Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40244.roa
File: AS40244.roa (raw, json)
Hash identifier: 8Jc69hzWYdK+Kfz1AUPFdHX1ODpKT9ZzKxvZlhl0GVM=
Subject key identifier: 30:28:76:56:BF:D9:A5:CF:38:0E:49:92:41:2D:18:59:59:08:75:CC
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 221A2F9C99420E3C29D0D77404CB7FC5C4F9CF7C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40244.roa
Signing time: Wed 01 Jan 2025 08:53:50 +0000
ROA not before: Wed 01 Jan 2025 08:48:50 +0000
ROA not after: Wed 31 Dec 2025 08:53:50 +0000
asID: 40244
IP address blocks: 181.214.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:1a:2f:9c:99:42:0e:3c:29:d0:d7:74:04:cb:7f:c5:c4:f9:cf:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 1 08:48:50 2025 GMT
Not After : Dec 31 08:53:50 2025 GMT
Subject: CN=30287656BFD9A5CF380E4992412D1859590875CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e8:41:6f:9a:26:89:99:c7:90:f5:e1:cb:83:
61:b3:c9:65:c6:6a:47:9b:18:a8:a0:f5:3e:6e:d8:
bd:72:5e:f1:94:00:65:2d:a6:88:0c:db:99:9a:2e:
be:e0:e3:af:aa:6e:f8:7f:33:3c:41:9f:9e:47:a9:
25:3a:ba:ed:66:99:24:0e:25:5f:ff:22:a6:91:7d:
97:3b:4c:bd:6c:44:13:e3:e6:bc:78:4e:38:9a:6f:
ec:19:13:9b:01:bc:7e:c5:2e:17:85:96:97:c1:fa:
8a:5a:a6:05:5d:0a:7b:56:0e:64:5b:ee:e8:aa:b4:
69:2c:db:57:9c:c0:5e:9a:d8:8b:0a:ba:43:db:9c:
1b:86:87:ce:94:5c:af:82:ad:83:9a:8c:f8:09:58:
cc:53:c0:f1:9b:f4:29:e7:c1:62:66:6d:91:e1:c9:
ae:ee:5d:29:dd:10:44:18:03:ae:5a:b3:0b:83:cb:
d9:6f:35:a6:eb:0e:06:6b:27:78:62:ba:89:78:00:
8a:54:5b:8a:2a:8f:68:fb:ab:b3:ab:83:b4:c0:e1:
b2:0d:cc:a7:62:ae:00:47:be:24:0d:a3:d2:c7:55:
e5:33:d7:52:0d:4a:84:08:12:b0:6e:0c:2a:b0:62:
b3:2c:0f:b1:b5:bc:7a:8c:12:61:d5:18:ae:4e:04:
15:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:28:76:56:BF:D9:A5:CF:38:0E:49:92:41:2D:18:59:59:08:75:CC
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS40244.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.149.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:76:e8:21:0c:dd:fe:d3:e0:23:00:4f:e7:74:66:8a:15:56:
19:c4:0f:b5:90:ed:db:56:5e:89:64:18:ee:07:c1:62:18:01:
5f:ad:6f:ef:63:78:9d:4e:cf:56:47:d4:55:ad:ad:f3:82:0d:
60:0b:99:65:35:e9:ee:32:98:41:ca:1a:44:2f:43:1f:80:55:
4b:06:e7:fb:3e:ae:5a:35:0c:6a:a3:23:d9:b2:48:df:37:6e:
e9:00:75:f2:15:e0:bb:02:3a:6d:54:d2:ac:24:16:a4:e5:42:
1e:a8:b6:36:46:d3:f1:6e:1d:8e:12:6d:6c:76:7e:a5:28:40:
7b:98:99:1a:d5:e3:86:56:f4:94:13:a7:e0:0d:02:f2:52:ee:
58:34:95:5e:93:4f:e2:67:f3:9f:c0:29:04:7f:53:af:2d:cf:
2b:5c:cd:9b:16:cf:d5:39:15:79:61:74:73:ac:75:f3:dd:3a:
ec:de:57:46:14:34:18:60:8e:bf:77:ac:2f:e5:21:1c:6b:92:
6d:a7:a8:1f:44:a1:63:94:89:4e:cb:84:43:d0:97:24:5b:63:
30:15:e9:56:d7:16:5d:e4:7f:c8:ac:fd:6c:75:c0:fb:8a:df:
84:53:7f:7f:be:4b:0f:f1:4a:3b:4e:93:be:35:b0:58:ca:48:
3b:94:12:fa
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUIhovnJlCDjwp0Nd0BMt/xcT5z3wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMDEwODQ4NTBaFw0yNTEyMzEwODUzNTBaMDMxMTAvBgNV
BAMTKDMwMjg3NjU2QkZEOUE1Q0YzODBFNDk5MjQxMkQxODU5NTkwODc1Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx6EFvmiaJmceQ9eHLg2GzyWXG
akebGKig9T5u2L1yXvGUAGUtpogM25maLr7g46+qbvh/MzxBn55HqSU6uu1mmSQO
JV//IqaRfZc7TL1sRBPj5rx4Tjiab+wZE5sBvH7FLheFlpfB+opapgVdCntWDmRb
7uiqtGks21ecwF6a2IsKukPbnBuGh86UXK+CrYOajPgJWMxTwPGb9CnnwWJmbZHh
ya7uXSndEEQYA65aswuDy9lvNabrDgZrJ3hiuol4AIpUW4oqj2j7q7Org7TA4bIN
zKdirgBHviQNo9LHVeUz11INSoQIErBuDCqwYrMsD7G1vHqMEmHVGK5OBBU3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUMCh2Vr/Zpc84DkmSQS0YWVkIdcwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAyNDQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC11pUw
DQYJKoZIhvcNAQELBQADggEBAB926CEM3f7T4CMAT+d0ZooVVhnED7WQ7dtWXolk
GO4HwWIYAV+tb+9jeJ1Oz1ZH1FWtrfOCDWALmWU16e4ymEHKGkQvQx+AVUsG5/s+
rlo1DGqjI9mySN83bukAdfIV4LsCOm1U0qwkFqTlQh6otjZG0/FuHY4SbWx2fqUo
QHuYmRrV44ZW9JQTp+ANAvJS7lg0lV6TT+Jn85/AKQR/U68tzytczZsWz9U5FXlh
dHOsdfPdOuzeV0YUNBhgjr93rC/lIRxrkm2nqB9EoWOUiU7LhEPQlyRbYzAV6VbX
Fl3kf8is/Wx1wPuK34RTf3++Sw/xSjtOk741sFjKSDuUEvo=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:24:32 2025 by rpki-client