Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
File: AS32098.roa (raw, json)
Hash identifier: nQGE5x+iwXqWZCRfi6MUfmu70I+cImDQVwZsbpoNII0=
Subject key identifier: E6:70:C0:70:36:DF:21:DF:EE:88:B0:58:DF:FC:64:CC:4D:D6:79:30
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 6E2AEF1D4FC5D21DD0EEBA83BA4204F8E4005FEC
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
Signing time: Mon 03 Mar 2025 15:48:38 +0000
ROA not before: Mon 03 Mar 2025 15:43:38 +0000
ROA not after: Mon 02 Mar 2026 15:48:38 +0000
asID: 32098
IP address blocks: 191.96.145.0/24 maxlen: 24
191.96.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:2a:ef:1d:4f:c5:d2:1d:d0:ee:ba:83:ba:42:04:f8:e4:00:5f:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 3 15:43:38 2025 GMT
Not After : Mar 2 15:48:38 2026 GMT
Subject: CN=E670C07036DF21DFEE88B058DFFC64CC4DD67930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:88:8e:19:25:df:fb:9a:33:02:a5:eb:f6:04:
35:c1:54:90:38:bf:d9:1c:ed:80:1f:aa:61:02:20:
52:19:10:09:53:37:e4:a8:57:c3:09:d7:0c:e6:81:
43:40:17:e0:12:6f:74:b6:70:ff:77:9c:bb:e6:8f:
96:e8:2e:77:a9:a1:0d:5e:c5:2c:d9:cc:f8:91:70:
e7:01:00:57:a2:5d:ca:55:1d:a7:33:93:55:b8:12:
eb:b4:8f:19:97:1a:4e:93:45:5b:3d:ab:0c:d8:73:
01:76:8e:b5:18:87:1a:01:e3:1a:90:ca:c5:6e:7c:
a6:fc:58:9d:9a:c4:89:3f:01:bd:03:da:81:e7:95:
5d:27:b9:a6:fb:5e:55:36:9f:53:c0:f2:13:c0:e7:
a0:e3:0e:68:e7:3f:bd:27:53:ae:11:47:1d:a8:39:
d9:0c:8c:13:b1:21:7c:93:ff:f6:0f:07:ad:38:5c:
2f:41:99:8f:69:cc:3b:da:01:32:b1:1a:52:88:3a:
5a:06:a9:a4:5e:a7:7e:1c:ad:1f:1f:31:d7:8b:bb:
9d:fe:a7:71:21:50:1e:44:c2:6b:01:4a:c9:20:0f:
8b:53:08:00:5a:db:54:8d:7e:52:5d:35:96:f7:f8:
83:de:8c:bb:f2:72:fd:98:6c:34:e8:20:7c:36:fc:
d1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:70:C0:70:36:DF:21:DF:EE:88:B0:58:DF:FC:64:CC:4D:D6:79:30
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS32098.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.145.0/24
191.96.190.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:5f:26:ac:0e:60:eb:ee:eb:f7:2e:3e:40:ce:87:56:cf:af:
0c:58:b4:f9:f3:4c:7c:e2:1c:82:58:92:79:a1:64:54:88:61:
12:92:d4:89:e6:6a:ea:ce:b8:de:9e:11:8a:76:92:7a:62:d3:
90:eb:4f:b4:4f:3c:58:ce:9e:92:18:75:2d:a7:77:87:9d:3a:
e8:1f:d8:18:ad:21:4c:90:a6:6d:da:d3:8d:50:0a:a7:45:c6:
15:ec:3a:74:9b:19:d0:41:bc:af:fb:48:e2:c5:13:f5:ce:62:
47:49:b3:18:69:d6:26:ed:8f:e1:69:61:4b:c6:ea:50:a8:ac:
95:19:45:be:0e:e5:5e:e0:1c:2b:8a:56:db:a4:7f:20:a1:a1:
2c:f4:85:a6:92:6b:66:dd:9c:1a:9a:98:7a:2d:b7:de:89:2a:
aa:aa:55:4a:71:46:1b:db:f1:ed:f2:7f:31:75:b5:84:2f:7e:
0f:01:8b:28:94:a2:8e:8a:c6:a1:9c:b5:59:5e:d2:0b:02:26:
c4:1b:96:c2:e3:b9:c3:3f:71:07:60:bf:9f:3d:f9:e0:88:ca:
22:76:76:35:e1:1f:94:40:b3:11:3a:cd:bf:81:4b:1c:81:c1:
57:ad:d7:64:80:f8:0a:3e:a5:b1:74:fa:30:6a:b3:11:ba:ae:
fc:f9:3d:92
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUbirvHU/F0h3Q7rqDukIE+OQAX+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMDMxNTQzMzhaFw0yNjAzMDIxNTQ4MzhaMDMxMTAvBgNV
BAMTKEU2NzBDMDcwMzZERjIxREZFRTg4QjA1OERGRkM2NENDNERENjc5MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmiI4ZJd/7mjMCpev2BDXBVJA4
v9kc7YAfqmECIFIZEAlTN+SoV8MJ1wzmgUNAF+ASb3S2cP93nLvmj5boLnepoQ1e
xSzZzPiRcOcBAFeiXcpVHaczk1W4Euu0jxmXGk6TRVs9qwzYcwF2jrUYhxoB4xqQ
ysVufKb8WJ2axIk/Ab0D2oHnlV0nuab7XlU2n1PA8hPA56DjDmjnP70nU64RRx2o
OdkMjBOxIXyT//YPB604XC9BmY9pzDvaATKxGlKIOloGqaRep34crR8fMdeLu53+
p3EhUB5EwmsBSskgD4tTCABa21SNflJdNZb3+IPejLvycv2YbDToIHw2/NFdAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQU5nDAcDbfId/uiLBY3/xkzE3WeTAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzIwOTgucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAC/YJED
BAC/YL4wDQYJKoZIhvcNAQELBQADggEBAAxfJqwOYOvu6/cuPkDOh1bPrwxYtPnz
THziHIJYknmhZFSIYRKS1InmaurOuN6eEYp2knpi05DrT7RPPFjOnpIYdS2nd4ed
Ougf2BitIUyQpm3a041QCqdFxhXsOnSbGdBBvK/7SOLFE/XOYkdJsxhp1ibtj+Fp
YUvG6lCorJUZRb4O5V7gHCuKVtukfyChoSz0haaSa2bdnBqamHott96JKqqqVUpx
Rhvb8e3yfzF1tYQvfg8BiyiUoo6KxqGctVle0gsCJsQblsLjucM/cQdgv589+eCI
yiJ2djXhH5RAsxE6zb+BSxyBwVet12SA+Ao+pbF0+jBqsxG6rvz5PZI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:04 2025 by rpki-client