Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210356.roa
File: AS210356.roa (raw, json)
Hash identifier: a2Fy8/cMaYCEn3cc36S3R340PteCTeiWJ4cGLPfVXq0=
Subject key identifier: A8:41:ED:58:D6:08:57:7D:A1:5E:59:B4:F8:4B:95:13:05:11:17:1A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1107676BE0DE8C7D3D74A922238AA2A8D8221B6F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210356.roa
Signing time: Wed 01 Jan 2025 08:53:51 +0000
ROA not before: Wed 01 Jan 2025 08:48:51 +0000
ROA not after: Wed 31 Dec 2025 08:53:51 +0000
asID: 210356
IP address blocks: 181.214.48.0/24 maxlen: 24
181.214.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:07:67:6b:e0:de:8c:7d:3d:74:a9:22:23:8a:a2:a8:d8:22:1b:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:51 2025 GMT
Not After : Dec 31 08:53:51 2025 GMT
Subject: CN=A841ED58D608577DA15E59B4F84B95130511171A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:5a:82:74:3b:6e:72:6a:5f:e1:30:f1:f1:40:
64:39:f5:bd:05:c9:06:4d:b0:de:a9:25:01:50:e9:
74:3c:f1:a8:ba:4c:0f:d2:de:8c:d3:3c:4b:b4:3e:
2b:19:7b:ae:97:58:d0:ca:b5:b3:54:88:f9:6d:6a:
91:00:d0:ed:77:30:f1:e1:36:b3:5e:33:20:98:2c:
a8:d5:4c:e1:5a:11:ce:a0:9b:30:6a:a1:27:36:2c:
1d:32:6d:e0:26:1c:04:6b:b2:51:95:c7:11:e1:53:
5a:e3:96:a2:b5:c9:1e:84:57:73:bf:0e:77:ee:d5:
6b:d1:7f:02:13:56:74:57:3e:9c:e0:3b:b1:e4:f9:
5d:55:4e:2f:3f:27:30:10:d7:da:30:9b:c7:43:ee:
e7:0c:57:51:e6:4a:b0:38:e2:ee:86:91:f1:65:52:
e9:01:0e:c4:b0:4b:56:b2:b2:7b:cd:46:0d:bd:39:
47:eb:e5:c7:f2:41:85:cc:98:4b:a7:89:05:fd:82:
1f:02:79:4d:d2:3f:7a:f2:a9:86:d3:37:95:2e:84:
2a:bf:c0:44:24:3e:dd:43:d2:ce:44:fc:72:c9:3f:
16:25:d6:01:1f:82:db:3e:29:2a:b4:78:5f:56:28:
2c:bc:54:f3:d4:cc:a8:fb:9f:e9:09:63:a5:1e:cb:
47:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:41:ED:58:D6:08:57:7D:A1:5E:59:B4:F8:4B:95:13:05:11:17:1A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210356.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.48.0/24
181.214.221.0/24
Signature Algorithm: sha256WithRSAEncryption
38:73:a3:d9:f4:f8:58:68:2f:59:41:7c:cc:b8:f6:38:13:2b:
d5:03:83:bb:bb:d8:02:f9:41:9f:e9:6f:26:de:76:0e:92:10:
6d:0a:93:ef:11:e2:d7:d8:15:e3:89:ac:79:09:a2:42:17:25:
f7:c0:2e:72:07:a3:dd:9d:0e:75:90:3b:ae:82:c8:64:fa:77:
f3:f9:80:9b:25:a5:ab:6e:c6:34:7b:80:b2:b7:f7:0a:74:f1:
ce:76:25:26:07:cb:d4:02:59:08:a0:83:45:68:ac:e8:b7:ff:
08:70:45:b1:bb:83:43:ac:2f:4c:a9:d2:d0:d6:cd:0f:01:2b:
8c:a5:82:19:e8:9d:d3:89:e6:bd:93:bd:50:6a:ac:e3:e9:ae:
1f:28:aa:a1:98:eb:f4:e1:f2:ec:f3:bc:52:77:32:1b:65:37:
50:80:14:f5:f6:57:40:e1:61:5b:b2:b3:e6:82:44:24:93:04:
d6:c9:55:7b:b9:ef:cf:6b:52:98:c9:88:f8:b5:4c:ea:ea:32:
a8:01:7d:aa:d4:bf:04:00:1a:6a:db:63:b4:b5:8e:71:ad:b9:
bd:64:98:55:22:0a:12:a2:13:71:af:33:3a:ba:2b:9b:4e:11:
17:24:9c:af:4e:ff:b6:6f:f3:f3:ef:b7:4f:a6:00:01:ea:79:
c8:b3:92:54
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUEQdna+DejH09dKkiI4qiqNgiG28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTFaFw0yNTEyMzEwODUzNTFaMDMxMTAvBgNV
BAMTKEE4NDFFRDU4RDYwODU3N0RBMTVFNTlCNEY4NEI5NTEzMDUxMTE3MUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXWoJ0O25yal/hMPHxQGQ59b0F
yQZNsN6pJQFQ6XQ88ai6TA/S3ozTPEu0PisZe66XWNDKtbNUiPltapEA0O13MPHh
NrNeMyCYLKjVTOFaEc6gmzBqoSc2LB0ybeAmHARrslGVxxHhU1rjlqK1yR6EV3O/
Dnfu1WvRfwITVnRXPpzgO7Hk+V1VTi8/JzAQ19owm8dD7ucMV1HmSrA44u6GkfFl
UukBDsSwS1aysnvNRg29OUfr5cfyQYXMmEuniQX9gh8CeU3SP3ryqYbTN5UuhCq/
wEQkPt1D0s5E/HLJPxYl1gEfgts+KSq0eF9WKCy8VPPUzKj7n+kJY6Uey0eJAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUqEHtWNYIV32hXlm0+EuVEwURFxowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwMzU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAtdYw
AwQAtdbdMA0GCSqGSIb3DQEBCwUAA4IBAQA4c6PZ9PhYaC9ZQXzMuPY4EyvVA4O7
u9gC+UGf6W8m3nYOkhBtCpPvEeLX2BXjiax5CaJCFyX3wC5yB6PdnQ51kDuugshk
+nfz+YCbJaWrbsY0e4Cyt/cKdPHOdiUmB8vUAlkIoINFaKzot/8IcEWxu4NDrC9M
qdLQ1s0PASuMpYIZ6J3Tiea9k71Qaqzj6a4fKKqhmOv04fLs87xSdzIbZTdQgBT1
9ldA4WFbsrPmgkQkkwTWyVV7ue/Pa1KYyYj4tUzq6jKoAX2q1L8EABpq22O0tY5x
rbm9ZJhVIgoSohNxrzM6uiubThEXJJyvTv+2b/Pz77dPpgAB6nnIs5JU
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:52 2025 by rpki-client