Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS28753.roa
File: AS28753.roa (raw, json)
Hash identifier: CWLklyLwFT3LCaaPP6xtAGuZvmnZX8onT8b5GLcv/rk=
Subject key identifier: 71:A9:67:7D:08:73:F7:9F:16:25:85:8D:F4:D7:A6:5B:2B:85:9C:14
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0FE9647FD27A03121E9507A00CB6FF7233D93FE0
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS28753.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 28753
IP address blocks: 45.137.119.0/24 maxlen: 24
92.118.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:e9:64:7f:d2:7a:03:12:1e:95:07:a0:0c:b6:ff:72:33:d9:3f:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=71A9677D0873F79F1625858DF4D7A65B2B859C14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:dd:74:fe:4a:55:15:b7:c3:ab:cc:78:0b:d2:
44:03:51:80:1e:ef:b6:70:39:89:b8:ad:ba:36:6d:
b2:da:65:64:58:e7:70:8c:a6:87:fc:a4:60:4d:f5:
99:9c:f0:7f:1e:5b:a8:cd:5f:25:9a:f9:4a:05:45:
16:25:14:f7:9b:c1:61:42:02:61:34:93:27:19:a0:
79:81:61:f4:61:70:a9:10:0b:cc:a5:ac:30:f4:b1:
fd:1f:fa:86:78:c7:7a:da:fd:bd:a2:80:71:20:93:
81:9f:7d:8f:67:b5:c5:94:5b:90:86:3a:c8:97:bb:
0c:0d:64:8f:94:f2:6d:c6:11:16:d3:10:cb:c7:0c:
a7:e0:4a:f2:9b:b5:51:5c:05:83:22:f3:db:7f:1a:
b2:3b:3b:19:4c:99:ea:5f:30:23:42:c3:4e:fa:ad:
31:dd:0e:f6:2a:88:d4:d5:a2:52:c5:99:01:6b:8b:
bd:ee:30:89:01:e4:e7:97:f9:e5:1e:18:7d:32:0f:
33:89:56:a5:f5:59:f0:e0:06:39:50:f0:0f:51:02:
ac:2d:fc:dd:25:9f:25:4c:28:c8:d5:90:f4:df:87:
91:67:16:43:ec:6d:2e:1b:d2:ed:5e:9a:82:b1:e4:
42:df:a9:a7:28:2f:7c:7b:2d:89:f9:a6:bf:9f:11:
f8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A9:67:7D:08:73:F7:9F:16:25:85:8D:F4:D7:A6:5B:2B:85:9C:14
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS28753.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.119.0/24
92.118.163.0/24
Signature Algorithm: sha256WithRSAEncryption
60:fa:c6:14:37:56:64:ab:32:11:34:8d:f4:b0:44:ea:3d:d0:
f0:44:2d:3b:ce:86:e3:16:74:13:1d:d2:3d:39:69:40:86:89:
6b:f2:b0:c4:2f:5c:9a:9e:8c:e8:b3:5b:30:26:69:d2:2b:91:
0a:40:c6:58:a5:49:70:98:87:39:b9:07:88:1e:d1:3b:f4:ce:
5f:73:2d:08:65:84:dc:f4:83:bc:cb:da:6e:26:b7:94:d4:c2:
2b:0d:7b:a5:8f:36:9a:be:b5:a8:4b:0f:dd:d4:93:0c:d0:16:
76:1d:06:e9:5c:93:82:99:c4:03:88:66:e7:69:f4:60:03:0c:
9a:d4:4f:08:81:f5:2c:79:73:4b:68:cd:cb:12:af:ab:ea:7f:
1d:d2:de:c1:ff:87:87:f3:71:93:27:82:01:67:fa:a2:30:b7:
43:61:4f:6c:4a:15:9e:12:a0:8c:79:fb:ad:4c:39:0c:90:b8:
99:c0:8a:f0:f5:b0:61:b6:b3:06:eb:79:d5:f0:84:6b:6e:84:
c2:90:22:68:dc:9d:a4:8a:26:58:62:42:0b:d5:31:06:d8:ae:
a7:02:ef:aa:b2:73:5f:d4:1a:f1:aa:97:89:bc:84:22:f0:05:
61:58:34:fc:5c:2e:df:3e:7d:c9:4b:df:a5:10:13:82:b3:37:
08:ce:f1:2f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUD+lkf9J6AxIelQegDLb/cjPZP+AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDcxQTk2NzdEMDg3M0Y3OUYxNjI1ODU4REY0RDdBNjVCMkI4NTlDMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO3XT+SlUVt8OrzHgL0kQDUYAe
77ZwOYm4rbo2bbLaZWRY53CMpof8pGBN9Zmc8H8eW6jNXyWa+UoFRRYlFPebwWFC
AmE0kycZoHmBYfRhcKkQC8ylrDD0sf0f+oZ4x3ra/b2igHEgk4GffY9ntcWUW5CG
OsiXuwwNZI+U8m3GERbTEMvHDKfgSvKbtVFcBYMi89t/GrI7OxlMmepfMCNCw076
rTHdDvYqiNTVolLFmQFri73uMIkB5OeX+eUeGH0yDzOJVqX1WfDgBjlQ8A9RAqwt
/N0lnyVMKMjVkPTfh5FnFkPsbS4b0u1emoKx5ELfqacoL3x7LYn5pr+fEfjFAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUcalnfQhz958WJYWN9NemWyuFnBQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjg3NTMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAAtiXcD
BABcdqMwDQYJKoZIhvcNAQELBQADggEBAGD6xhQ3VmSrMhE0jfSwROo90PBELTvO
huMWdBMd0j05aUCGiWvysMQvXJqejOizWzAmadIrkQpAxlilSXCYhzm5B4ge0Tv0
zl9zLQhlhNz0g7zL2m4mt5TUwisNe6WPNpq+tahLD93UkwzQFnYdBulck4KZxAOI
Zudp9GADDJrUTwiB9Sx5c0tozcsSr6vqfx3S3sH/h4fzcZMnggFn+qIwt0NhT2xK
FZ4SoIx5+61MOQyQuJnAivD1sGG2swbredXwhGtuhMKQImjcnaSKJlhiQgvVMQbY
rqcC76qyc1/UGvGql4m8hCLwBWFYNPxcLt8+fclL36UQE4KzNwjO8S8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:29:15 2025 by rpki-client