Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132372.roa
File: AS132372.roa (raw, json)
Hash identifier: qnhQFukW3/FNeCLAeeznuDLT9yIcdyWlcDy7Xy++Iak=
Subject key identifier: 19:CF:68:9F:82:1E:56:7F:70:E4:A9:A4:DC:9F:13:7C:86:95:18:0F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 73B9CAE7252E17DC009CF8B66AD66702F5604053
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132372.roa
Signing time: Mon 24 Feb 2025 08:10:07 +0000
ROA not before: Mon 24 Feb 2025 08:05:07 +0000
ROA not after: Mon 23 Feb 2026 08:10:07 +0000
asID: 132372
IP address blocks: 2a0a:b200::/29 maxlen: 48
2a0a:c600::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:b9:ca:e7:25:2e:17:dc:00:9c:f8:b6:6a:d6:67:02:f5:60:40:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 24 08:05:07 2025 GMT
Not After : Feb 23 08:10:07 2026 GMT
Subject: CN=19CF689F821E567F70E4A9A4DC9F137C8695180F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b1:be:ef:f9:7d:27:2e:c6:f1:d7:24:fb:67:
61:4f:7a:34:55:e0:e2:b8:f6:87:5c:f9:72:ad:b7:
8f:aa:41:e1:ed:9e:53:81:11:ef:7f:06:a9:22:64:
6a:54:b8:6b:fa:fb:88:99:79:17:9c:0b:a2:3c:22:
d0:71:44:78:ae:87:36:17:27:9d:03:e1:7d:5b:b0:
5f:11:cb:db:c8:f9:0c:37:96:fc:92:ba:42:66:fc:
02:ec:60:6a:cf:31:8c:fa:78:89:a2:64:52:ab:e8:
9d:72:0b:d9:d8:2c:69:64:5d:d3:45:72:39:b3:36:
48:43:71:97:a7:63:22:64:2c:3e:04:03:68:bd:b7:
97:20:c3:35:6a:1c:21:9e:bf:67:a3:0d:8a:69:10:
50:a8:8a:45:f7:4d:e3:ec:e5:39:46:f0:cc:25:71:
c0:58:d4:15:e5:1e:a3:69:a2:0a:72:fb:78:01:60:
d8:ac:93:5a:b3:b8:51:aa:56:f9:ea:a3:bb:d7:28:
55:7b:fb:13:e5:64:c4:8b:bd:3f:89:cf:04:28:9f:
98:99:5d:49:94:83:60:b3:e9:fb:2a:e6:a3:24:55:
b9:b4:ba:86:59:4d:17:0a:47:04:c6:a6:e7:1e:df:
3d:96:e1:2e:d0:71:b2:99:11:1a:85:5b:be:97:a9:
67:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CF:68:9F:82:1E:56:7F:70:E4:A9:A4:DC:9F:13:7C:86:95:18:0F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS132372.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:b200::/29
2a0a:c600::/29
Signature Algorithm: sha256WithRSAEncryption
ad:a3:93:b0:ee:a5:5b:d1:40:1f:35:db:41:f7:e9:08:0a:4a:
75:78:ef:c5:37:96:0b:ae:7b:54:58:78:06:fa:d3:41:eb:1c:
bb:5b:ea:b3:d6:93:f8:cd:b4:69:5f:8e:c0:0f:78:e0:25:3f:
25:8e:f1:24:ed:cf:ea:26:1e:bc:61:dd:76:02:5e:8f:09:1d:
b2:4b:c4:e4:0c:7d:c1:df:22:b6:76:9f:3d:1e:5d:87:89:7c:
aa:90:ef:31:7f:94:03:bb:34:c5:b9:2a:da:55:44:40:cb:4d:
29:47:ba:5d:f4:2f:25:94:33:89:5e:0a:6a:c5:8a:15:f1:e7:
73:a5:cc:b8:0b:9d:c1:c7:3e:5f:d4:26:de:ef:68:8b:c8:73:
4f:9a:76:a9:86:82:40:32:b3:7e:50:ef:3c:b9:0a:97:6c:fc:
2b:47:0f:05:1c:d0:9a:9c:f7:c7:54:46:38:73:23:ba:5a:2c:
e7:ac:3e:ba:c7:f1:de:bc:f4:39:c3:b9:93:71:08:c7:74:5b:
51:7c:db:df:8c:4e:98:ee:78:b9:34:3d:68:f1:29:88:64:4a:
ac:87:77:97:63:c9:2e:88:bd:7f:6e:89:fd:f1:71:3a:fb:b3:
29:98:76:4e:10:95:b6:f8:e6:04:16:30:60:3d:87:39:f9:42:
e1:6c:87:61
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIUc7nK5yUuF9wAnPi2atZnAvVgQFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMjQwODA1MDdaFw0yNjAyMjMwODEwMDdaMDMxMTAvBgNV
BAMTKDE5Q0Y2ODlGODIxRTU2N0Y3MEU0QTlBNERDOUYxMzdDODY5NTE4MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFsb7v+X0nLsbx1yT7Z2FPejRV
4OK49odc+XKtt4+qQeHtnlOBEe9/BqkiZGpUuGv6+4iZeRecC6I8ItBxRHiuhzYX
J50D4X1bsF8Ry9vI+Qw3lvySukJm/ALsYGrPMYz6eImiZFKr6J1yC9nYLGlkXdNF
cjmzNkhDcZenYyJkLD4EA2i9t5cgwzVqHCGev2ejDYppEFCoikX3TePs5TlG8Mwl
ccBY1BXlHqNpogpy+3gBYNisk1qzuFGqVvnqo7vXKFV7+xPlZMSLvT+JzwQon5iZ
XUmUg2Cz6fsq5qMkVbm0uoZZTRcKRwTGpuce3z2W4S7QcbKZERqFW76XqWd1AgMB
AAGjggISMIICDjAdBgNVHQ4EFgQUGc9on4IeVn9w5Kmk3J8TfIaVGA8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTMyMzcyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgqy
AAMFAyoKxgAwDQYJKoZIhvcNAQELBQADggEBAK2jk7DupVvRQB8120H36QgKSnV4
78U3lguue1RYeAb600HrHLtb6rPWk/jNtGlfjsAPeOAlPyWO8STtz+omHrxh3XYC
Xo8JHbJLxOQMfcHfIrZ2nz0eXYeJfKqQ7zF/lAO7NMW5KtpVREDLTSlHul30LyWU
M4leCmrFihXx53OlzLgLncHHPl/UJt7vaIvIc0+adqmGgkAys35Q7zy5Cpds/CtH
DwUc0Jqc98dURjhzI7paLOesPrrH8d689DnDuZNxCMd0W1F829+MTpjueLk0PWjx
KYhkSqyHd5djyS6IvX9uif3xcTr7symYdk4Qlbb45gQWMGA9hzn5QuFsh2E=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:19:52 2025 by rpki-client