Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
File: AS137409.roa (raw, json)
Hash identifier: O74E7AKkZQSggj21wYRdPPnzSuzaLW4slpGnob6BpxE=
Subject key identifier: 0E:8F:10:D7:91:A7:8F:25:D5:C7:BA:09:49:83:7B:F8:E2:63:0A:24
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 085529D12E15F62929E0062754281DED1BA91AE0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
Signing time: Sat 01 Mar 2025 16:02:16 +0000
ROA not before: Sat 01 Mar 2025 15:57:16 +0000
ROA not after: Sat 28 Feb 2026 16:02:16 +0000
asID: 137409
IP address blocks: 5.252.80.0/24 maxlen: 24
181.214.73.0/24 maxlen: 24
181.214.122.0/24 maxlen: 24
181.215.247.0/24 maxlen: 24
185.141.167.0/24 maxlen: 24
2a0a:8e00::/32 maxlen: 48
2a0a:9606::/32 maxlen: 48
2a0a:9607::/32 maxlen: 48
2a0a:be00::/32 maxlen: 48
2a0a:ce00::/32 maxlen: 48
2a0a:ce01::/32 maxlen: 48
2a0a:ce02::/32 maxlen: 48
2a0a:ce03::/32 maxlen: 48
2a0a:ce04::/32 maxlen: 48
2a0a:ce05::/32 maxlen: 48
2a0a:ce06::/32 maxlen: 48
2a0a:ce07::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:55:29:d1:2e:15:f6:29:29:e0:06:27:54:28:1d:ed:1b:a9:1a:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 1 15:57:16 2025 GMT
Not After : Feb 28 16:02:16 2026 GMT
Subject: CN=0E8F10D791A78F25D5C7BA0949837BF8E2630A24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:27:63:7a:e3:ab:5d:1b:e0:ec:69:df:12:b5:
0a:72:7a:9e:e7:64:c3:ae:7f:06:63:19:79:ac:33:
d4:7b:03:33:da:a5:81:05:ab:7c:4b:01:cc:46:fc:
15:4b:92:d6:7b:c9:a8:4c:23:8b:c1:94:63:16:17:
71:90:9a:da:1e:54:ba:8e:fb:da:e4:73:b2:f6:d3:
75:cb:ff:48:e6:12:36:7a:ff:40:a2:1a:f7:58:b4:
a7:2e:6b:1d:ba:27:f0:7b:9b:21:bb:6a:29:4b:71:
a9:c0:5f:56:3e:a4:4d:04:f9:af:55:e8:75:38:92:
74:26:f6:db:5c:91:d5:e1:82:15:9d:fb:17:c7:a7:
2e:5c:db:3b:b2:67:c0:83:3e:e7:93:3a:b2:c1:e8:
b7:11:83:bd:3f:a0:97:84:31:bb:bb:10:1e:8f:37:
44:80:0c:9d:9e:b6:65:cb:c6:c8:24:1a:ad:5c:34:
ab:e2:b6:a6:f5:65:2c:e5:fb:f1:c6:a7:6a:7f:45:
1c:5e:dd:dd:45:98:aa:61:60:91:74:ea:de:4a:40:
51:85:e9:39:b5:8d:86:c2:83:a8:1e:95:ca:09:96:
2c:e9:f0:c2:68:3e:f2:13:a0:cd:f6:83:83:68:6f:
52:ee:b6:f5:8d:1f:bc:68:80:c5:32:53:b0:4d:cc:
89:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8F:10:D7:91:A7:8F:25:D5:C7:BA:09:49:83:7B:F8:E2:63:0A:24
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS137409.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.80.0/24
181.214.73.0/24
