Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: nuHgSIN5KHBQxjweJzPi53qXFJJ1CrgqAH3Ubdq+RQ0=
Subject key identifier: D3:5F:28:40:69:71:4E:2B:12:6D:B7:56:03:3A:EC:B8:C1:47:06:D9
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 55FA963BF0041FCDAF2072849AB0B9043E24F349
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
Signing time: Sun 15 Sep 2024 00:05:20 +0000
ROA not before: Sun 15 Sep 2024 00:00:20 +0000
ROA not after: Sun 14 Sep 2025 00:05:20 +0000
asID: 3257
IP address blocks: 5.252.77.0/24 maxlen: 24
5.253.202.0/24 maxlen: 24
45.93.45.0/24 maxlen: 24
45.93.47.0/24 maxlen: 24
45.95.13.0/24 maxlen: 24
45.95.23.0/24 maxlen: 24
45.137.30.0/24 maxlen: 24
149.62.42.0/24 maxlen: 24
149.62.43.0/24 maxlen: 24
179.61.163.0/24 maxlen: 24
179.61.180.0/24 maxlen: 24
181.214.6.0/24 maxlen: 24
181.214.8.0/24 maxlen: 24
181.214.37.0/24 maxlen: 24
181.214.186.0/24 maxlen: 24
181.214.206.0/24 maxlen: 24
191.96.48.0/24 maxlen: 24
191.101.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:fa:96:3b:f0:04:1f:cd:af:20:72:84:9a:b0:b9:04:3e:24:f3:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Sep 15 00:00:20 2024 GMT
Not After : Sep 14 00:05:20 2025 GMT
Subject: CN=D35F284069714E2B126DB756033AECB8C14706D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e1:ee:ad:d0:9c:8c:9e:e8:b2:21:b3:1e:b9:
81:ce:8a:32:17:95:b9:51:1d:39:5a:6a:0b:20:43:
89:a3:a0:b7:a8:0c:2b:94:38:12:fb:12:49:ed:94:
fb:7d:3b:28:26:e8:c1:cd:61:3a:cb:40:16:98:ef:
2d:9a:1a:19:83:7c:cd:62:a8:0d:3e:f3:3c:88:07:
aa:a8:ac:7e:5c:8d:45:11:df:28:4c:ff:ae:05:72:
c5:61:05:fe:55:62:39:1f:4d:a0:ce:95:e9:6f:1d:
de:b2:2a:1d:be:8f:e8:bf:1a:9b:0c:06:02:39:7a:
88:be:77:8f:84:77:44:32:cf:16:35:c9:d7:7b:1d:
1e:28:09:d2:cc:e5:ac:c7:06:84:0f:3d:b4:cf:54:
f6:20:75:9b:6a:d9:69:4d:87:b8:28:c5:fb:3d:36:
cf:d5:9e:ca:3b:03:2d:49:ef:89:b5:c1:43:28:2d:
0d:0e:76:b1:d7:db:b6:da:12:b5:c7:b2:94:3d:34:
31:1c:f6:25:95:ce:9e:21:d5:fb:68:4c:6d:00:f2:
56:8a:98:00:1a:39:b4:00:9e:5b:18:43:1c:57:84:
52:b3:7f:30:eb:08:0b:b7:c6:06:fa:c6:b9:25:c2:
0d:94:b0:c1:36:f5:19:d2:4d:40:b4:97:dd:a7:08:
ae:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5F:28:40:69:71:4E:2B:12:6D:B7:56:03:3A:EC:B8:C1:47:06:D9
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.77.0/24
5.253.202.0/24
45.93.45.0/24
45.93.47.0/24
45.95.13.0/24
45.95.23.0/24
45.137.30.0/24
149.62.42.0/23
179.61.163.0/24
179.61.180.0/24
