Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211585.roa
File: AS211585.roa (raw, json)
Hash identifier: kF7l5JKyX7VaBXYyXSPyLNQxfLiRklkqeAHD2Y7oSOc=
Subject key identifier: 48:DA:4C:44:48:BF:0A:8B:A8:23:2A:BA:A5:0C:97:88:9F:EC:35:0C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5F6A5FD8CC7DFD5E17856E977344821BBDAF78A7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211585.roa
Signing time: Tue 11 Jul 2023 00:00:15 +0000
ROA not before: Mon 10 Jul 2023 23:55:15 +0000
ROA not after: Tue 09 Jul 2024 00:00:15 +0000
asID: 211585
IP address blocks: 191.96.132.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:6a:5f:d8:cc:7d:fd:5e:17:85:6e:97:73:44:82:1b:bd:af:78:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 10 23:55:15 2023 GMT
Not After : Jul 9 00:00:15 2024 GMT
Subject: CN=48DA4C4448BF0A8BA8232ABAA50C97889FEC350C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b5:7e:68:93:12:b3:49:52:8a:59:a6:b0:52:
03:c0:78:8d:14:56:af:35:20:39:cd:72:b8:8a:3f:
53:29:f5:0d:87:25:4f:ff:68:63:1b:9b:fd:04:72:
81:94:94:0f:68:5f:55:01:b3:ad:66:f9:47:ca:58:
59:e7:3c:60:27:ea:5f:4f:d4:ae:b8:3f:2d:3d:41:
72:dd:e9:99:47:67:53:18:4c:5a:e2:74:4d:b0:26:
d7:2d:bf:8c:04:a0:c4:39:0b:5a:04:e5:e8:2d:0c:
8b:43:36:13:81:48:72:2f:8d:ca:53:7c:54:3d:d8:
8d:af:bb:e2:72:2b:d3:1b:d7:28:64:ad:29:d5:53:
16:b6:fa:78:f8:8a:be:0a:61:f2:25:53:f3:69:f8:
59:21:dd:a8:01:4d:2d:00:40:0d:25:ab:73:ef:7e:
6c:3e:2b:a3:68:2b:eb:a7:33:3d:07:03:82:23:0b:
b2:4b:7e:ad:df:32:92:94:16:66:4f:49:96:d8:a3:
6d:da:87:96:35:06:e9:58:e9:ec:d1:ad:cd:f2:ea:
0f:a8:e9:f0:fc:90:68:7c:e6:0c:68:22:c0:7e:b9:
7c:39:49:24:8d:dd:90:a0:e7:ef:e8:a3:57:60:51:
9f:77:b2:ea:83:0e:76:1c:72:2a:86:cc:e2:3a:4a:
35:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:DA:4C:44:48:BF:0A:8B:A8:23:2A:BA:A5:0C:97:88:9F:EC:35:0C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS211585.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
20:cd:db:90:7a:6b:cc:53:b0:29:c5:5c:7f:12:75:3f:be:14:
b6:15:db:d4:ca:fb:78:87:01:c2:1a:8f:5d:40:d2:d1:1c:a3:
a1:0c:16:0b:6a:34:19:ff:2b:21:fd:f7:e8:07:2f:a7:25:e6:
ec:2b:12:99:af:7b:03:64:ba:39:79:bb:9c:f9:e1:0f:20:01:
de:4e:9d:e3:d3:a6:e0:51:5c:bb:4d:38:0a:b6:1d:0c:95:2e:
f4:71:9f:13:45:b0:e0:1f:dc:bb:06:31:19:1e:af:61:76:45:
ed:a6:66:36:f9:56:e5:5d:12:6d:f4:07:97:1e:f4:8c:d6:62:
8f:1d:68:31:92:2b:70:3a:0e:3d:11:3b:01:ed:12:b8:c2:02:
ec:97:b8:d8:7e:2e:ba:fe:84:37:81:90:a8:fc:7c:20:0d:e2:
b6:ca:ec:4a:46:8f:d1:27:55:28:f1:b4:61:5d:e7:c2:b7:d5:
9c:6e:8d:32:87:01:c2:4f:92:08:82:08:ed:96:96:51:e2:bc:
fe:5b:01:4f:58:ef:65:6b:90:fd:99:1b:58:9d:af:39:ca:c8:
dc:9e:0c:30:49:39:bf:0b:64:94:3e:c8:13:32:33:80:be:63:
cb:05:1b:64:12:6b:a6:dc:2c:1a:82:d9:32:7e:3c:53:dc:19:
b9:91:58:6a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUX2pf2Mx9/V4XhW6Xc0SCG72veKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yMzA3MTAyMzU1MTVaFw0yNDA3MDkwMDAwMTVaMDMxMTAvBgNV
BAMTKDQ4REE0QzQ0NDhCRjBBOEJBODIzMkFCQUE1MEM5Nzg4OUZFQzM1MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqtX5okxKzSVKKWaawUgPAeI0U
Vq81IDnNcriKP1Mp9Q2HJU//aGMbm/0EcoGUlA9oX1UBs61m+UfKWFnnPGAn6l9P
1K64Py09QXLd6ZlHZ1MYTFridE2wJtctv4wEoMQ5C1oE5egtDItDNhOBSHIvjcpT
fFQ92I2vu+JyK9Mb1yhkrSnVUxa2+nj4ir4KYfIlU/Np+Fkh3agBTS0AQA0lq3Pv
fmw+K6NoK+unMz0HA4IjC7JLfq3fMpKUFmZPSZbYo23ah5Y1BulY6ezRrc3y6g+o
6fD8kGh85gxoIsB+uXw5SSSN3ZCg5+/oo1dgUZ93suqDDnYcciqGzOI6SjXXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUSNpMREi/CouoIyq6pQyXiJ/sNQwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjExNTg1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2CE
MA0GCSqGSIb3DQEBCwUAA4IBAQAgzduQemvMU7ApxVx/EnU/vhS2FdvUyvt4hwHC
Go9dQNLRHKOhDBYLajQZ/ysh/ffoBy+nJebsKxKZr3sDZLo5ebuc+eEPIAHeTp3j
06bgUVy7TTgKth0MlS70cZ8TRbDgH9y7BjEZHq9hdkXtpmY2+VblXRJt9AeXHvSM
1mKPHWgxkitwOg49ETsB7RK4wgLsl7jYfi66/oQ3gZCo/HwgDeK2yuxKRo/RJ1Uo
8bRhXefCt9Wcbo0yhwHCT5IIggjtlpZR4rz+WwFPWO9la5D9mRtYna85ysjcngww
STm/C2SUPsgTMjOAvmPLBRtkEmum3CwagtkyfjxT3Bm5kVhq
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:12 2025 by rpki-client