Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215355.roa
File: AS215355.roa (raw, json)
Hash identifier: +Uth3MLCir2Si1+hWTxqagC5tbPNShuPvuIv392rrLk=
Subject key identifier: 91:5C:AA:78:D9:F3:E4:59:E0:F8:48:A9:74:41:00:4F:C1:FB:6D:39
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5FD9AC6EAACD35DDA7BDFD81E5C0F9834C962A2C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215355.roa
Signing time: Wed 12 Mar 2025 16:53:58 +0000
ROA not before: Wed 12 Mar 2025 16:48:58 +0000
ROA not after: Wed 11 Mar 2026 16:53:58 +0000
asID: 215355
IP address blocks: 181.215.6.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:d9:ac:6e:aa:cd:35:dd:a7:bd:fd:81:e5:c0:f9:83:4c:96:2a:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 12 16:48:58 2025 GMT
Not After : Mar 11 16:53:58 2026 GMT
Subject: CN=915CAA78D9F3E459E0F848A97441004FC1FB6D39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:9f:7b:ba:50:81:1e:2c:d3:5b:e7:00:f9:e8:
79:4e:d8:7c:48:8c:e2:b5:43:00:1f:52:21:98:71:
fe:61:6d:fb:53:a2:c9:97:05:df:6a:7a:a7:19:c9:
32:93:45:77:41:57:29:76:3f:65:d2:e4:e2:87:0c:
1b:d5:31:5a:18:e4:00:60:99:a7:af:72:44:71:74:
93:4e:f1:11:74:04:c2:8a:ef:43:77:90:bf:72:bd:
0e:06:53:45:58:53:2d:b2:a9:a7:05:c6:d7:30:08:
21:b4:21:eb:68:8d:a2:68:1d:c1:0d:4f:b2:1e:ca:
70:19:2c:15:e0:3a:67:3c:82:57:e3:26:89:f0:e5:
68:4e:c3:07:b8:01:36:c3:b2:2f:b4:09:b3:c1:84:
a6:48:29:f9:71:cf:9a:c8:bc:48:ee:74:fa:38:f6:
41:31:e9:cf:8f:17:86:38:a2:f4:6d:d7:95:74:89:
22:1b:49:fb:d8:30:66:44:06:8c:a1:95:ec:26:5b:
9b:46:06:65:2f:10:55:99:12:96:d9:ba:1b:59:bb:
cc:86:d1:17:dc:2e:76:c2:02:48:b1:10:8e:f6:66:
8a:98:12:9d:d2:ff:13:75:66:96:ff:f9:26:5d:9c:
08:28:3e:ed:f2:2c:cf:75:ee:b1:24:d7:28:4e:68:
4e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5C:AA:78:D9:F3:E4:59:E0:F8:48:A9:74:41:00:4F:C1:FB:6D:39
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS215355.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.6.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:16:94:4c:69:b8:fc:88:2a:52:95:94:fa:aa:c8:a2:c7:4c:
96:26:a2:14:6d:79:cd:74:60:bc:db:02:a3:a4:99:e7:8d:98:
01:3a:b3:ae:cb:eb:b4:de:8d:3b:51:e1:23:3c:82:ca:82:17:
2b:3c:2f:03:5d:6b:a6:8a:2e:8b:c2:39:39:91:56:ba:f2:8b:
f8:82:b5:9e:a9:f1:f8:43:f2:34:87:fa:89:71:eb:aa:eb:f6:
5f:07:91:87:b9:44:a6:2d:a0:06:4c:ea:20:dd:8a:6b:dd:c6:
f3:41:dd:88:d2:1d:f3:cb:5c:aa:0e:75:8c:03:48:4e:32:e0:
85:9c:bc:64:4b:e8:89:75:21:fd:5b:ba:a6:58:d0:84:54:50:
70:2d:06:92:d4:42:36:a9:20:67:5b:7f:61:95:c5:1b:19:20:
01:e5:b5:f9:5c:8f:62:a8:8a:51:e7:ca:01:b8:17:57:22:9b:
9c:0d:07:49:f9:24:2c:f6:ce:29:5e:2b:6e:f4:7a:d0:99:b2:
7f:82:b6:14:e8:a3:5f:81:32:12:a0:6c:23:ad:7f:f7:42:45:
5b:c0:87:e1:13:9c:71:85:bb:8f:65:41:24:ff:f1:e7:a2:49:
3a:30:6b:5b:62:ab:75:05:ad:35:a6:2b:f9:76:4e:a9:e1:21:
f2:34:b0:cf
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUX9msbqrNNd2nvf2B5cD5g0yWKiwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMTIxNjQ4NThaFw0yNjAzMTExNjUzNThaMDMxMTAvBgNV
BAMTKDkxNUNBQTc4RDlGM0U0NTlFMEY4NDhBOTc0NDEwMDRGQzFGQjZEMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZn3u6UIEeLNNb5wD56HlO2HxI
jOK1QwAfUiGYcf5hbftTosmXBd9qeqcZyTKTRXdBVyl2P2XS5OKHDBvVMVoY5ABg
maevckRxdJNO8RF0BMKK70N3kL9yvQ4GU0VYUy2yqacFxtcwCCG0IetojaJoHcEN
T7IeynAZLBXgOmc8glfjJonw5WhOwwe4ATbDsi+0CbPBhKZIKflxz5rIvEjudPo4
9kEx6c+PF4Y4ovRt15V0iSIbSfvYMGZEBoyhlewmW5tGBmUvEFWZEpbZuhtZu8yG
0RfcLnbCAkixEI72ZoqYEp3S/xN1Zpb/+SZdnAgoPu3yLM917rEk1yhOaE5tAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUkVyqeNnz5Fng+EipdEEAT8H7bTkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjE1MzU1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdcG
MA0GCSqGSIb3DQEBCwUAA4IBAQBLFpRMabj8iCpSlZT6qsiix0yWJqIUbXnNdGC8
2wKjpJnnjZgBOrOuy+u03o07UeEjPILKghcrPC8DXWumii6Lwjk5kVa68ov4grWe
qfH4Q/I0h/qJceuq6/ZfB5GHuUSmLaAGTOog3Ypr3cbzQd2I0h3zy1yqDnWMA0hO
MuCFnLxkS+iJdSH9W7qmWNCEVFBwLQaS1EI2qSBnW39hlcUbGSAB5bX5XI9iqIpR
58oBuBdXIpucDQdJ+SQs9s4pXitu9HrQmbJ/grYU6KNfgTISoGwjrX/3QkVbwIfh
E5xxhbuPZUEk//Hnokk6MGtbYqt1Ba01piv5dk6p4SHyNLDP
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:28 2025 by rpki-client