Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19844.roa
File: AS19844.roa (raw, json)
Hash identifier: cBbqm92s5R9sFqrZhkJjWHJDIqyP7e05kCzZxIv7sxY=
Subject key identifier: 52:F3:24:79:09:B7:CB:0C:B1:B4:29:7B:37:A4:97:C8:AD:04:10:6A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 63FAC8C656BBD82B85FED91E3ED1CCFCD395A5FE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19844.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 19844
IP address blocks: 191.96.49.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:fa:c8:c6:56:bb:d8:2b:85:fe:d9:1e:3e:d1:cc:fc:d3:95:a5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=52F3247909B7CB0CB1B4297B37A497C8AD04106A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:92:3a:5e:30:26:fe:8c:82:06:f6:ef:0b:14:
45:07:8a:4f:30:1a:7e:5b:cd:a4:3b:9f:50:ee:2f:
0a:f5:d9:0b:5b:44:f1:89:0f:46:b5:7e:26:30:8d:
da:a3:fc:f5:81:c8:2b:1b:7d:0d:9f:ae:75:82:5f:
7d:5b:6c:1a:8c:73:5b:30:b3:f9:7b:e2:04:cc:d3:
77:80:50:6d:d4:eb:35:b8:8a:0f:95:25:31:8f:15:
22:49:ab:ca:d8:a7:f0:b1:0b:9c:d7:9f:60:6d:44:
a1:45:6c:8a:4d:ef:64:77:48:b2:dd:41:97:39:2b:
2c:e1:a2:ff:44:ed:ca:0d:d1:98:83:ef:71:16:fb:
f0:05:5d:9e:61:2a:47:dd:f1:ac:74:83:6e:cf:68:
dd:97:b5:04:3d:54:42:65:3a:a7:84:a2:a7:0b:a6:
7a:42:03:6b:50:85:74:2d:37:77:be:8a:68:ac:15:
b4:4c:1d:a6:c5:7d:ac:bf:fa:2c:a9:09:62:eb:9a:
8c:7a:f7:e0:99:2a:7d:94:83:38:28:52:c0:a5:f5:
8b:cd:7c:8d:8f:09:78:21:4c:c4:a5:60:4e:82:24:
43:ee:ce:16:92:a3:2b:2d:11:3e:55:67:54:4d:9f:
4d:4e:06:ff:7f:10:b9:91:2f:dd:8e:3e:76:d1:45:
b0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:F3:24:79:09:B7:CB:0C:B1:B4:29:7B:37:A4:97:C8:AD:04:10:6A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS19844.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.49.0/24
Signature Algorithm: sha256WithRSAEncryption
85:98:cc:f5:9c:58:4e:92:66:fd:db:55:a9:06:15:2c:66:3b:
d3:9a:c8:e4:32:9d:3a:29:82:ce:79:65:88:2a:16:b2:72:1f:
16:ce:42:9d:7a:03:9a:37:07:ed:d0:ac:d7:d7:3b:70:fb:aa:
3e:4b:08:15:47:5f:5b:5c:a5:11:d1:a4:e6:f0:39:4b:1a:52:
a8:ae:03:7a:60:21:de:05:88:8f:d2:f0:38:ed:27:21:2b:9b:
82:b1:d1:99:dd:e5:35:04:2f:d4:ce:db:31:c4:bf:0d:18:4a:
da:7c:4d:57:21:13:20:0b:98:01:0c:f8:fa:78:e7:e2:86:87:
89:5e:49:3b:0c:eb:40:54:be:16:44:c5:26:fb:b7:d5:e1:b0:
fd:c2:d5:17:66:ea:48:5b:16:df:24:e7:69:bb:06:6f:d0:92:
e9:60:0a:24:a1:85:6c:2b:46:d7:3a:31:1f:45:d6:c0:fe:e8:
b5:87:22:bb:dc:25:45:8b:fe:57:52:e7:1b:1b:a9:f9:84:56:
79:a4:88:2b:33:c9:24:4d:4c:a1:dc:54:22:9d:d7:cb:83:fe:
a4:25:d7:c7:2d:fd:84:04:e5:a5:25:55:f0:13:b2:c9:b8:4a:
53:8c:30:cf:ce:9c:86:5f:84:a1:14:d6:f2:da:01:c4:33:47:
b5:c5:de:29
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUY/rIxla72CuF/tkePtHM/NOVpf4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDUyRjMyNDc5MDlCN0NCMENCMUI0Mjk3QjM3QTQ5N0M4QUQwNDEwNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPkjpeMCb+jIIG9u8LFEUHik8w
Gn5bzaQ7n1DuLwr12QtbRPGJD0a1fiYwjdqj/PWByCsbfQ2frnWCX31bbBqMc1sw
s/l74gTM03eAUG3U6zW4ig+VJTGPFSJJq8rYp/CxC5zXn2BtRKFFbIpN72R3SLLd
QZc5Kyzhov9E7coN0ZiD73EW+/AFXZ5hKkfd8ax0g27PaN2XtQQ9VEJlOqeEoqcL
pnpCA2tQhXQtN3e+imisFbRMHabFfay/+iypCWLrmox69+CZKn2UgzgoUsCl9YvN
fI2PCXghTMSlYE6CJEPuzhaSoystET5VZ1RNn01OBv9/ELmRL92OPnbRRbDfAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUUvMkeQm3ywyxtCl7N6SXyK0EEGowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk4NDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YDEw
DQYJKoZIhvcNAQELBQADggEBAIWYzPWcWE6SZv3bVakGFSxmO9OayOQynTopgs55
ZYgqFrJyHxbOQp16A5o3B+3QrNfXO3D7qj5LCBVHX1tcpRHRpObwOUsaUqiuA3pg
Id4FiI/S8DjtJyErm4Kx0Znd5TUEL9TO2zHEvw0YStp8TVchEyALmAEM+Pp45+KG
h4leSTsM60BUvhZExSb7t9XhsP3C1Rdm6khbFt8k52m7Bm/QkulgCiShhWwrRtc6
MR9F1sD+6LWHIrvcJUWL/ldS5xsbqfmEVnmkiCszySRNTKHcVCKd18uD/qQl18ct
/YQE5aUlVfATssm4SlOMMM/OnIZfhKEU1vLaAcQzR7XF3ik=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:01 2025 by rpki-client