFAwQBlvHiMA0GCSqGSIb3DQEBCwUAA4IBAQChDbow
svipKUNGFlsw66S7B6B2R7wR6aPJzya3HKL5oZsAEoUxBV+mslkTjyQ58uQuJ6Qm
Z1CxRDzz227qLF7WytqcOWntiBZSoyTZ9XYxM5E8etvjQiwIF4b6chIc2oMKkgMW
BkHqZ1J7uOOzJo9OLVJWeKu5SqCXp+lCDIS9PW2ATwVu9MddJT0zRXUhYWq7cUZB
SfQD7Jn1ztS0TV7ofvNpxMHmO7w2CatUsPhLBlsD4OoTwelVK008FYP5k+pcM7Mb
0D9jITA18Cjs123pHL/HoJ0uKHI2XO2agIqERc79MHHhRCtOgpOade3WnUe/Udpv
H02ynRHNEfsW2KLz
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:55 2025 by rpki-client