Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS998.roa
File: AS998.roa (raw, json)
Hash identifier: nGUilwG1W3bx3CzIWFjsyNNa8RqF96v0CLWQ28ZDilM=
Subject key identifier: 62:B2:8D:37:82:1C:B7:ED:99:D6:A7:E2:4B:3B:F6:C2:56:81:B8:BE
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 28CB0DD54D6A43F30893F1B9A6EE57B6E5D904DC
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS998.roa
Signing time: Thu 13 Feb 2025 14:50:03 +0000
ROA not before: Thu 13 Feb 2025 14:45:03 +0000
ROA not after: Thu 12 Feb 2026 14:50:03 +0000
asID: 998
IP address blocks: 96.62.126.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:cb:0d:d5:4d:6a:43:f3:08:93:f1:b9:a6:ee:57:b6:e5:d9:04:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 13 14:45:03 2025 GMT
Not After : Feb 12 14:50:03 2026 GMT
Subject: CN=62B28D37821CB7ED99D6A7E24B3BF6C25681B8BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:19:b1:dc:ed:83:29:23:d9:70:71:74:d8:2f:
75:d7:b2:c7:fb:29:83:99:b3:9a:8b:f9:9b:dd:23:
d0:b1:48:80:32:6a:09:86:4f:e2:9f:8d:cf:8a:e9:
05:34:e8:c7:88:6f:10:22:87:9b:77:a2:1a:40:85:
10:ca:00:f2:46:23:09:25:d2:ca:44:f9:f3:a9:86:
76:be:a5:14:cb:54:79:8e:49:9c:38:48:52:a0:f8:
fe:cc:11:e7:b8:d0:e6:6f:0f:08:7e:4e:7c:a1:2a:
22:1b:89:33:16:34:4d:82:3a:1a:1b:74:6d:a3:5b:
b8:d0:df:ff:bb:46:f4:c1:16:57:46:f6:09:93:c0:
02:60:cc:4c:fb:8e:25:c1:2c:1b:45:f4:c4:ab:5c:
95:f4:18:b9:28:f2:86:91:6d:9c:2c:06:7d:7b:10:
ca:b2:9c:75:c2:97:ea:1e:5e:ba:5d:a2:e4:6b:99:
ab:15:c4:6c:67:ff:90:65:58:e2:eb:a0:40:39:25:
e2:0d:b4:72:39:e5:1a:c9:25:a2:bf:36:b4:71:d5:
8a:1c:42:60:d8:a3:63:1b:2b:ed:05:88:69:c0:a9:
0c:4d:ac:0e:b6:b7:b5:d3:e3:aa:9d:21:9d:56:f6:
86:11:79:52:2e:d8:3a:96:57:05:1e:8a:c9:6a:ea:
01:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B2:8D:37:82:1C:B7:ED:99:D6:A7:E2:4B:3B:F6:C2:56:81:B8:BE
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS998.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.126.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:76:e1:9a:07:cd:27:66:f2:0f:53:e3:86:63:95:3b:4d:c5:
df:14:83:f7:4c:c4:1a:77:47:c3:2d:f5:49:04:ad:c3:03:22:
92:79:02:a6:f7:cf:89:79:d7:b2:72:24:d1:32:c9:ee:bd:dd:
67:c1:9a:70:c5:20:d3:d7:d9:23:f3:95:17:54:36:a0:ca:e9:
ef:0c:05:d6:34:4e:5e:8b:fa:0e:9d:13:7f:a6:49:d6:b6:90:
47:d7:90:ca:d8:9e:24:c0:14:f3:02:c1:48:bc:21:8d:d3:37:
b6:e9:67:1f:bc:a3:53:de:86:75:83:80:38:87:eb:01:ff:0b:
ba:09:c7:cf:12:b2:dc:78:d7:94:de:f4:bb:43:57:53:a1:bd:
28:f9:cc:e6:38:98:9a:1f:4c:f5:f5:9a:62:41:0f:4e:2a:8b:
7f:ee:ae:7f:37:9f:98:4d:42:39:34:dc:ad:71:a3:15:5c:ac:
f1:37:3e:d5:ea:db:cf:50:ca:31:28:76:29:3e:02:72:55:12:
ec:0b:1e:24:ff:f5:f0:ed:0d:11:b9:7b:73:43:99:5f:09:56:
dd:8f:9c:f0:fa:30:ea:3c:d7:4f:19:b7:76:9f:47:b2:f3:81:
62:bf:c6:6c:e8:9c:c3:e5:cd:27:de:1a:9f:0c:60:99:a2:fe:
62:d7:2c:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUKMsN1U1qQ/MIk/G5pu5XtuXZBNwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMTMxNDQ1MDNaFw0yNjAyMTIxNDUwMDNaMDMxMTAvBgNV
BAMTKDYyQjI4RDM3ODIxQ0I3RUQ5OUQ2QTdFMjRCM0JGNkMyNTY4MUI4QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGbHc7YMpI9lwcXTYL3XXssf7
KYOZs5qL+ZvdI9CxSIAyagmGT+Kfjc+K6QU06MeIbxAih5t3ohpAhRDKAPJGIwkl
0spE+fOphna+pRTLVHmOSZw4SFKg+P7MEee40OZvDwh+TnyhKiIbiTMWNE2COhob
dG2jW7jQ3/+7RvTBFldG9gmTwAJgzEz7jiXBLBtF9MSrXJX0GLko8oaRbZwsBn17
EMqynHXCl+oeXrpdouRrmasVxGxn/5BlWOLroEA5JeINtHI55RrJJaK/NrRx1Yoc
QmDYo2MbK+0FiGnAqQxNrA62t7XT46qdIZ1W9oYReVIu2DqWVwUeislq6gE3AgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUYrKNN4Ict+2Z1qfiSzv2wlaBuL4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTk4LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYD5+MA0G
CSqGSIb3DQEBCwUAA4IBAQAcduGaB80nZvIPU+OGY5U7TcXfFIP3TMQad0fDLfVJ
BK3DAyKSeQKm98+JedeyciTRMsnuvd1nwZpwxSDT19kj85UXVDagyunvDAXWNE5e
i/oOnRN/pknWtpBH15DK2J4kwBTzAsFIvCGN0ze26WcfvKNT3oZ1g4A4h+sB/wu6
CcfPErLceNeU3vS7Q1dTob0o+czmOJiaH0z19ZpiQQ9OKot/7q5/N5+YTUI5NNyt
caMVXKzxNz7V6tvPUMoxKHYpPgJyVRLsCx4k//Xw7Q0RuXtzQ5lfCVbdj5zw+jDq
PNdPGbd2n0ey84Fiv8Zs6JzD5c0n3hqfDGCZov5i1ywI
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:19:57 2025 by rpki-client