Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210846.roa
File: AS210846.roa (raw, json)
Hash identifier: k2kOk5bG0BfcpDY3sWt3BXFuUuWc7mzlHtGPa5oq1e8=
Subject key identifier: 4A:FC:87:F7:7C:47:24:53:A5:2C:F3:90:34:BA:A8:BB:AE:E4:39:4D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0A31946C49F654B67E704CF0B6226F093601C961
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210846.roa
Signing time: Wed 01 Jan 2025 08:53:49 +0000
ROA not before: Wed 01 Jan 2025 08:48:49 +0000
ROA not after: Wed 31 Dec 2025 08:53:49 +0000
asID: 210846
IP address blocks: 45.133.174.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:31:94:6c:49:f6:54:b6:7e:70:4c:f0:b6:22:6f:09:36:01:c9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:49 2025 GMT
Not After : Dec 31 08:53:49 2025 GMT
Subject: CN=4AFC87F77C472453A52CF39034BAA8BBAEE4394D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d3:03:91:c1:35:14:71:e3:1d:9c:d9:b2:f9:
9a:30:5e:3b:49:cd:66:c0:6a:95:3d:59:d7:7c:85:
2a:62:4c:8d:24:cf:68:65:e9:2a:f0:df:ef:79:f9:
8e:da:13:81:00:70:9f:8d:ac:1d:96:8d:14:0f:f4:
2f:27:17:99:9f:04:cf:ed:f0:fc:bd:88:44:d8:84:
d5:3e:61:2d:31:80:cd:c3:ad:9f:a2:9a:30:8a:03:
72:3b:fc:5b:a0:a3:2a:5e:89:70:9e:0d:58:d7:a5:
0e:76:5f:b4:96:05:1c:85:ac:91:d0:a1:6e:57:a6:
53:6b:90:fb:cc:00:21:28:a3:3a:b5:89:c3:5a:e4:
74:59:76:a8:08:b2:15:d1:11:d2:d9:b7:7f:d5:be:
50:2f:22:78:1b:a3:1b:c3:38:5d:7e:81:33:7a:8e:
23:b2:f9:af:3e:3c:3f:6e:1c:b0:72:41:6c:18:f0:
ba:1c:d6:54:59:85:32:09:4d:f3:29:7d:16:39:3a:
a3:a4:bb:03:f5:cf:81:f9:96:d9:7e:32:c3:32:13:
c2:48:8a:6f:50:fd:b8:b4:04:fb:d6:19:c8:22:cf:
04:e7:ec:e8:5f:75:25:8c:6e:d3:c9:b9:b5:4d:a1:
bf:b7:43:56:29:7d:35:a2:cc:37:a9:0d:a9:5e:53:
a2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:FC:87:F7:7C:47:24:53:A5:2C:F3:90:34:BA:A8:BB:AE:E4:39:4D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS210846.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.174.0/24
Signature Algorithm: sha256WithRSAEncryption
41:a6:a8:b2:05:f3:58:0a:e7:43:8e:e2:8f:b8:0c:fd:a0:90:
f4:e2:21:43:73:9c:7f:62:da:0a:c1:ac:25:a1:b7:75:4a:ca:
a6:9d:29:fd:ff:61:b4:4e:6c:4a:e3:13:0f:11:d1:1f:aa:77:
ae:ae:b8:90:bd:6f:d3:2a:49:73:af:a3:dc:38:4c:8b:02:8a:
92:11:32:c7:d9:3a:15:90:59:4c:63:8f:5e:47:4e:91:cf:eb:
f9:63:c9:98:a6:ca:1f:62:37:a0:10:34:67:28:c1:2b:0f:eb:
0d:84:ea:9b:9a:3f:fa:f1:0b:57:ba:0f:0c:fe:5d:5d:78:97:
6e:04:b4:93:31:58:cb:41:55:16:de:1a:73:d4:4c:8b:d2:fe:
28:c5:02:19:3f:e8:b9:33:d9:63:b5:13:3a:40:03:92:c6:fc:
e1:d8:b6:71:e2:0c:92:48:6b:e6:cf:50:78:c9:af:0b:84:5a:
2c:f9:6f:bb:c3:bf:ad:18:9d:d3:6f:4f:81:85:c4:c1:4b:79:
1c:44:45:c4:bd:dd:70:fe:a3:20:d8:6c:6f:60:44:49:b4:86:
67:8c:f1:dd:c9:b0:0d:ba:49:70:b6:86:1a:af:1e:f9:b8:75:
0d:05:d9:12:3d:07:1f:d9:51:44:23:85:b0:49:74:c0:1d:fc:
af:aa:c8:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUCjGUbEn2VLZ+cEzwtiJvCTYByWEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NDlaFw0yNTEyMzEwODUzNDlaMDMxMTAvBgNV
BAMTKDRBRkM4N0Y3N0M0NzI0NTNBNTJDRjM5MDM0QkFBOEJCQUVFNDM5NEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm0wORwTUUceMdnNmy+ZowXjtJ
zWbAapU9Wdd8hSpiTI0kz2hl6Srw3+95+Y7aE4EAcJ+NrB2WjRQP9C8nF5mfBM/t
8Py9iETYhNU+YS0xgM3DrZ+imjCKA3I7/FugoypeiXCeDVjXpQ52X7SWBRyFrJHQ
oW5XplNrkPvMACEoozq1icNa5HRZdqgIshXREdLZt3/VvlAvIngboxvDOF1+gTN6
jiOy+a8+PD9uHLByQWwY8Loc1lRZhTIJTfMpfRY5OqOkuwP1z4H5ltl+MsMyE8JI
im9Q/bi0BPvWGcgizwTn7OhfdSWMbtPJubVNob+3Q1YpfTWizDepDaleU6IlAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSvyH93xHJFOlLPOQNLqou67kOU0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjEwODQ2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYWu
MA0GCSqGSIb3DQEBCwUAA4IBAQBBpqiyBfNYCudDjuKPuAz9oJD04iFDc5x/YtoK
wawlobd1SsqmnSn9/2G0TmxK4xMPEdEfqneurriQvW/TKklzr6PcOEyLAoqSETLH
2ToVkFlMY49eR06Rz+v5Y8mYpsofYjegEDRnKMErD+sNhOqbmj/68QtXug8M/l1d
eJduBLSTMVjLQVUW3hpz1EyL0v4oxQIZP+i5M9ljtRM6QAOSxvzh2LZx4gySSGvm
z1B4ya8LhFos+W+7w7+tGJ3Tb0+BhcTBS3kcREXEvd1w/qMg2GxvYERJtIZnjPHd
ybANuklwtoYarx75uHUNBdkSPQcf2VFEI4WwSXTAHfyvqsgH
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:24 2025 by rpki-client