Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
File: AS397423.roa (raw, json)
Hash identifier: 73X3pFMBhdtVUoz1ugBTTU5o7aNYyYwPFPaxXkrX/g8=
Subject key identifier: 24:73:A9:40:A3:D5:D0:CB:A5:B9:52:C6:F7:87:FD:C7:61:DC:54:7C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 27BC7F00B322E5C42CFE922A30D1F06D69D4DBF7
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
Signing time: Tue 31 Dec 2024 00:02:02 +0000
ROA not before: Mon 30 Dec 2024 23:57:02 +0000
ROA not after: Tue 30 Dec 2025 00:02:02 +0000
asID: 397423
IP address blocks: 179.61.194.0/24 maxlen: 24
181.214.133.0/24 maxlen: 24
181.214.152.0/24 maxlen: 24
181.215.47.0/24 maxlen: 24
181.215.49.0/24 maxlen: 24
181.215.242.0/24 maxlen: 24
181.215.243.0/24 maxlen: 24
181.215.244.0/24 maxlen: 24
191.96.101.0/24 maxlen: 24
191.96.155.0/24 maxlen: 24
191.96.166.0/24 maxlen: 24
191.96.186.0/24 maxlen: 24
191.96.233.0/24 maxlen: 24
191.101.30.0/24 maxlen: 24
191.101.166.0/24 maxlen: 24
191.101.172.0/24 maxlen: 24
191.101.207.0/24 maxlen: 24
191.101.227.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:bc:7f:00:b3:22:e5:c4:2c:fe:92:2a:30:d1:f0:6d:69:d4:db:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 30 23:57:02 2024 GMT
Not After : Dec 30 00:02:02 2025 GMT
Subject: CN=2473A940A3D5D0CBA5B952C6F787FDC761DC547C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:86:34:bf:4b:33:9d:89:b2:ac:d6:fb:ac:69:
4f:51:f2:92:37:9f:cb:08:d4:ac:f3:78:81:ed:06:
6e:19:b4:48:15:bf:d5:8d:e3:d2:8e:a6:66:23:04:
f5:18:19:c2:ce:ac:f5:52:d7:d2:fb:00:1d:a6:01:
f0:b0:b4:3a:9a:df:00:c6:0c:96:c7:14:ba:b7:02:
b4:e2:02:1c:96:eb:00:7c:7f:9a:03:f6:7a:6a:f3:
e3:88:bb:f4:44:74:b5:bd:05:2f:36:fb:0c:30:d6:
70:dc:13:61:ba:4a:1c:d7:06:fa:a7:9b:96:d2:fe:
25:c2:1f:ec:78:51:a4:34:fb:59:53:23:35:3e:f9:
ed:e7:c4:39:3c:49:c8:58:ea:73:b9:fb:d1:d0:77:
f9:08:d5:33:0a:f9:de:9a:76:a1:97:9e:a6:12:c9:
fd:0d:a8:c2:51:a8:b3:4d:fb:05:7a:a2:80:51:45:
12:12:70:2b:ad:2f:21:4f:e9:72:e0:e5:57:0b:7c:
ae:cf:4b:ff:68:1e:d8:d9:51:93:87:07:a7:61:bc:
a8:7a:86:5c:dd:85:16:58:e9:af:8b:02:bc:46:48:
17:4a:3b:3c:52:f2:4c:2c:7a:45:c5:73:a7:77:f1:
60:20:6d:2f:86:16:8f:00:9f:a3:fb:6a:bd:d5:ce:
af:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:73:A9:40:A3:D5:D0:CB:A5:B9:52:C6:F7:87:FD:C7:61:DC:54:7C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397423.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
179.61.194.0/24
181.214.133.0/24
181.214.152.0/24
