Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
File: AS206150.roa (raw, json)
Hash identifier: bZ1EgksKJiMJj/vgdgnrp8qKLvuZ945FsXg2XU9Zapk=
Subject key identifier: 1D:E7:B6:2A:B5:C5:C9:84:9F:91:AD:97:3C:99:99:72:39:CC:05:EB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 64F31A4E45BE195CB5BD61ECE40C7863A021B35B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
Signing time: Wed 12 Feb 2025 14:57:12 +0000
ROA not before: Wed 12 Feb 2025 14:52:12 +0000
ROA not after: Wed 11 Feb 2026 14:57:12 +0000
asID: 206150
IP address blocks: 2a0a:4e80::/32 maxlen: 48
2a0a:4e81::/32 maxlen: 48
2a0a:4e82::/32 maxlen: 48
2a0a:4e83::/32 maxlen: 48
2a0a:4e84::/32 maxlen: 48
2a0a:4e85::/32 maxlen: 48
2a0a:4e86::/32 maxlen: 48
2a0a:4e87::/32 maxlen: 48
2a0a:8e01::/32 maxlen: 48
2a0a:8e02::/32 maxlen: 48
2a0a:8e03::/32 maxlen: 48
2a0a:8e04::/32 maxlen: 48
2a0a:8e05::/32 maxlen: 48
2a0a:8e06::/32 maxlen: 48
2a0a:8e07::/32 maxlen: 48
2a0a:9600::/32 maxlen: 48
2a0a:9601::/32 maxlen: 48
2a0a:9602::/32 maxlen: 48
2a0a:9603::/32 maxlen: 48
2a0a:9604::/32 maxlen: 48
2a0a:9605::/32 maxlen: 48
2a0a:a704::/30 maxlen: 48
2a0a:be01::/32 maxlen: 48
2a0a:be02::/32 maxlen: 48
2a0a:be03::/32 maxlen: 48
2a0a:be04::/32 maxlen: 48
2a0a:be05::/32 maxlen: 48
2a0a:be06::/32 maxlen: 48
2a0a:be07::/32 maxlen: 48
2a0a:d200::/32 maxlen: 48
2a0a:d201::/32 maxlen: 48
2a0a:d202::/32 maxlen: 48
2a0a:d203::/32 maxlen: 48
2a0a:d204::/32 maxlen: 48
2a0a:d205::/32 maxlen: 48
2a0a:d206::/32 maxlen: 48
2a0a:d207::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:f3:1a:4e:45:be:19:5c:b5:bd:61:ec:e4:0c:78:63:a0:21:b3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 12 14:52:12 2025 GMT
Not After : Feb 11 14:57:12 2026 GMT
Subject: CN=1DE7B62AB5C5C9849F91AD973C99997239CC05EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ff:0e:71:55:5f:c7:cb:0e:68:16:f4:90:0a:
df:29:e1:37:f5:e0:db:84:83:8b:1f:fe:48:bc:76:
d3:1a:f3:53:cd:45:42:68:f5:d7:99:f3:9a:d7:84:
36:4a:54:ff:23:cc:bc:bd:82:f1:b0:36:6c:ef:87:
a3:e3:aa:1c:40:93:0f:06:10:79:cb:6a:14:42:6f:
ca:e5:19:84:eb:bc:64:cb:e5:44:88:9e:bc:d2:eb:
18:68:31:71:ef:d7:68:7e:e5:09:64:43:6b:f4:eb:
ed:bb:f4:48:d1:76:f5:cc:09:97:3e:21:f3:ee:89:
af:7d:4b:33:8c:58:d0:a4:ce:40:ab:f1:fa:a7:5f:
61:be:1a:e1:6a:5a:42:a2:f7:84:0d:15:c9:74:b8:
bf:cb:ac:90:f4:91:9e:63:40:44:48:3e:dc:1e:05:
06:59:d1:36:e1:ee:54:f3:91:3e:61:81:f8:89:9c:
95:b5:da:17:1e:8a:e1:51:26:f9:f4:cc:6a:47:c1:
99:25:28:15:01:39:ac:3d:c5:04:bf:d9:ad:72:6a:
2d:60:49:6f:5e:30:ae:3d:37:8b:e9:70:53:a8:b2:
d0:da:fb:a1:bc:e4:e8:7e:4d:31:ba:3c:c7:2e:e7:
9d:94:cc:d4:2e:c2:fc:78:6a:1b:4c:05:21:1c:a0:
38:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:E7:B6:2A:B5:C5:C9:84:9F:91:AD:97:3C:99:99:72:39:CC:05:EB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS206150.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:4e80::/29
2a0a:8e01::-2a0a:8e07:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:9600::-2a0a:9605:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:a704::/30
2a0a:be01::-2a0a:be07:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:d200::/29
Signature Algorithm: sha256WithRSAEncryption
ab:59:d8:bd:75:ab:3b:52:6f:c0:e2:b2:c0:a3:b4:99:37:da:
ba:f2:d0:fa:00:c2:61:23:27:01:cb:f9:e7:f5:5f:08:cb:d2:
64:3a:a6:1b:91:44:6b:b9:90:28:04:34:b7:ae:9f:5b:c8:ff:
64:b5:5d:9c:3f:87:17:16:c6:01:7f:57:a2:d3:5d:5d:07:bf:
cf:4f:b5:7e:02:f3:18:9b:cb:28:b5:3e:9d:2a:24:aa:91:94:
15:1a:5a:05:3b:b8:c2:6d:99:df:ec:d5:78:0d:60:59:40:61:
bf:14:d5:5e:e3:ad:3e:86:b3:04:55:48:16:f6:ff:84:b4:77:
dd:9a:fa:60:d7:45:16:c7:06:bb:13:a1:e4:46:0e:9a:22:3d:
62:62:16:f2:72:db:89:3e:3d:ac:21:70:57:6f:ef:f7:7c:cc:
15:2f:7a:be:b0:c7:37:10:de:4d:1d:9b:19:c8:83:bf:bd:4a:
f7:8c:93:c9:5b:11:8f:df:14:ef:7f:e1:5c:da:ab:3e:d3:3a:
41:95:de:ce:82:99:cb:60:2f:42:c2:ba:e2:44:c1:b3:63:1e:
d5:a8:1e:e8:9f:fb:ca:51:81:96:aa:26:98:9a:29:c2:b4:d4:
06:da:0f:19:a9:23:ad:9e:c6:6a:c6:41:ef:51:4b:f1:a9:ac:
56:31:48:82
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUZPMaTkW+GVy1vWHs5Ax4Y6Ahs1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTIxNDUyMTJaFw0yNjAyMTExNDU3MTJaMDMxMTAvBgNV
BAMTKDFERTdCNjJBQjVDNUM5ODQ5RjkxQUQ5NzNDOTk5OTcyMzlDQzA1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCT/w5xVV/Hyw5oFvSQCt8p4Tf1
4NuEg4sf/ki8dtMa81PNRUJo9deZ85rXhDZKVP8jzLy9gvGwNmzvh6PjqhxAkw8G
EHnLahRCb8rlGYTrvGTL5USInrzS6xhoMXHv12h+5QlkQ2v06+279EjRdvXMCZc+
IfPuia99SzOMWNCkzkCr8fqnX2G+GuFqWkKi94QNFcl0uL/LrJD0kZ5jQERIPtwe
BQZZ0Tbh7lTzkT5hgfiJnJW12hceiuFRJvn0zGpHwZklKBUBOaw9xQS/2a1yai1g
SW9eMK49N4vpcFOostDa+6G85Oh+TTG6PMcu552UzNQuwvx4ahtMBSEcoDjPAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUHee2KrXFyYSfka2XPJmZcjnMBeswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA2MTUwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAAjBEAwUDKgpO
gDAOAwUAKgqOAQMFAyoKjgAwDQMEASoKlgMFASoKlgQDBQIqCqcEMA4DBQAqCr4B
AwUDKgq+AAMFAyoK0gAwDQYJKoZIhvcNAQELBQADggEBAKtZ2L11qztSb8DissCj
tJk32rry0PoAwmEjJwHL+ef1XwjL0mQ6phuRRGu5kCgENLeun1vI/2S1XZw/hxcW
xgF/V6LTXV0Hv89PtX4C8xibyyi1Pp0qJKqRlBUaWgU7uMJtmd/s1XgNYFlAYb8U
1V7jrT6GswRVSBb2/4S0d92a+mDXRRbHBrsToeRGDpoiPWJiFvJy24k+PawhcFdv
7/d8zBUver6wxzcQ3k0dmxnIg7+9SveMk8lbEY/fFO9/4Vzaqz7TOkGV3s6Cmctg
L0LCuuJEwbNjHtWoHuif+8pRgZaqJpiaKcK01AbaDxmpI62exmrGQe9RS/GprFYx
SII=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:01 2025 by rpki-client