Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
File: AS401000.roa (raw, json)
Hash identifier: BITatk8UpB7OH+Zn0u4Ed2pY20xg9gvC2smBdfAVjmI=
Subject key identifier: C1:C0:77:FB:3B:75:8A:B5:D8:FA:4A:A8:82:B3:97:76:90:7E:2B:5C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3419A84EE71E40AB071D542775C4D0FD1CCEE4A8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
Signing time: Mon 24 Mar 2025 21:53:58 +0000
ROA not before: Mon 24 Mar 2025 21:48:58 +0000
ROA not after: Mon 23 Mar 2026 21:53:58 +0000
asID: 401000
IP address blocks: 181.214.44.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:19:a8:4e:e7:1e:40:ab:07:1d:54:27:75:c4:d0:fd:1c:ce:e4:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 24 21:48:58 2025 GMT
Not After : Mar 23 21:53:58 2026 GMT
Subject: CN=C1C077FB3B758AB5D8FA4AA882B39776907E2B5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:4f:04:97:f4:3e:5b:68:15:e8:52:64:6c:f1:
8e:94:e2:f5:94:12:2b:1f:c8:b8:7b:b3:04:2c:2b:
7c:44:93:40:88:ea:1e:7e:6f:26:99:59:c3:f4:dc:
be:e8:f2:6c:c0:2d:52:ab:a6:d3:5f:ea:6a:b6:ca:
24:75:61:5f:81:f5:81:11:3e:25:20:db:db:55:27:
4e:96:38:c0:9a:df:25:01:ea:f7:82:be:c2:21:4e:
aa:46:99:74:ab:89:88:4b:35:cb:65:3c:9d:1e:e4:
47:11:eb:77:66:9a:ca:f8:8a:03:e4:cd:21:6f:15:
11:a0:48:a0:42:df:0f:21:3a:a6:52:42:13:73:81:
97:fb:2d:e7:95:f2:ff:fc:4d:83:83:10:69:2f:27:
68:73:2c:1d:e3:b4:2a:4a:1e:ba:7c:77:c8:42:75:
db:84:dd:5b:44:56:0d:c7:84:b2:18:72:cb:ab:0b:
c0:5a:79:b7:54:c3:32:8a:f9:be:a7:b6:b7:95:2c:
44:ee:d0:2e:ed:92:06:51:23:e8:5b:48:a5:ee:3c:
8e:02:2d:51:16:23:6a:8f:80:2e:70:7c:16:40:cc:
03:5b:eb:15:71:78:b4:43:a3:15:13:27:23:d0:af:
12:a7:12:d7:c5:c5:4b:b1:24:8f:1b:7b:77:dc:03:
fd:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C0:77:FB:3B:75:8A:B5:D8:FA:4A:A8:82:B3:97:76:90:7E:2B:5C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS401000.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.44.0/24
Signature Algorithm: sha256WithRSAEncryption
99:0a:7d:38:53:14:cb:05:a6:4e:1d:73:a6:76:67:4c:39:25:
fd:eb:e3:c6:09:56:06:a7:94:68:d3:ec:a1:76:37:7c:a7:1e:
83:ef:4e:d2:79:b1:c2:12:55:e7:3c:95:83:19:fa:2d:6f:ad:
76:57:10:d8:57:06:51:8b:cd:79:97:0e:18:d0:ec:2d:69:12:
9d:e6:a4:f6:0a:6e:77:28:da:0f:11:08:80:d6:4f:78:53:b3:
1f:a3:cb:6b:aa:21:e8:fe:86:18:88:33:ee:90:8b:87:0e:ee:
11:42:06:f6:68:b0:15:7a:67:4e:16:45:8f:dd:9a:00:c3:bd:
ba:b7:07:51:30:d6:32:2d:a8:8a:0d:d3:e8:4d:b4:08:b9:84:
fe:34:71:da:e9:d5:9b:da:d4:13:89:61:28:3a:ed:8e:f5:93:
a5:2b:5d:62:68:39:15:0d:5f:29:44:0c:10:e1:94:9e:49:0f:
50:66:c7:60:d7:81:e1:24:0c:36:4a:f9:1d:8d:5a:eb:3b:f6:
7c:0d:73:68:e8:85:20:7b:d6:30:95:81:92:bb:ab:46:1f:41:
b0:a1:a8:a4:4c:10:e7:b1:b5:47:90:26:7b:cc:b1:45:f2:f9:
85:74:a5:4f:23:9a:ec:12:b2:91:7b:ba:97:ab:a0:99:37:ce:
f6:07:ef:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUNBmoTuceQKsHHVQndcTQ/RzO5KgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAzMjQyMTQ4NThaFw0yNjAzMjMyMTUzNThaMDMxMTAvBgNV
BAMTKEMxQzA3N0ZCM0I3NThBQjVEOEZBNEFBODgyQjM5Nzc2OTA3RTJCNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/TwSX9D5baBXoUmRs8Y6U4vWU
EisfyLh7swQsK3xEk0CI6h5+byaZWcP03L7o8mzALVKrptNf6mq2yiR1YV+B9YER
PiUg29tVJ06WOMCa3yUB6veCvsIhTqpGmXSriYhLNctlPJ0e5EcR63dmmsr4igPk
zSFvFRGgSKBC3w8hOqZSQhNzgZf7LeeV8v/8TYODEGkvJ2hzLB3jtCpKHrp8d8hC
dduE3VtEVg3HhLIYcsurC8BaebdUwzKK+b6ntreVLETu0C7tkgZRI+hbSKXuPI4C
LVEWI2qPgC5wfBZAzANb6xVxeLRDoxUTJyPQrxKnEtfFxUuxJI8be3fcA/1fAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUwcB3+zt1irXY+kqogrOXdpB+K1wwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAxMDAwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtdYs
MA0GCSqGSIb3DQEBCwUAA4IBAQCZCn04UxTLBaZOHXOmdmdMOSX96+PGCVYGp5Ro
0+yhdjd8px6D707SebHCElXnPJWDGfotb612VxDYVwZRi815lw4Y0OwtaRKd5qT2
Cm53KNoPEQiA1k94U7Mfo8trqiHo/oYYiDPukIuHDu4RQgb2aLAVemdOFkWP3ZoA
w726twdRMNYyLaiKDdPoTbQIuYT+NHHa6dWb2tQTiWEoOu2O9ZOlK11iaDkVDV8p
RAwQ4ZSeSQ9QZsdg14HhJAw2SvkdjVrrO/Z8DXNo6IUge9YwlYGSu6tGH0Gwoaik
TBDnsbVHkCZ7zLFF8vmFdKVPI5rsErKRe7qXq6CZN872B+9N
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:22:19 2025 by rpki-client