Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS199654.roa
File: AS199654.roa (raw, json)
Hash identifier: OuwmXIjE/p1CMbZHT2sLS9nHpplzWKPd+ayTwaofDDw=
Subject key identifier: C2:1B:B1:01:AD:11:DA:DE:DF:C5:47:9A:66:E7:E5:B3:6E:F5:2E:5B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5A44F42288D2DAC62B3F9F75216D0781A9FB57A5
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS199654.roa
Signing time: Sun 01 Dec 2024 23:43:28 +0000
ROA not before: Sun 01 Dec 2024 23:38:28 +0000
ROA not after: Sun 30 Nov 2025 23:43:28 +0000
asID: 199654
IP address blocks: 191.96.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:44:f4:22:88:d2:da:c6:2b:3f:9f:75:21:6d:07:81:a9:fb:57:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 1 23:38:28 2024 GMT
Not After : Nov 30 23:43:28 2025 GMT
Subject: CN=C21BB101AD11DADEDFC5479A66E7E5B36EF52E5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:d0:e3:d1:5f:95:3f:d5:f1:a9:5e:e0:6c:
ad:c8:62:03:5a:09:71:65:9b:65:86:d4:84:cb:4c:
a6:d1:a5:cd:75:e6:e0:67:b2:5a:e3:e4:08:33:a0:
a7:f1:93:85:62:98:44:c7:e2:d2:3d:75:01:ff:ef:
a1:7c:a0:0a:68:53:9e:ba:43:dd:85:35:9f:e8:5a:
f6:11:e4:89:dc:7a:3f:32:60:a4:89:d9:42:40:ab:
33:85:12:7f:1d:89:74:8b:7d:21:03:47:aa:e9:80:
e9:4c:bf:da:bb:c8:01:e7:75:99:d2:02:12:60:c1:
61:7f:f7:5d:24:66:c3:8f:20:ae:b8:9f:5d:cb:ef:
8c:71:70:fe:13:67:93:75:e7:99:28:80:90:6f:d2:
03:d3:b3:8e:d9:9c:0f:85:ae:e9:d4:c3:9b:8b:f9:
0c:de:64:eb:e9:69:b7:29:96:94:61:b3:0b:5d:0a:
0d:93:eb:23:ea:3f:f9:9f:44:9f:b1:fe:29:95:1e:
26:47:1f:00:8d:96:df:5a:75:48:7f:cd:0a:d2:62:
9c:07:bb:56:2d:05:7e:2c:c5:73:21:f9:d0:1e:cd:
f4:b5:84:ad:e9:71:03:d9:f5:ac:14:76:c3:da:55:
5e:fa:9e:f8:5f:fa:b6:10:8c:49:ab:f8:e2:4e:a1:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1B:B1:01:AD:11:DA:DE:DF:C5:47:9A:66:E7:E5:B3:6E:F5:2E:5B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS199654.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.207.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:d2:bf:2a:93:11:4b:66:d3:ef:87:2c:11:c2:0f:3f:fb:c0:
9f:27:06:bd:04:7e:c3:b8:96:d9:fe:1f:25:e0:3d:2f:06:af:
5d:ad:ae:0f:24:1a:c4:55:18:5f:7f:9d:b4:d6:10:7f:53:67:
4f:9d:80:eb:82:6e:24:b6:cf:a7:75:58:8f:fd:f4:f2:89:f8:
29:91:de:1c:71:ea:c3:63:e0:f4:e7:ab:1e:7e:da:83:bb:9d:
7e:a3:eb:7b:0a:7e:6d:de:22:4d:d4:8a:e2:54:73:ef:52:bd:
1b:5a:c9:ef:05:94:cf:98:b0:65:f8:28:20:3c:2e:e0:bf:94:
46:c6:41:02:2f:ea:c9:29:83:af:b1:be:4f:16:b9:0c:4f:44:
5b:6d:72:7a:70:37:c1:12:f5:35:25:e0:fc:b8:7c:7d:d9:a5:
e3:ec:db:aa:c4:85:7e:5a:b7:c1:95:05:91:a7:70:2b:5e:d2:
d9:8e:3d:55:a2:c0:72:0f:8a:2d:e6:0b:a4:26:e1:3a:bd:a5:
c6:9d:ad:e4:31:e7:97:a2:9c:4e:6a:9b:69:cd:cf:4f:56:8e:
ac:88:39:66:c0:86:2f:af:9e:a3:02:92:80:54:c2:13:a4:45:
68:0f:6b:2a:02:64:92:39:a0:e5:b0:f5:f4:39:7c:8c:53:cb:
3b:ae:97:7a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWkT0IojS2sYrP591IW0Hgan7V6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMDEyMzM4MjhaFw0yNTExMzAyMzQzMjhaMDMxMTAvBgNV
BAMTKEMyMUJCMTAxQUQxMURBREVERkM1NDc5QTY2RTdFNUIzNkVGNTJFNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzr9Dj0V+VP9XxqV7gbK3IYgNa
CXFlm2WG1ITLTKbRpc115uBnslrj5AgzoKfxk4VimETH4tI9dQH/76F8oApoU566
Q92FNZ/oWvYR5Incej8yYKSJ2UJAqzOFEn8diXSLfSEDR6rpgOlMv9q7yAHndZnS
AhJgwWF/910kZsOPIK64n13L74xxcP4TZ5N155kogJBv0gPTs47ZnA+FrunUw5uL
+QzeZOvpabcplpRhswtdCg2T6yPqP/mfRJ+x/imVHiZHHwCNlt9adUh/zQrSYpwH
u1YtBX4sxXMh+dAezfS1hK3pcQPZ9awUdsPaVV76nvhf+rYQjEmr+OJOoRBxAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUwhuxAa0R2t7fxUeaZufls271LlswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTk5NjU0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2DP
MA0GCSqGSIb3DQEBCwUAA4IBAQBc0r8qkxFLZtPvhywRwg8/+8CfJwa9BH7DuJbZ
/h8l4D0vBq9dra4PJBrEVRhff5201hB/U2dPnYDrgm4kts+ndViP/fTyifgpkd4c
cerDY+D056seftqDu51+o+t7Cn5t3iJN1IriVHPvUr0bWsnvBZTPmLBl+CggPC7g
v5RGxkECL+rJKYOvsb5PFrkMT0RbbXJ6cDfBEvU1JeD8uHx92aXj7NuqxIV+WrfB
lQWRp3ArXtLZjj1VosByD4ot5gukJuE6vaXGna3kMeeXopxOaptpzc9PVo6siDlm
wIYvr56jApKAVMITpEVoD2sqAmSSOaDlsPX0OXyMU8s7rpd6
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:31:23 2025 by rpki-client