Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397540.roa
File: AS397540.roa (raw, json)
Hash identifier: rqHCZhqM1hyTSTDw4FiFvZSHFqDSW1AUZmM3khxCQk4=
Subject key identifier: EA:A2:2F:85:85:39:9D:CD:99:4A:1A:00:E1:7E:55:97:A8:A5:42:91
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C49DE6FDFC4C18DE034B1B01FD9935FC1548AAE
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397540.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 397540
IP address blocks: 181.215.52.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:49:de:6f:df:c4:c1:8d:e0:34:b1:b0:1f:d9:93:5f:c1:54:8a:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=EAA22F8585399DCD994A1A00E17E5597A8A54291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f4:5e:4d:c3:bc:03:c3:34:b9:36:77:f3:62:
fe:92:4d:00:48:1a:95:f0:26:c5:60:bb:34:c3:9d:
35:30:c1:87:5c:81:08:5b:a4:1e:74:a1:2a:45:0b:
a1:c3:17:73:51:14:fe:05:5a:bc:1f:b6:49:2f:f3:
ca:2c:06:1b:0a:f9:52:a2:a2:08:fd:bd:72:a4:cb:
9f:40:b0:be:14:27:36:94:6d:a4:41:9d:58:ed:8a:
b5:bf:c5:9e:eb:df:a9:12:1c:2e:6f:6f:72:81:a9:
c8:1a:74:b6:31:60:1f:18:18:4c:7b:b3:42:4f:f8:
bf:9c:62:d5:06:4f:6b:56:34:2c:38:36:a3:d5:20:
62:dd:ad:1d:e4:97:3d:27:6a:ea:7b:f8:7c:6e:68:
94:63:e0:da:58:8b:8c:24:70:dd:4c:18:e5:ab:33:
e5:9b:d8:eb:ac:74:ff:ea:90:8a:89:0c:f6:cd:21:
b5:ac:f1:34:c8:a9:9b:cf:66:71:a7:d7:66:98:42:
64:06:cd:a3:7a:d3:8c:7d:96:20:82:bb:60:f7:74:
6d:21:81:6b:3f:6d:28:28:d3:a8:bf:97:af:52:2a:
27:78:e8:86:df:64:2d:9f:78:b8:b6:1f:6d:54:3c:
86:f5:fa:30:96:66:7e:2b:39:cf:14:1a:c6:a6:ab:
eb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:A2:2F:85:85:39:9D:CD:99:4A:1A:00:E1:7E:55:97:A8:A5:42:91
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS397540.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.52.0/24
Signature Algorithm: sha256WithRSAEncryption
91:fd:11:df:a1:74:4c:21:36:a4:ac:c7:43:7f:84:e8:5d:27:
b8:00:cb:8a:3e:4a:ed:5f:0d:d8:3f:42:d3:f9:f1:90:48:e3:
4f:80:9e:f9:eb:90:9b:dd:fd:d5:99:30:ff:c0:da:81:92:96:
ab:34:6b:88:d9:92:2b:b7:6e:96:2c:ee:5b:7e:09:1e:8d:18:
de:ab:3d:11:f9:c5:88:03:0a:e5:6d:73:09:f5:41:32:34:34:
b5:78:64:a4:0b:c1:1b:b6:48:72:3a:cb:71:08:da:ff:7a:29:
96:10:fc:2c:97:f6:4a:e0:24:9d:d5:d4:13:c3:88:8e:1a:e9:
07:4a:ce:f8:18:78:b1:8b:e1:e0:05:0d:c4:16:52:0d:71:2b:
58:2f:b9:80:0e:0f:b6:82:06:84:ca:e0:d1:9f:0e:a3:d8:3b:
17:e8:3c:92:48:a6:33:9d:4b:97:dd:9e:e8:2d:49:a0:91:e7:
88:5f:77:d8:e4:e0:ad:a7:df:b4:b1:25:ab:50:81:76:a7:e3:
05:db:9f:88:1a:50:75:25:4a:02:c2:4d:89:0f:11:96:a8:b9:
0f:82:de:bf:27:2a:e6:1d:81:d5:d2:d8:f3:72:25:c8:1f:95:
ce:7c:79:a0:c1:0b:41:df:bf:c4:65:2e:e5:f3:3c:b4:6d:3c:
34:da:f5:7e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUPEneb9/EwY3gNLGwH9mTX8FUiq4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKEVBQTIyRjg1ODUzOTlEQ0Q5OTRBMUEwMEUxN0U1NTk3QThBNTQyOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCE9F5Nw7wDwzS5NnfzYv6STQBI
GpXwJsVguzTDnTUwwYdcgQhbpB50oSpFC6HDF3NRFP4FWrwftkkv88osBhsK+VKi
ogj9vXKky59AsL4UJzaUbaRBnVjtirW/xZ7r36kSHC5vb3KBqcgadLYxYB8YGEx7
s0JP+L+cYtUGT2tWNCw4NqPVIGLdrR3klz0naup7+HxuaJRj4NpYi4wkcN1MGOWr
M+Wb2OusdP/qkIqJDPbNIbWs8TTIqZvPZnGn12aYQmQGzaN604x9liCCu2D3dG0h
gWs/bSgo06i/l69SKid46IbfZC2feLi2H21UPIb1+jCWZn4rOc8UGsamq+vHAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQU6qIvhYU5nc2ZShoA4X5Vl6ilQpEwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk3NTQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdc0
MA0GCSqGSIb3DQEBCwUAA4IBAQCR/RHfoXRMITakrMdDf4ToXSe4AMuKPkrtXw3Y
P0LT+fGQSONPgJ7565Cb3f3VmTD/wNqBkparNGuI2ZIrt26WLO5bfgkejRjeqz0R
+cWIAwrlbXMJ9UEyNDS1eGSkC8EbtkhyOstxCNr/eimWEPwsl/ZK4CSd1dQTw4iO
GukHSs74GHixi+HgBQ3EFlINcStYL7mADg+2ggaEyuDRnw6j2DsX6DySSKYznUuX
3Z7oLUmgkeeIX3fY5OCtp9+0sSWrUIF2p+MF25+IGlB1JUoCwk2JDxGWqLkPgt6/
JyrmHYHV0tjzciXIH5XOfHmgwQtB37/EZS7l8zy0bTw02vV+
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:09 2025 by rpki-client