181.215.47.0/24
181.215.49.0/24
181.215.242.0-181.215.244.255
191.96.101.0/24
191.96.155.0/24
191.96.166.0/24
191.96.186.0/24
191.96.233.0/24
191.101.30.0/24
191.101.166.0/24
191.101.172.0/24
191.101.207.0/24
191.101.227.0/24
Signature Algorithm: sha256WithRSAEncryption
85:71:40:eb:4d:05:3f:7d:2f:75:d7:35:70:ce:19:29:1d:57:
fe:f7:a5:37:2f:28:35:86:f2:8e:4e:e5:a4:59:16:e9:67:ca:
f1:64:5c:6b:00:75:bb:a8:7e:5b:4a:2a:1d:a4:bf:6e:1f:3a:
5c:c6:58:57:d6:e2:f9:4d:18:7b:cf:5e:1a:f4:a7:f3:ed:71:
27:ec:47:16:1b:e2:61:c5:05:b0:0b:e2:75:37:1e:3d:89:ed:
d9:c6:29:65:df:b5:d8:f7:68:e2:b0:e8:67:cf:b3:aa:0c:f0:
41:d7:71:6e:08:b1:83:fc:f4:28:a1:bf:68:ed:dd:b7:96:30:
54:ce:55:da:ee:04:9d:75:05:6e:f9:3d:c3:dc:c0:eb:01:5b:
af:7d:e5:7b:62:67:32:cf:db:69:21:16:fd:81:bf:c1:f8:e4:
08:b2:cc:18:0c:d3:6d:f8:19:34:bd:24:84:fb:6b:4a:9c:fa:
e4:f3:50:b3:ad:f3:2c:d0:31:89:d3:6b:fa:d0:fa:45:f7:0a:
d3:0d:c5:b5:70:1d:a8:c4:07:a8:bc:d5:08:83:42:12:67:1b:
28:0e:2d:6d:8b:1d:a5:0c:d8:3d:34:39:81:83:ac:0e:84:fa:
c1:17:9d:b0:82:4a:0c:4d:a1:c9:56:4b:45:d2:f7:ab:b2:80:
d8:e9:f8:da
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgIUJ7x/ALMi5cQs/pIqMNHwbWnU2/cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMzAyMzU3MDJaFw0yNTEyMzAwMDAyMDJaMDMxMTAvBgNV
BAMTKDI0NzNBOTQwQTNENUQwQ0JBNUI5NTJDNkY3ODdGREM3NjFEQzU0N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCshjS/SzOdibKs1vusaU9R8pI3
n8sI1KzzeIHtBm4ZtEgVv9WN49KOpmYjBPUYGcLOrPVS19L7AB2mAfCwtDqa3wDG
DJbHFLq3ArTiAhyW6wB8f5oD9npq8+OIu/REdLW9BS82+www1nDcE2G6ShzXBvqn
m5bS/iXCH+x4UaQ0+1lTIzU++e3nxDk8SchY6nO5+9HQd/kI1TMK+d6adqGXnqYS
yf0NqMJRqLNN+wV6ooBRRRIScCutLyFP6XLg5VcLfK7PS/9oHtjZUZOHB6dhvKh6
hlzdhRZY6a+LArxGSBdKOzxS8kwsekXFc6d38WAgbS+GFo8An6P7ar3Vzq8nAgMB
AAGjggJtMIICaTAdBgNVHQ4EFgQUJHOpQKPV0MuluVLG94f9x2HcVHwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEALM9
wgMEALXWhQMEALXWmAMEALXXLwMEALXXMTAMAwQBtdfyAwQAtdf0AwQAv2BlAwQA
v2CbAwQAv2CmAwQAv2C6AwQAv2DpAwQAv2UeAwQAv2WmAwQAv2WsAwQAv2XPAwQA
v2XjMA0GCSqGSIb3DQEBCwUAA4IBAQCFcUDrTQU/fS911zVwzhkpHVf+96U3Lyg1
hvKOTuWkWRbpZ8rxZFxrAHW7qH5bSiodpL9uHzpcxlhX1uL5TRh7z14a9Kfz7XEn
7EcWG+JhxQWwC+J1Nx49ie3Zxill37XY92jisOhnz7OqDPBB13FuCLGD/PQoob9o
7d23ljBUzlXa7gSddQVu+T3D3MDrAVuvfeV7Ymcyz9tpIRb9gb/B+OQIsswYDNNt
+Bk0vSSE+2tKnPrk81CzrfMs0DGJ02v60PpF9wrTDcW1cB2oxAeovNUIg0ISZxso
Di1tix2lDNg9NDmBg6wOhPrBF52wgkoMTaHJVktF0versoDY6fja
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:31:21 2025 by rpki-client