Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16125.roa
File: AS16125.roa (raw, json)
Hash identifier: V+0A/gY3Ybl8gBlsnDPNupjm//uolRz9IzEXnjRfru8=
Subject key identifier: 8F:84:43:42:C8:1F:53:0A:EE:63:3F:D3:29:FC:80:10:A5:0D:C4:07
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 548BF1A4502DEBEEE0937707EB896A9F80434F33
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16125.roa
Signing time: Mon 03 Feb 2025 12:59:18 +0000
ROA not before: Mon 03 Feb 2025 12:54:18 +0000
ROA not after: Mon 02 Feb 2026 12:59:18 +0000
asID: 16125
IP address blocks: 82.23.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:8b:f1:a4:50:2d:eb:ee:e0:93:77:07:eb:89:6a:9f:80:43:4f:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 3 12:54:18 2025 GMT
Not After : Feb 2 12:59:18 2026 GMT
Subject: CN=8F844342C81F530AEE633FD329FC8010A50DC407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0d:dc:bb:1f:f1:47:84:e4:60:79:fb:73:0b:
da:2e:0e:ac:7f:3e:3f:f5:73:05:2d:4c:2a:6b:19:
0d:1b:dd:af:f3:77:8d:98:cf:ed:77:2c:59:bd:81:
ad:21:ee:ec:2d:b8:d3:ee:16:40:6c:ab:32:d6:33:
1b:d9:a8:d7:27:a1:1c:d9:08:cb:c0:69:db:4a:d0:
54:41:e0:a0:00:73:8e:18:d6:87:fa:4d:8a:af:3f:
13:34:00:30:f7:e7:17:54:6c:c8:a1:41:3e:f8:b0:
f1:9f:79:da:64:ec:48:89:f0:26:7e:2e:8a:69:5b:
64:3f:b7:f0:66:9e:1e:4c:bf:d7:b1:e8:fd:6e:3f:
15:7f:79:84:f9:cc:0e:cb:d8:cd:fa:98:27:7d:e4:
cc:c8:c9:82:07:a1:33:41:d0:97:fe:a4:c1:45:22:
15:7c:11:e9:73:f2:3d:b4:55:a1:08:51:37:87:ee:
00:27:3d:69:93:3e:93:fb:20:8b:4d:ba:0b:f2:80:
53:47:5a:be:c2:b3:28:25:70:dc:c0:46:95:1e:a0:
c8:36:c8:25:25:52:0c:91:ce:29:a3:14:0c:8d:4d:
f5:41:f1:26:0e:ab:1a:82:85:e0:ae:84:ef:78:e1:
6f:59:01:d0:c9:0a:57:b5:0e:55:92:e3:35:3f:3b:
a4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:84:43:42:C8:1F:53:0A:EE:63:3F:D3:29:FC:80:10:A5:0D:C4:07
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16125.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.2.0/24
Signature Algorithm: sha256WithRSAEncryption
30:04:ff:cb:7b:2a:fe:d9:85:ba:b5:2b:13:e4:66:11:98:12:
cc:12:c0:c2:d2:ea:60:95:d5:e7:fa:4f:b2:ec:55:d0:cd:24:
26:45:db:28:4b:d3:eb:ea:5a:51:d0:31:7c:a9:bb:0f:6c:ad:
cd:71:d4:de:04:dc:00:90:6f:bc:5d:8d:17:4f:6b:43:7e:e1:
b1:03:72:ac:c9:bc:34:c3:4b:ab:b3:4a:eb:63:e8:59:ad:88:
5b:f4:73:ef:71:9d:33:fd:04:28:94:22:06:d2:ad:20:62:9c:
80:ae:02:c1:3f:a0:36:60:00:3c:af:02:b3:d3:97:f1:bb:1f:
61:c6:c8:d0:b4:39:07:2a:50:36:ef:28:9d:f7:2b:65:18:4f:
15:44:28:2f:e2:6d:32:ff:1a:5a:d7:1a:d6:9d:a3:e3:41:fe:
27:df:2d:fb:e6:bd:c1:6b:f4:5a:d1:4c:1f:a0:dc:d1:08:18:
01:41:95:9a:4c:a4:70:4b:99:52:23:54:57:f6:76:56:ca:03:
1e:9b:a1:c2:ce:2e:70:e6:78:3d:89:7c:c7:fc:de:15:e4:46:
5b:da:02:83:4e:7e:da:05:9a:57:4c:43:db:ac:db:25:bd:86:
04:0b:fe:20:03:f4:ac:f9:8e:e0:f3:c8:44:03:0c:bf:b6:de:
ff:81:a4:b7
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUVIvxpFAt6+7gk3cH64lqn4BDTzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDMxMjU0MThaFw0yNjAyMDIxMjU5MThaMDMxMTAvBgNV
BAMTKDhGODQ0MzQyQzgxRjUzMEFFRTYzM0ZEMzI5RkM4MDEwQTUwREM0MDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeDdy7H/FHhORgeftzC9ouDqx/
Pj/1cwUtTCprGQ0b3a/zd42Yz+13LFm9ga0h7uwtuNPuFkBsqzLWMxvZqNcnoRzZ
CMvAadtK0FRB4KAAc44Y1of6TYqvPxM0ADD35xdUbMihQT74sPGfedpk7EiJ8CZ+
LoppW2Q/t/Bmnh5Mv9ex6P1uPxV/eYT5zA7L2M36mCd95MzIyYIHoTNB0Jf+pMFF
IhV8Eelz8j20VaEIUTeH7gAnPWmTPpP7IItNugvygFNHWr7CsyglcNzARpUeoMg2
yCUlUgyRzimjFAyNTfVB8SYOqxqCheCuhO944W9ZAdDJCle1DlWS4zU/O6QVAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUj4RDQsgfUwruYz/TKfyAEKUNxAcwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTYxMjUucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFwIw
DQYJKoZIhvcNAQELBQADggEBADAE/8t7Kv7Zhbq1KxPkZhGYEswSwMLS6mCV1ef6
T7LsVdDNJCZF2yhL0+vqWlHQMXypuw9src1x1N4E3ACQb7xdjRdPa0N+4bEDcqzJ
vDTDS6uzSutj6FmtiFv0c+9xnTP9BCiUIgbSrSBinICuAsE/oDZgADyvArPTl/G7
H2HGyNC0OQcqUDbvKJ33K2UYTxVEKC/ibTL/GlrXGtado+NB/iffLfvmvcFr9FrR
TB+g3NEIGAFBlZpMpHBLmVIjVFf2dlbKAx6bocLOLnDmeD2JfMf83hXkRlvaAoNO
ftoFmldMQ9us2yW9hgQL/iAD9Kz5juDzyEQDDL+23v+BpLc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:23:52 2025 by rpki-client