Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204843.roa
File: AS204843.roa (raw, json)
Hash identifier: CW7BzVgeiGDEd2u7sbtq6sUkw8PArDUA3x3zd5tIsyI=
Subject key identifier: 45:EA:D3:6A:61:8E:A8:3E:A6:AD:E8:FB:5A:61:26:A3:B5:62:81:84
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0783E8E77F238D79490B775398D560C5495C5DA9
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204843.roa
Signing time: Tue 04 Jul 2023 20:38:43 +0000
ROA not before: Tue 04 Jul 2023 20:33:43 +0000
ROA not after: Tue 02 Jul 2024 20:38:43 +0000
asID: 204843
IP address blocks: 191.96.86.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:83:e8:e7:7f:23:8d:79:49:0b:77:53:98:d5:60:c5:49:5c:5d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 4 20:33:43 2023 GMT
Not After : Jul 2 20:38:43 2024 GMT
Subject: CN=45EAD36A618EA83EA6ADE8FB5A6126A3B5628184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6f:49:d6:0f:63:e5:10:55:88:94:94:21:08:
9e:b9:c3:28:11:5a:7f:2d:78:6b:7a:55:42:cc:98:
ca:5e:ac:a6:0f:ea:d4:fb:44:70:bf:14:9d:5b:45:
93:2c:cf:0c:c9:59:f7:09:28:4c:24:fd:e6:c5:1f:
64:5a:53:66:0d:81:19:3b:a4:9c:09:0f:b7:77:61:
9b:68:95:91:1f:b6:36:59:e6:3a:6c:be:53:17:35:
2e:5e:77:0c:c4:c1:27:eb:fb:c5:d1:42:75:9c:92:
35:30:97:7e:92:46:1e:44:76:14:a4:f4:d5:d0:29:
cb:41:b9:10:a2:f3:8e:eb:96:d4:d7:1b:a4:72:b4:
77:96:f5:6c:f4:20:62:2b:9e:19:ab:22:df:5a:e7:
e6:db:eb:be:a3:87:6c:db:32:4f:4c:42:0d:f1:6c:
59:3f:e3:f3:c0:23:53:6c:9b:b6:9c:c1:9e:0e:b1:
18:1b:01:a6:e0:19:02:b2:87:76:3a:49:f2:d2:f3:
ac:50:c3:c7:a9:64:a1:36:b6:8a:31:7b:2d:58:16:
73:2a:4a:52:8e:33:81:37:6f:10:2e:85:56:85:14:
93:16:ab:b0:14:95:8f:50:ac:8c:56:5e:db:28:16:
a1:bf:69:de:4a:24:88:f1:1d:af:21:1e:22:2d:c5:
e9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:EA:D3:6A:61:8E:A8:3E:A6:AD:E8:FB:5A:61:26:A3:B5:62:81:84
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS204843.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.86.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:10:70:9a:3f:7d:64:cd:d5:3f:12:b9:89:f4:76:d6:3b:d9:
0c:37:76:a4:72:af:dc:a2:a5:32:a0:02:d3:dc:02:42:f8:f1:
34:23:56:51:62:0e:6f:28:4c:43:84:7d:eb:9d:56:38:6d:bd:
98:b5:d4:99:a6:00:3c:df:91:e3:e3:0f:b0:a7:67:db:48:d8:
d9:e2:61:77:eb:59:45:64:30:b4:c2:a7:83:88:1f:f2:35:64:
ce:93:dc:2d:61:90:10:0d:7b:11:5f:47:90:3a:a5:25:ca:ee:
9c:fe:29:cd:25:00:f5:cd:d5:05:75:93:3f:ca:4d:12:08:24:
d6:21:0e:f0:2d:5d:aa:f3:d3:f9:4b:8f:c5:31:60:77:69:7c:
67:b9:c6:35:d0:10:8d:4b:b5:49:62:74:63:da:bc:ab:e7:36:
ae:e8:54:5a:c1:7b:1a:76:80:02:83:78:0d:51:85:72:8a:0f:
a3:9b:5a:55:72:ff:cc:dd:14:69:70:bd:61:77:2f:02:93:26:
1d:38:74:8b:97:d9:34:48:43:5a:f3:be:7c:1e:e8:26:ed:9a:
ec:af:2b:f2:d8:f8:de:c1:13:8a:27:23:49:d7:1d:ba:fc:cd:
9d:09:9b:6e:5c:0d:ba:15:bd:a5:0d:67:78:a9:6f:99:88:f0:
aa:3a:82:55
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUB4Po538jjXlJC3dTmNVgxUlcXakwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MDQyMDMzNDNaFw0yNDA3MDIyMDM4NDNaMDMxMTAvBgNV
BAMTKDQ1RUFEMzZBNjE4RUE4M0VBNkFERThGQjVBNjEyNkEzQjU2MjgxODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYb0nWD2PlEFWIlJQhCJ65wygR
Wn8teGt6VULMmMperKYP6tT7RHC/FJ1bRZMszwzJWfcJKEwk/ebFH2RaU2YNgRk7
pJwJD7d3YZtolZEftjZZ5jpsvlMXNS5edwzEwSfr+8XRQnWckjUwl36SRh5EdhSk
9NXQKctBuRCi847rltTXG6RytHeW9Wz0IGIrnhmrIt9a5+bb676jh2zbMk9MQg3x
bFk/4/PAI1Nsm7acwZ4OsRgbAabgGQKyh3Y6SfLS86xQw8epZKE2tooxey1YFnMq
SlKOM4E3bxAuhVaFFJMWq7AUlY9QrIxWXtsoFqG/ad5KJIjxHa8hHiItxen5AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQURerTamGOqD6mrej7WmEmo7VigYQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0ODQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2BW
MA0GCSqGSIb3DQEBCwUAA4IBAQB7EHCaP31kzdU/ErmJ9HbWO9kMN3akcq/coqUy
oALT3AJC+PE0I1ZRYg5vKExDhH3rnVY4bb2YtdSZpgA835Hj4w+wp2fbSNjZ4mF3
61lFZDC0wqeDiB/yNWTOk9wtYZAQDXsRX0eQOqUlyu6c/inNJQD1zdUFdZM/yk0S
CCTWIQ7wLV2q89P5S4/FMWB3aXxnucY10BCNS7VJYnRj2ryr5zau6FRawXsadoAC
g3gNUYVyig+jm1pVcv/M3RRpcL1hdy8CkyYdOHSLl9k0SENa8758Hugm7Zrsryvy
2PjewROKJyNJ1x26/M2dCZtuXA26Fb2lDWd4qW+ZiPCqOoJV
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:35 2025 by rpki-client