Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
File: AS270014.roa (raw, json)
Hash identifier: IiW5PWN8HNzKFRXBWyR2AE/nqbtAvcHSmOjmW68cQ8c=
Subject key identifier: 04:1A:BF:9E:18:21:92:B1:3E:62:CE:B6:FE:CA:FF:E6:CF:98:B9:D6
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7C03AB8CD4550AAE2EFF994D73D748C306C8391F
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
Signing time: Sat 18 Jan 2025 12:00:05 +0000
ROA not before: Sat 18 Jan 2025 11:55:05 +0000
ROA not after: Sat 17 Jan 2026 12:00:05 +0000
asID: 270014
IP address blocks: 191.96.184.0/24 maxlen: 24
191.101.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:03:ab:8c:d4:55:0a:ae:2e:ff:99:4d:73:d7:48:c3:06:c8:39:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 18 11:55:05 2025 GMT
Not After : Jan 17 12:00:05 2026 GMT
Subject: CN=041ABF9E182192B13E62CEB6FECAFFE6CF98B9D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0b:ff:80:5b:d3:3d:3c:e3:e4:78:09:fe:5b:
6d:6b:1c:39:25:7c:99:41:9e:bd:83:b3:9c:23:15:
3e:34:04:ae:21:25:75:f1:34:61:f0:8c:ee:f9:e3:
16:ef:9f:c3:f6:e2:8d:52:cd:f3:41:f5:65:1b:a4:
63:73:9e:db:ba:d0:ab:d8:fe:a7:46:85:94:37:15:
a4:ab:93:67:52:7f:25:da:c2:7f:56:a5:c4:2c:aa:
bf:44:3a:92:10:7e:35:31:7b:c7:43:18:4a:ea:a4:
f6:e9:b3:5f:71:d0:2e:38:72:10:7c:4d:07:f9:16:
51:32:fc:64:fa:86:70:bc:93:80:d9:30:3a:96:87:
31:62:0c:3d:b3:e5:eb:0a:b0:d0:87:28:10:f5:dd:
54:da:a9:a1:64:12:9f:d9:c9:a4:33:00:ed:04:a6:
8f:a7:99:f1:3f:78:77:53:ce:93:f4:46:14:3f:6a:
65:60:30:ad:c7:5d:a4:fe:f5:19:ec:fc:ba:e8:74:
3c:88:dc:0a:d9:c9:81:50:40:0f:ce:7c:aa:ae:3c:
7c:56:c7:dd:15:c1:da:df:94:18:a2:f6:f7:97:0d:
d8:cd:a0:38:21:79:26:6c:dd:8d:47:d9:57:42:45:
49:0a:3f:f2:b3:e0:9e:01:71:28:be:04:4a:24:f6:
df:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1A:BF:9E:18:21:92:B1:3E:62:CE:B6:FE:CA:FF:E6:CF:98:B9:D6
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270014.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.184.0/24
191.101.193.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fd:8d:02:91:43:21:65:24:d7:55:9e:d6:e3:6f:e0:49:5d:
7f:7b:db:29:f2:8e:1c:2a:5a:37:86:6c:e9:c5:29:76:12:ce:
77:3a:98:5c:af:f3:0d:b8:22:e6:3a:84:5b:b5:a9:be:47:74:
f3:6b:ed:ea:99:0f:41:b7:07:16:5c:e0:90:b6:6f:6a:76:a1:
ed:c9:34:76:b4:c2:1d:4c:60:71:92:27:02:a6:f0:29:97:64:
04:e9:54:fe:f0:10:7d:f4:73:72:e7:72:6e:40:4d:2f:22:22:
c6:95:29:a6:ba:21:6a:61:64:f3:f9:06:47:97:33:c3:b9:3a:
73:a1:17:37:62:d8:c4:b6:b1:49:c1:3b:a0:57:2f:6d:9e:20:
7f:ce:64:93:65:10:39:6f:73:ae:a5:25:01:6a:8d:72:a6:4b:
4c:c8:78:7d:19:f5:5b:3f:59:68:c5:ab:60:42:83:67:56:bb:
f4:5b:52:5d:d6:d4:82:8f:d3:f7:1f:4f:c8:01:d9:09:e0:2f:
c4:9e:49:61:57:c7:65:7c:0a:28:7e:b6:e4:65:79:2e:71:6f:
ca:f4:68:c3:ba:cd:5f:d5:7f:a1:3e:4a:9f:88:1e:3e:29:c7:
f9:45:6a:00:78:26:51:c6:9c:71:51:22:42:2f:fd:8a:dc:50:
ab:d2:42:c3
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUfAOrjNRVCq4u/5lNc9dIwwbIOR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMTgxMTU1MDVaFw0yNjAxMTcxMjAwMDVaMDMxMTAvBgNV
BAMTKDA0MUFCRjlFMTgyMTkyQjEzRTYyQ0VCNkZFQ0FGRkU2Q0Y5OEI5RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDC/+AW9M9POPkeAn+W21rHDkl
fJlBnr2Ds5wjFT40BK4hJXXxNGHwjO754xbvn8P24o1SzfNB9WUbpGNzntu60KvY
/qdGhZQ3FaSrk2dSfyXawn9WpcQsqr9EOpIQfjUxe8dDGErqpPbps19x0C44chB8
TQf5FlEy/GT6hnC8k4DZMDqWhzFiDD2z5esKsNCHKBD13VTaqaFkEp/ZyaQzAO0E
po+nmfE/eHdTzpP0RhQ/amVgMK3HXaT+9Rns/LrodDyI3ArZyYFQQA/OfKquPHxW
x90VwdrflBii9veXDdjNoDgheSZs3Y1H2VdCRUkKP/Kz4J4BcSi+BEok9t9VAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUBBq/nhghkrE+Ys62/sr/5s+YudYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwMDE0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAv2C4
AwQAv2XBMA0GCSqGSIb3DQEBCwUAA4IBAQAK/Y0CkUMhZSTXVZ7W42/gSV1/e9sp
8o4cKlo3hmzpxSl2Es53Ophcr/MNuCLmOoRbtam+R3Tza+3qmQ9BtwcWXOCQtm9q
dqHtyTR2tMIdTGBxkicCpvApl2QE6VT+8BB99HNy53JuQE0vIiLGlSmmuiFqYWTz
+QZHlzPDuTpzoRc3YtjEtrFJwTugVy9tniB/zmSTZRA5b3OupSUBao1ypktMyHh9
GfVbP1loxatgQoNnVrv0W1Jd1tSCj9P3H0/IAdkJ4C/EnklhV8dlfAoofrbkZXku
cW/K9GjDus1f1X+hPkqfiB4+Kcf5RWoAeCZRxpxxUSJCL/2K3FCr0kLD
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:53 2025 by rpki-client