181.214.6.0/24
181.214.8.0/24
181.214.37.0/24
181.214.186.0/24
181.214.206.0/24
191.96.48.0/24
191.101.209.0/24
Signature Algorithm: sha256WithRSAEncryption
37:11:1a:34:a0:56:0c:d4:53:f7:37:18:4f:95:c4:46:a2:0b:
ac:5a:ce:b8:69:16:77:49:8e:3f:75:09:60:be:06:92:3c:00:
01:b0:14:cc:dc:74:0b:f5:d8:d0:c7:51:5e:b9:cc:b8:1f:ca:
6b:25:43:f0:cc:21:f9:ad:f1:c3:0f:48:a1:25:d2:72:7a:18:
35:3e:09:c7:eb:61:4a:ae:b9:6e:5e:4d:f0:45:25:27:b5:20:
42:22:e1:9b:49:1c:b5:2c:55:38:19:5f:c7:77:4b:3b:61:67:
36:f1:87:aa:fe:69:28:54:ca:a6:63:72:2c:67:15:5d:24:29:
94:87:fe:e3:d9:d7:fd:a4:92:be:3e:a4:e1:ee:78:d7:fc:de:
b1:3a:9a:8c:44:f4:2d:51:39:e3:e1:2c:2b:9c:e2:58:ec:9b:
bf:9c:f3:8d:c2:4e:ed:d9:23:09:b3:bf:0e:13:5c:bd:07:2c:
77:e1:b9:50:34:fc:cd:7f:f5:13:db:2a:6d:74:d6:67:c2:5a:
17:16:13:0f:a2:78:09:b4:2f:de:34:38:06:90:2f:1e:d3:79:
f6:a4:47:ed:9e:26:19:0d:c1:40:3c:b8:47:60:13:5c:1c:15:
34:f6:cc:d5:63:f6:79:64:43:a1:ac:8d:ca:eb:74:06:a4:91:
e3:3b:b8:be
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUVfqWO/AEH82vIHKEmrC5BD4k80kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA5MTUwMDAwMjBaFw0yNTA5MTQwMDA1MjBaMDMxMTAvBgNV
BAMTKEQzNUYyODQwNjk3MTRFMkIxMjZEQjc1NjAzM0FFQ0I4QzE0NzA2RDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx4e6t0JyMnuiyIbMeuYHOijIX
lblRHTlaagsgQ4mjoLeoDCuUOBL7EkntlPt9Oygm6MHNYTrLQBaY7y2aGhmDfM1i
qA0+8zyIB6qorH5cjUUR3yhM/64FcsVhBf5VYjkfTaDOlelvHd6yKh2+j+i/GpsM
BgI5eoi+d4+Ed0QyzxY1ydd7HR4oCdLM5azHBoQPPbTPVPYgdZtq2WlNh7goxfs9
Ns/Vnso7Ay1J74m1wUMoLQ0OdrHX27baErXHspQ9NDEc9iWVzp4h1ftoTG0A8laK
mAAaObQAnlsYQxxXhFKzfzDrCAu3xgb6xrklwg2UsME29RnSTUC0l92nCK5RAgMB
AAGjggJoMIICZDAdBgNVHQ4EFgQU018oQGlxTisSbbdWAzrsuMFHBtkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzI1Ny5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB/BggrBgEFBQcBBwEB/wRwMG4wbAQCAAEwZgMEAAX8TQME
AAX9ygMEAC1dLQMEAC1dLwMEAC1fDQMEAC1fFwMEAC2JHgMEAZU+KgMEALM9owME
ALM9tAMEALXWBgMEALXWCAMEALXWJQMEALXWugMEALXWzgMEAL9gMAMEAL9l0TAN
BgkqhkiG9w0BAQsFAAOCAQEANxEaNKBWDNRT9zcYT5XERqILrFrOuGkWd0mOP3UJ
YL4GkjwAAbAUzNx0C/XY0MdRXrnMuB/KayVD8Mwh+a3xww9IoSXScnoYNT4Jx+th
Sq65bl5N8EUlJ7UgQiLhm0kctSxVOBlfx3dLO2FnNvGHqv5pKFTKpmNyLGcVXSQp
lIf+49nX/aSSvj6k4e541/zesTqajET0LVE54+EsK5ziWOybv5zzjcJO7dkjCbO/
DhNcvQcsd+G5UDT8zX/1E9sqbXTWZ8JaFxYTD6J4CbQv3jQ4BpAvHtN59qRH7Z4m
GQ3BQDy4R2ATXBwVNPbM1WP2eWRDoayNyut0BqSR4zu4vg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:37:07 2025 by rpki-client