Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396073.roa
File: AS396073.roa (raw, json)
Hash identifier: 4P7Eb0xsuj7lYzDMV79YX5nje6NHb1tBcu5EaRDPL/w=
Subject key identifier: BD:E8:4B:96:A7:47:F4:C1:B6:6B:10:85:1D:B1:52:19:59:58:A5:EE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7E6357573D85A34AC1499E836F586AB24EBF7099
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396073.roa
Signing time: Wed 01 Jan 2025 08:53:49 +0000
ROA not before: Wed 01 Jan 2025 08:48:49 +0000
ROA not after: Wed 31 Dec 2025 08:53:49 +0000
asID: 396073
IP address blocks: 191.101.130.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:63:57:57:3d:85:a3:4a:c1:49:9e:83:6f:58:6a:b2:4e:bf:70:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:49 2025 GMT
Not After : Dec 31 08:53:49 2025 GMT
Subject: CN=BDE84B96A747F4C1B66B10851DB152195958A5EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:06:66:3d:30:36:51:42:ee:44:73:a4:83:fe:
45:aa:ef:12:0c:6c:d7:98:2a:03:60:ea:5f:8b:2d:
10:31:20:49:bd:17:61:5e:13:e4:30:89:17:10:dc:
e6:e5:34:7d:3e:db:54:60:cf:c2:ca:d5:d7:03:5d:
be:a5:99:c6:c0:ea:d7:63:76:dd:fb:26:f3:d5:8c:
68:40:1f:a8:6d:b8:52:19:4d:a5:b7:37:7c:7f:bc:
23:95:26:97:af:aa:9f:48:5b:ca:ef:5b:c1:7c:20:
ae:e7:0a:48:d7:c2:a7:bd:3e:97:8d:d6:78:e7:4e:
46:47:24:2d:7b:6b:14:a9:42:bc:cc:7f:14:e7:40:
c6:9c:f4:67:2e:fc:e5:d0:d1:1f:a7:f1:72:45:67:
8b:54:5f:0c:67:fc:14:b5:35:a8:4a:10:4d:33:26:
91:31:5a:67:bc:e5:14:7b:ed:e2:19:f2:ee:23:d3:
37:69:61:2d:08:1a:f7:66:81:69:45:ce:a0:3a:2e:
d6:7d:c0:c3:8d:48:5b:3e:55:54:1b:12:0a:40:a6:
8e:41:93:96:e0:53:d0:c5:f1:12:a1:ea:30:50:a6:
23:9e:48:98:01:e3:f6:ac:65:54:58:f3:82:69:be:
6a:3a:3f:d9:89:29:e8:0a:ab:86:a4:ae:b2:fc:f0:
ea:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E8:4B:96:A7:47:F4:C1:B6:6B:10:85:1D:B1:52:19:59:58:A5:EE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS396073.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.101.130.0/24
Signature Algorithm: sha256WithRSAEncryption
91:bb:12:f6:f8:05:9a:bd:ab:bf:2b:16:7f:57:c4:da:07:5f:
52:61:60:11:49:3d:6f:84:c6:1a:f5:d7:6b:61:1e:89:57:df:
fe:22:2e:ab:2f:26:3a:51:16:44:54:a3:a5:4c:7f:24:4b:dd:
c6:46:2a:bc:78:a6:74:12:c4:bc:3a:83:67:b4:70:d3:d7:e6:
ba:18:cb:e1:86:af:5d:95:8a:96:aa:cb:e4:47:d1:08:42:62:
d5:00:35:26:a4:b2:e6:8c:28:6d:91:d0:53:50:c4:2d:bc:f2:
8a:c0:e3:29:dd:5b:f7:68:2f:c9:86:45:a6:2c:19:12:38:ff:
fe:46:a9:24:51:5f:75:43:29:7b:fd:ed:20:ab:cb:e6:44:24:
63:b8:ae:8c:c0:d7:ef:30:58:af:12:22:04:f2:07:9e:eb:53:
79:63:38:6f:c5:c7:7a:fe:78:9e:94:8c:e5:15:c9:18:ac:91:
a3:17:a7:3d:fe:bc:16:81:dd:21:cc:8c:5d:07:d0:39:16:2b:
5c:1c:ea:c7:72:81:1a:fc:4e:66:fe:9f:8e:80:3f:da:85:61:
17:17:03:14:9a:b4:51:c0:cb:6d:0d:62:53:1c:7a:98:69:b0:
1a:ca:a8:ce:c8:c9:0b:4f:7c:55:4c:5b:d7:23:1d:37:c7:76:
ff:ca:e6:3a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUfmNXVz2Fo0rBSZ6Db1hqsk6/cJkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NDlaFw0yNTEyMzEwODUzNDlaMDMxMTAvBgNV
BAMTKEJERTg0Qjk2QTc0N0Y0QzFCNjZCMTA4NTFEQjE1MjE5NTk1OEE1RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuBmY9MDZRQu5Ec6SD/kWq7xIM
bNeYKgNg6l+LLRAxIEm9F2FeE+QwiRcQ3OblNH0+21Rgz8LK1dcDXb6lmcbA6tdj
dt37JvPVjGhAH6htuFIZTaW3N3x/vCOVJpevqp9IW8rvW8F8IK7nCkjXwqe9PpeN
1njnTkZHJC17axSpQrzMfxTnQMac9Gcu/OXQ0R+n8XJFZ4tUXwxn/BS1NahKEE0z
JpExWme85RR77eIZ8u4j0zdpYS0IGvdmgWlFzqA6LtZ9wMONSFs+VVQbEgpApo5B
k5bgU9DF8RKh6jBQpiOeSJgB4/asZVRY84Jpvmo6P9mJKegKq4akrrL88OobAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUvehLlqdH9MG2axCFHbFSGVlYpe4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk2MDczLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAv2WC
MA0GCSqGSIb3DQEBCwUAA4IBAQCRuxL2+AWavau/KxZ/V8TaB19SYWARST1vhMYa
9ddrYR6JV9/+Ii6rLyY6URZEVKOlTH8kS93GRiq8eKZ0EsS8OoNntHDT1+a6GMvh
hq9dlYqWqsvkR9EIQmLVADUmpLLmjChtkdBTUMQtvPKKwOMp3Vv3aC/JhkWmLBkS
OP/+RqkkUV91Qyl7/e0gq8vmRCRjuK6MwNfvMFivEiIE8gee61N5Yzhvxcd6/nie
lIzlFckYrJGjF6c9/rwWgd0hzIxdB9A5FitcHOrHcoEa/E5m/p+OgD/ahWEXFwMU
mrRRwMttDWJTHHqYabAayqjOyMkLT3xVTFvXIx03x3b/yuY6
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:00 2025 by rpki-client