Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
File: AS209043.roa (raw, json)
Hash identifier: 79m+FSFgzoRAi52HHYyUTqU/xpfTEbEpomUGHAb3cLE=
Subject key identifier: B3:10:85:F2:45:16:B5:50:8E:47:5E:58:CF:31:3A:C8:20:99:5E:E4
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 45B936EBB20546EAE8D9D574548DF9991CBA9F8D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
Signing time: Wed 26 Mar 2025 13:53:59 +0000
ROA not before: Wed 26 Mar 2025 13:48:59 +0000
ROA not after: Wed 25 Mar 2026 13:53:59 +0000
asID: 209043
IP address blocks: 45.95.12.0/24 maxlen: 24
181.215.144.0/24 maxlen: 24
181.215.202.0/24 maxlen: 24
191.96.250.0/24 maxlen: 24
191.101.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:b9:36:eb:b2:05:46:ea:e8:d9:d5:74:54:8d:f9:99:1c:ba:9f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 26 13:48:59 2025 GMT
Not After : Mar 25 13:53:59 2026 GMT
Subject: CN=B31085F24516B5508E475E58CF313AC820995EE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:bf:88:b4:e3:73:77:dc:93:52:f3:31:83:bd:
ec:19:b7:8b:2d:ab:ad:2c:68:4b:c8:38:5a:ae:12:
e7:74:bb:4e:81:85:04:d5:c0:45:06:f5:ba:34:5a:
0b:24:92:1f:76:cd:2e:7e:dd:52:2b:ca:1b:c0:14:
c9:85:8c:e7:8b:1b:37:1c:21:8a:c6:f3:73:c8:b9:
b7:09:68:af:6d:9a:3d:44:6b:7e:d6:5b:ae:86:60:
a6:7a:82:56:13:46:c5:64:c5:04:65:8c:ed:77:da:
a8:94:e1:b3:c1:99:6b:c3:71:03:d4:95:c0:55:67:
2c:8a:db:8e:0a:03:01:0c:22:ca:df:0f:d4:27:38:
e8:40:79:16:d0:06:b9:93:a9:fa:11:4f:ee:bc:2d:
b7:32:2b:b4:53:dc:12:3a:47:8a:e7:76:15:3d:22:
b1:b0:76:65:90:9c:14:10:04:ca:cd:46:a6:14:d1:
1d:cb:52:65:09:31:77:e4:e1:38:76:f0:d1:53:0c:
15:1e:33:50:e7:9f:89:62:22:ad:e4:2c:24:e3:14:
c7:9e:10:f1:b8:cb:1d:bd:f9:93:da:09:1a:78:d4:
c7:9e:04:e7:9d:ed:62:40:66:08:8b:02:a4:c7:e2:
3d:ef:85:44:9e:d8:42:58:9a:3c:b2:ce:a7:62:f4:
bf:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:10:85:F2:45:16:B5:50:8E:47:5E:58:CF:31:3A:C8:20:99:5E:E4
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS209043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.12.0/24
181.215.144.0/24
181.215.202.0/24
191.96.250.0/24
191.101.149.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4e:e8:b8:21:c8:b0:cf:ba:d9:05:e4:95:e0:4f:9b:7d:d6:
ea:68:60:3e:46:f1:73:84:a1:20:a1:33:e5:21:e9:ed:ea:67:
e6:c7:75:bb:d7:12:f3:33:e1:e0:51:79:09:a7:c4:2c:42:f3:
d3:14:a7:36:98:22:8d:18:56:69:d8:4b:3b:a2:e1:e2:78:3b:
5e:fb:af:3d:12:fd:40:97:14:e4:12:a4:15:9c:27:87:52:fd:
bc:df:a5:4e:41:eb:97:91:af:f7:7a:96:89:fb:80:aa:09:f2:
9b:da:e2:97:c2:0d:13:83:af:04:e4:16:73:6c:31:cb:7f:c5:
c4:b8:9e:96:8d:76:bd:05:2c:b3:27:71:31:4a:11:9f:d7:28:
76:5c:b6:1f:10:60:3c:23:90:fd:b2:8e:18:71:24:34:9a:37:
77:64:f5:7b:af:15:04:27:6a:17:24:5f:40:43:ca:ac:dc:f4:
27:f3:14:14:d4:e3:fb:9e:5a:80:11:bc:98:b8:ae:b3:38:ec:
e6:c3:16:23:b0:64:f6:ff:26:a5:d5:66:60:ac:0b:5a:b2:d4:
50:ca:0d:3d:01:69:bb:b7:bb:3c:5f:ce:00:2a:ea:7f:6d:ca:
99:e3:08:42:2f:64:87:74:7c:61:8f:fc:96:f4:3d:29:92:98:
5b:2f:29:c9
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIURbk267IFRuro2dV0VI35mRy6n40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMjYxMzQ4NTlaFw0yNjAzMjUxMzUzNTlaMDMxMTAvBgNV
BAMTKEIzMTA4NUYyNDUxNkI1NTA4RTQ3NUU1OENGMzEzQUM4MjA5OTVFRTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLv4i043N33JNS8zGDvewZt4st
q60saEvIOFquEud0u06BhQTVwEUG9bo0Wgskkh92zS5+3VIryhvAFMmFjOeLGzcc
IYrG83PIubcJaK9tmj1Ea37WW66GYKZ6glYTRsVkxQRljO132qiU4bPBmWvDcQPU
lcBVZyyK244KAwEMIsrfD9QnOOhAeRbQBrmTqfoRT+68LbcyK7RT3BI6R4rndhU9
IrGwdmWQnBQQBMrNRqYU0R3LUmUJMXfk4Th28NFTDBUeM1Dnn4liIq3kLCTjFMee
EPG4yx29+ZPaCRp41MeeBOed7WJAZgiLAqTH4j3vhUSe2EJYmjyyzqdi9L+hAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUsxCF8kUWtVCOR15YzzE6yCCZXuQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA5MDQzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV8M
AwQAtdeQAwQAtdfKAwQAv2D6AwQAv2WVMA0GCSqGSIb3DQEBCwUAA4IBAQA0Tui4
Iciwz7rZBeSV4E+bfdbqaGA+RvFzhKEgoTPlIent6mfmx3W71xLzM+HgUXkJp8Qs
QvPTFKc2mCKNGFZp2Es7ouHieDte+689Ev1AlxTkEqQVnCeHUv2836VOQeuXka/3
epaJ+4CqCfKb2uKXwg0Tg68E5BZzbDHLf8XEuJ6WjXa9BSyzJ3ExShGf1yh2XLYf
EGA8I5D9so4YcSQ0mjd3ZPV7rxUEJ2oXJF9AQ8qs3PQn8xQU1OP7nlqAEbyYuK6z
OOzmwxYjsGT2/yal1WZgrAtastRQyg09AWm7t7s8X84AKup/bcqZ4whCL2SHdHxh
j/yW9D0pkphbLynJ
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:05 2025 by rpki-client