Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19437.roa
File: AS19437.roa (raw, json)
Hash identifier: DQmdcnoJL9SE1RyRROvrNjFbv2LY5Vy8LiWi/Ukfav8=
Subject key identifier: 22:63:31:FF:34:A1:93:92:B2:16:E3:89:D4:D5:F0:2D:41:0E:22:F4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3841F0CE5FA717A5AE5623B8CC052A7EE36DCF0E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19437.roa
Signing time: Fri 03 Jan 2025 08:53:51 +0000
ROA not before: Fri 03 Jan 2025 08:48:51 +0000
ROA not after: Fri 02 Jan 2026 08:53:51 +0000
asID: 19437
IP address blocks: 181.215.139.0/24 maxlen: 24
191.96.38.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:41:f0:ce:5f:a7:17:a5:ae:56:23:b8:cc:05:2a:7e:e3:6d:cf:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 3 08:48:51 2025 GMT
Not After : Jan 2 08:53:51 2026 GMT
Subject: CN=226331FF34A19392B216E389D4D5F02D410E22F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:eb:59:65:6c:f5:58:c4:0f:ca:96:dd:da:bc:
d9:f4:30:a8:87:4a:4b:a7:b3:0f:3d:20:d7:3a:3e:
56:d2:cd:da:72:32:77:3f:58:78:2d:53:e5:e1:44:
2c:d2:ed:5f:b9:97:8c:10:cd:7c:de:00:42:77:91:
af:51:07:3e:d4:44:5f:d0:ea:5f:1c:8f:d8:96:1d:
c3:0c:99:a1:dc:30:b7:17:50:e7:81:09:02:57:cb:
70:8c:30:b2:7f:a7:fd:5f:e6:e5:74:ff:8f:3b:f8:
e3:b6:a3:80:8d:d7:01:71:5c:11:3c:76:df:8d:3b:
03:06:55:f6:ad:1a:c1:2e:53:c3:0f:74:52:70:f6:
57:bc:f3:a5:4f:a9:b7:41:b4:36:4d:3a:ca:09:ee:
40:f0:8c:e8:49:40:c8:ae:47:7b:69:8a:90:e2:fe:
ba:f4:0f:80:67:49:fb:90:15:dd:20:93:c6:53:4b:
fc:94:a8:aa:a0:42:bd:ff:3a:17:0d:a7:5c:b1:b1:
d4:79:b8:e8:01:67:2a:4d:8a:aa:ac:8b:20:e9:5f:
bf:89:9a:2b:52:df:56:b8:30:0c:f6:ea:81:6e:87:
a3:c0:43:b1:7e:09:92:d7:43:b8:9f:43:33:84:6f:
54:42:72:1f:e4:31:41:07:f8:ce:6d:ec:52:3e:c9:
89:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:63:31:FF:34:A1:93:92:B2:16:E3:89:D4:D5:F0:2D:41:0E:22:F4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.139.0/24
191.96.38.0/24
Signature Algorithm: sha256WithRSAEncryption
75:db:92:34:f5:30:0c:03:d2:5c:e9:f3:b1:6c:b8:3d:3b:22:
ed:6c:8a:7a:1c:fc:f9:13:50:d1:50:71:cd:0a:46:da:5d:34:
88:9d:8e:b9:8b:b5:66:9a:14:33:45:2e:14:2d:a0:d3:b6:e8:
10:01:89:75:f8:50:cd:38:08:b4:1e:25:a4:03:c1:38:76:b4:
b7:a6:39:77:ec:76:d2:d2:83:0f:95:02:87:05:3d:33:76:0a:
c2:3e:b9:4d:00:cf:e3:70:a5:50:c3:e1:27:59:35:a8:9d:56:
d7:1e:9c:da:a7:f4:4a:a1:fa:04:6d:74:d3:92:52:35:3a:c1:
a6:3b:23:2b:17:8f:0c:a3:80:fe:b6:4c:44:3c:e1:66:90:79:
50:47:12:50:36:d5:fc:59:29:7b:ce:a0:72:c4:85:2a:07:b2:
31:5e:b0:a5:a3:3c:f8:2f:87:d9:7c:63:0f:50:8a:fd:53:90:
4c:2f:28:2d:ec:c8:8e:e3:55:9f:14:54:3f:49:79:28:a2:40:
4f:87:33:34:4e:b3:43:e4:ac:fd:5f:df:07:46:e3:ea:b4:c1:
e0:e9:45:9e:f5:d1:ec:87:5d:71:96:16:fb:0d:bd:66:40:0d:
ad:8a:4c:fa:54:87:b9:e6:7a:65:69:1a:5b:f8:58:09:25:5a:
4b:7d:f3:a0
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUOEHwzl+nF6WuViO4zAUqfuNtzw4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDMwODQ4NTFaFw0yNjAxMDIwODUzNTFaMDMxMTAvBgNV
BAMTKDIyNjMzMUZGMzRBMTkzOTJCMjE2RTM4OUQ0RDVGMDJENDEwRTIyRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS61llbPVYxA/Klt3avNn0MKiH
Skunsw89INc6PlbSzdpyMnc/WHgtU+XhRCzS7V+5l4wQzXzeAEJ3ka9RBz7URF/Q
6l8cj9iWHcMMmaHcMLcXUOeBCQJXy3CMMLJ/p/1f5uV0/487+OO2o4CN1wFxXBE8
dt+NOwMGVfatGsEuU8MPdFJw9le886VPqbdBtDZNOsoJ7kDwjOhJQMiuR3tpipDi
/rr0D4BnSfuQFd0gk8ZTS/yUqKqgQr3/OhcNp1yxsdR5uOgBZypNiqqsiyDpX7+J
mitS31a4MAz26oFuh6PAQ7F+CZLXQ7ifQzOEb1RCch/kMUEH+M5t7FI+yYmbAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUImMx/zShk5KyFuOJ1NXwLUEOIvQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk0Mzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC114sD
BAC/YCYwDQYJKoZIhvcNAQELBQADggEBAHXbkjT1MAwD0lzp87FsuD07Iu1sinoc
/PkTUNFQcc0KRtpdNIidjrmLtWaaFDNFLhQtoNO26BABiXX4UM04CLQeJaQDwTh2
tLemOXfsdtLSgw+VAocFPTN2CsI+uU0Az+NwpVDD4SdZNaidVtcenNqn9Eqh+gRt
dNOSUjU6waY7IysXjwyjgP62TEQ84WaQeVBHElA21fxZKXvOoHLEhSoHsjFesKWj
PPgvh9l8Yw9Qiv1TkEwvKC3syI7jVZ8UVD9JeSiiQE+HMzROs0PkrP1f3wdG4+q0
weDpRZ710eyHXXGWFvsNvWZADa2KTPpUh7nmemVpGlv4WAklWkt986A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:12 2025 by rpki-client