Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
File: AS24875.roa (raw, json)
Hash identifier: kId9anHTYXYOb5+xWZHovXlwZ6zMbIIYeWUCG6L9Ag4=
Subject key identifier: 79:4D:B7:5F:66:8F:F0:14:FD:B7:8D:40:F4:32:A4:DE:34:08:21:18
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6A2C4472B4EFBDB3F802771FE5167191C14049E2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
Signing time: Tue 18 Feb 2025 15:19:32 +0000
ROA not before: Tue 18 Feb 2025 15:14:32 +0000
ROA not after: Tue 17 Feb 2026 15:19:32 +0000
asID: 24875
IP address blocks: 191.96.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:2c:44:72:b4:ef:bd:b3:f8:02:77:1f:e5:16:71:91:c1:40:49:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 18 15:14:32 2025 GMT
Not After : Feb 17 15:19:32 2026 GMT
Subject: CN=794DB75F668FF014FDB78D40F432A4DE34082118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d2:fa:1b:95:37:85:67:37:01:86:09:3e:35:
8d:78:3a:0a:86:57:4d:e7:46:af:d2:c7:2e:ad:11:
af:5c:74:4b:1b:85:46:38:36:6f:c6:f8:8d:cf:db:
ee:f5:af:e5:78:1e:98:55:99:e0:c0:c8:0f:2c:01:
79:16:18:bb:86:55:f5:24:51:5d:00:1c:19:af:a7:
41:6a:61:fa:04:25:f8:fc:73:3e:18:5e:10:cf:5b:
66:b1:28:5f:39:0c:82:f7:1f:46:3e:63:7b:ae:5c:
77:f1:29:41:16:4f:5a:a4:6e:17:a1:e9:b8:4b:80:
be:ab:57:28:cb:52:76:0e:57:45:9f:c3:6e:4f:0c:
e3:ac:12:d9:44:e7:55:c7:20:9a:4d:db:f8:85:80:
8a:ed:d3:a8:fe:9d:00:dd:ac:8a:24:e3:45:6d:fd:
c0:b8:f8:db:dd:a4:36:a1:52:0c:36:5e:ff:08:d7:
67:a0:32:55:97:f7:60:45:5c:b3:f9:55:95:b2:c3:
9f:02:5a:54:bb:7d:ab:51:78:45:6f:ff:d3:c5:49:
4a:8a:53:5e:a0:47:4d:0b:04:29:34:b3:e5:e7:83:
83:dc:af:e3:f1:cd:31:db:70:08:b9:80:8c:bc:f3:
cb:01:57:8a:df:84:aa:91:5a:ca:04:8a:a3:09:3f:
d9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4D:B7:5F:66:8F:F0:14:FD:B7:8D:40:F4:32:A4:DE:34:08:21:18
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS24875.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.136.0/24
Signature Algorithm: sha256WithRSAEncryption
44:a1:a1:26:f4:72:f0:da:0a:02:91:59:25:54:d6:18:d5:0c:
37:fd:c2:c9:20:38:22:57:4a:67:cd:1c:65:c9:33:dd:3b:66:
35:75:63:f9:4b:57:c0:7f:5c:64:ae:ce:47:f8:6b:53:ce:34:
7c:42:c3:66:89:dd:20:89:95:dc:07:72:d7:b6:1f:bb:b1:3c:
3a:ff:18:23:7e:4f:82:04:48:df:fd:7b:24:75:66:bf:a7:4b:
fd:65:f7:eb:bb:45:7d:21:c2:82:20:a4:ed:27:8a:3c:0c:9f:
a2:80:ca:63:e8:b3:98:68:1a:0e:88:8e:b6:ad:11:62:28:80:
0f:a7:88:97:da:88:80:f0:fd:5f:6f:b8:be:27:9f:85:bb:d7:
91:8b:fb:41:ea:b4:26:a2:f2:e5:bc:d9:97:22:95:ab:55:14:
a3:32:56:1d:06:b8:96:13:e2:fc:df:da:4b:49:2a:78:c9:30:
5f:fb:fe:24:9a:92:20:1f:f0:57:83:eb:d6:fc:02:d1:52:0b:
fc:99:ff:e0:04:1d:3f:57:c0:b9:25:7c:68:c8:31:49:83:81:
4f:26:49:18:84:85:bf:ca:bf:6f:ce:c2:f3:f6:19:10:a2:43:
48:a6:af:f2:f8:21:d8:cc:d8:15:26:88:a5:d5:78:b8:cf:4f:
70:93:33:04
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUaixEcrTvvbP4Ancf5RZxkcFASeIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMTgxNTE0MzJaFw0yNjAyMTcxNTE5MzJaMDMxMTAvBgNV
BAMTKDc5NERCNzVGNjY4RkYwMTRGREI3OEQ0MEY0MzJBNERFMzQwODIxMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC20voblTeFZzcBhgk+NY14OgqG
V03nRq/Sxy6tEa9cdEsbhUY4Nm/G+I3P2+71r+V4HphVmeDAyA8sAXkWGLuGVfUk
UV0AHBmvp0FqYfoEJfj8cz4YXhDPW2axKF85DIL3H0Y+Y3uuXHfxKUEWT1qkbheh
6bhLgL6rVyjLUnYOV0Wfw25PDOOsEtlE51XHIJpN2/iFgIrt06j+nQDdrIok40Vt
/cC4+NvdpDahUgw2Xv8I12egMlWX92BFXLP5VZWyw58CWlS7fatReEVv/9PFSUqK
U16gR00LBCk0s+Xng4Pcr+PxzTHbcAi5gIy888sBV4rfhKqRWsoEiqMJP9m5AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUeU23X2aP8BT9t41A9DKk3jQIIRgwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjQ4NzUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC/YIgw
DQYJKoZIhvcNAQELBQADggEBAEShoSb0cvDaCgKRWSVU1hjVDDf9wskgOCJXSmfN
HGXJM907ZjV1Y/lLV8B/XGSuzkf4a1PONHxCw2aJ3SCJldwHcte2H7uxPDr/GCN+
T4IESN/9eyR1Zr+nS/1l9+u7RX0hwoIgpO0nijwMn6KAymPos5hoGg6IjratEWIo
gA+niJfaiIDw/V9vuL4nn4W715GL+0HqtCai8uW82ZcilatVFKMyVh0GuJYT4vzf
2ktJKnjJMF/7/iSakiAf8FeD69b8AtFSC/yZ/+AEHT9XwLklfGjIMUmDgU8mSRiE
hb/Kv2/OwvP2GRCiQ0imr/L4IdjM2BUmiKXVeLjPT3CTMwQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:29:57 2025 by rpki-client