181.214.122.0/24
181.215.247.0/24
185.141.167.0/24
IPv6:
2a0a:8e00::/32
2a0a:9606::/31
2a0a:be00::/32
2a0a:ce00::/29
Signature Algorithm: sha256WithRSAEncryption
2c:ac:d1:16:78:1a:fc:a7:5c:2d:65:0b:05:45:ee:78:64:78:
8f:f3:34:e9:0d:10:e6:04:4c:86:e3:e6:53:72:eb:d6:e9:62:
ec:4f:cc:9d:9d:41:91:03:68:da:24:e1:4e:af:1b:4e:1c:d6:
a2:36:89:ce:27:cb:73:da:0b:77:e0:08:72:e2:19:8f:d2:1e:
e7:ac:08:9e:3d:b6:f6:2a:a7:7f:d5:2f:8b:d1:93:dc:97:b1:
bc:35:df:d0:85:8d:75:7f:02:b4:0f:ca:3b:79:b3:de:cf:f5:
98:97:99:46:20:1f:0c:7f:61:27:7f:82:ed:e1:c5:51:5e:05:
aa:4a:31:32:63:e1:86:cc:5f:84:05:23:67:cd:8c:0b:28:a6:
3b:5d:f0:27:01:8c:f7:80:83:a6:46:ae:34:da:a1:fe:2e:da:
41:06:c8:bb:95:82:9d:b6:3c:c9:2d:8a:d8:1f:61:e3:17:31:
bf:7d:50:d6:a9:8a:51:cd:ff:b8:28:6b:ba:ab:86:2b:e2:57:
9e:22:10:c4:ba:4a:75:c9:64:bb:4c:c5:a4:ef:58:2f:f2:f2:
97:71:ab:df:de:c1:27:90:12:39:c0:13:38:a8:10:eb:b4:4c:
7b:f2:c0:4f:fc:71:28:42:82:28:cf:6f:36:37:d4:e4:99:36:
15:d9:10:31
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUCFUp0S4V9ikp4AYnVCgd7RupGuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMDExNTU3MTZaFw0yNjAyMjgxNjAyMTZaMDMxMTAvBgNV
BAMTKDBFOEYxMEQ3OTFBNzhGMjVENUM3QkEwOTQ5ODM3QkY4RTI2MzBBMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLJ2N646tdG+Dsad8StQpyep7n
ZMOufwZjGXmsM9R7AzPapYEFq3xLAcxG/BVLktZ7yahMI4vBlGMWF3GQmtoeVLqO
+9rkc7L203XL/0jmEjZ6/0CiGvdYtKcuax26J/B7myG7ailLcanAX1Y+pE0E+a9V
6HU4knQm9ttckdXhghWd+xfHpy5c2zuyZ8CDPueTOrLB6LcRg70/oJeEMbu7EB6P
N0SADJ2etmXLxsgkGq1cNKvitqb1ZSzl+/HGp2p/RRxe3d1FmKphYJF06t5KQFGF
6Tm1jYbCg6gelcoJlizp8MJoPvIToM32g4Nob1LutvWNH7xogMUyU7BNzInnAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUDo8Q15GnjyXVx7oJSYN7+OJjCiQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTM3NDA5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAkBAIAATAeAwQABfxQ
AwQAtdZJAwQAtdZ6AwQAtdf3AwQAuY2nMCIEAgACMBwDBQAqCo4AAwUBKgqWBgMF
ACoKvgADBQMqCs4AMA0GCSqGSIb3DQEBCwUAA4IBAQAsrNEWeBr8p1wtZQsFRe54
ZHiP8zTpDRDmBEyG4+ZTcuvW6WLsT8ydnUGRA2jaJOFOrxtOHNaiNonOJ8tz2gt3
4Ahy4hmP0h7nrAiePbb2Kqd/1S+L0ZPcl7G8Nd/QhY11fwK0D8o7ebPez/WYl5lG
IB8Mf2Enf4Lt4cVRXgWqSjEyY+GGzF+EBSNnzYwLKKY7XfAnAYz3gIOmRq402qH+
LtpBBsi7lYKdtjzJLYrYH2HjFzG/fVDWqYpRzf+4KGu6q4Yr4leeIhDEukp1yWS7
TMWk71gv8vKXcavf3sEnkBI5wBM4qBDrtEx78sBP/HEoQoIoz282N9TkmTYV2RAx
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:13 2025 by rpki-client