Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
File: AS43641.roa (raw, json)
Hash identifier: h8h10G0XSnSPC7OP7C2PY48Tfh/c/2bjrJKj2rNk8jM=
Subject key identifier: CD:45:A8:64:C0:CA:49:85:67:0A:29:94:8B:7E:AB:8F:97:0D:63:4E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3A946F52A8E5C1D7F0843CC751B53E505898B219
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
Signing time: Fri 28 Feb 2025 05:09:46 +0000
ROA not before: Fri 28 Feb 2025 05:04:46 +0000
ROA not after: Fri 27 Feb 2026 05:09:46 +0000
asID: 43641
IP address blocks: 2.57.20.0/23 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.62.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:94:6f:52:a8:e5:c1:d7:f0:84:3c:c7:51:b5:3e:50:58:98:b2:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 28 05:04:46 2025 GMT
Not After : Feb 27 05:09:46 2026 GMT
Subject: CN=CD45A864C0CA4985670A29948B7EAB8F970D634E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:aa:08:ff:b9:5b:ee:32:5b:54:c2:b5:13:bb:
44:3d:43:ad:95:8a:48:83:f3:cb:4d:02:cc:be:2d:
e0:f0:ee:27:85:d1:56:11:31:12:ab:d6:23:f9:93:
53:7b:be:2d:5e:e9:08:84:df:e2:43:c3:f9:56:81:
1c:24:dd:cf:54:23:6e:59:fb:f3:df:1a:ad:fb:4c:
3b:2e:61:9b:6c:d3:c0:6b:01:37:bc:19:8b:97:9f:
a5:6d:a2:88:df:24:1a:d7:f7:36:1e:95:da:57:c2:
21:81:9a:2f:9d:15:e2:fc:ae:97:34:2d:8b:6e:8d:
5f:55:33:36:44:0f:55:2b:3b:dd:97:82:39:82:01:
2e:8b:41:5a:9b:c6:b3:91:e1:15:2e:12:be:9d:5a:
2f:77:0b:65:0d:30:7a:69:c8:02:35:97:3f:76:30:
0b:97:b4:f5:16:5e:36:9d:1e:cc:9b:e8:7f:61:5c:
bb:51:05:d3:60:88:8b:38:8c:2a:f6:1e:1b:c8:f4:
a5:75:37:4d:f8:73:c5:e8:25:a5:9c:6b:86:6a:44:
3d:d2:76:59:73:e5:64:42:c0:4b:ef:4b:77:cc:08:
a2:b3:cd:b0:2f:fc:03:0a:4c:a9:11:16:5d:b3:bc:
a8:ff:51:cf:d3:3f:76:d3:45:8e:21:30:f5:75:d3:
af:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:45:A8:64:C0:CA:49:85:67:0A:29:94:8B:7E:AB:8F:97:0D:63:4E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
181.215.58.0/24
181.215.62.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:2d:60:70:83:0e:9a:26:27:3a:15:fc:89:e5:a3:5e:a6:56:
ee:bc:3d:67:8e:07:e8:1e:5f:cb:b3:c2:0a:1e:d7:06:65:15:
85:86:30:4d:ba:c4:bf:56:da:43:9c:45:3c:3b:9b:8b:97:d6:
03:c2:a4:6b:60:00:34:ed:75:33:58:7a:9c:75:b1:c5:ec:69:
46:85:c2:25:ea:85:bd:75:8e:d7:24:96:7e:c2:55:38:08:59:
10:0b:3c:3a:88:b7:20:5a:b8:35:66:6c:0c:20:6a:d7:fa:49:
f1:84:b0:09:a6:1c:b2:a9:fd:e8:44:de:bd:fc:e6:eb:f2:59:
47:6e:c7:77:47:ac:a8:2b:fa:ca:2c:45:04:ec:2d:16:e1:5a:
a9:67:5e:f9:90:ea:f2:7e:36:84:1e:f8:7e:63:73:a0:9d:f1:
6e:b0:47:e8:8a:b1:91:07:39:e0:92:18:8d:75:64:a9:09:62:
51:0d:70:fd:62:b8:6c:60:5f:67:06:ff:42:8c:ba:1e:0a:8b:
fc:5a:10:85:34:14:b6:8d:d1:fb:3f:a6:ae:a5:c4:e9:8c:9b:
b6:66:9d:2a:ed:5f:11:19:ae:a6:00:75:7a:a6:dd:12:07:67:
fe:d1:e8:16:0d:6f:15:d5:be:71:fb:54:d1:aa:8f:5e:24:f2:
5e:9b:d9:c6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUOpRvUqjlwdfwhDzHUbU+UFiYshkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMjgwNTA0NDZaFw0yNjAyMjcwNTA5NDZaMDMxMTAvBgNV
BAMTKENENDVBODY0QzBDQTQ5ODU2NzBBMjk5NDhCN0VBQjhGOTcwRDYzNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYqgj/uVvuMltUwrUTu0Q9Q62V
ikiD88tNAsy+LeDw7ieF0VYRMRKr1iP5k1N7vi1e6QiE3+JDw/lWgRwk3c9UI25Z
+/PfGq37TDsuYZts08BrATe8GYuXn6VtoojfJBrX9zYeldpXwiGBmi+dFeL8rpc0
LYtujV9VMzZED1UrO92XgjmCAS6LQVqbxrOR4RUuEr6dWi93C2UNMHppyAI1lz92
MAuXtPUWXjadHsyb6H9hXLtRBdNgiIs4jCr2HhvI9KV1N034c8XoJaWca4ZqRD3S
dllz5WRCwEvvS3fMCKKzzbAv/AMKTKkRFl2zvKj/Uc/TP3bTRY4hMPV106/tAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUzUWoZMDKSYVnCimUi36rj5cNY04wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDM2NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAECORQD
BAC11zoDBAC11z4wDQYJKoZIhvcNAQELBQADggEBAC4tYHCDDpomJzoV/Inlo16m
Vu68PWeOB+geX8uzwgoe1wZlFYWGME26xL9W2kOcRTw7m4uX1gPCpGtgADTtdTNY
epx1scXsaUaFwiXqhb11jtckln7CVTgIWRALPDqItyBauDVmbAwgatf6SfGEsAmm
HLKp/ehE3r385uvyWUdux3dHrKgr+sosRQTsLRbhWqlnXvmQ6vJ+NoQe+H5jc6Cd
8W6wR+iKsZEHOeCSGI11ZKkJYlENcP1iuGxgX2cG/0KMuh4Ki/xaEIU0FLaN0fs/
pq6lxOmMm7ZmnSrtXxEZrqYAdXqm3RIHZ/7R6BYNbxXVvnH7VNGqj14k8l6b2cY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:00 2025 by rpki-client