Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS57043.roa
File: AS57043.roa (raw, json)
Hash identifier: N++vGPw19BYpBp7lkp5ks2y4I3KFGL3U2HWGdrayJyk=
Subject key identifier: 9F:BE:1F:D5:8D:E4:58:B1:22:C9:7E:9C:42:02:2B:17:01:59:7E:33
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 622DA92E776F2FE141940A0B4F15EED1125C4790
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS57043.roa
Signing time: Thu 13 Feb 2025 15:48:43 +0000
ROA not before: Thu 13 Feb 2025 15:43:43 +0000
ROA not after: Thu 12 Feb 2026 15:48:43 +0000
asID: 57043
IP address blocks: 82.25.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:2d:a9:2e:77:6f:2f:e1:41:94:0a:0b:4f:15:ee:d1:12:5c:47:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 13 15:43:43 2025 GMT
Not After : Feb 12 15:48:43 2026 GMT
Subject: CN=9FBE1FD58DE458B122C97E9C42022B1701597E33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:38:fb:0a:cd:2d:78:d7:b4:20:98:56:0c:
c0:95:fa:8a:2d:f5:8e:df:a3:bb:04:1c:81:b0:01:
92:0a:f4:ff:f9:86:33:00:5f:71:ae:18:81:0f:d8:
a9:08:c8:c4:cd:d0:57:4c:75:cc:d2:80:4a:3d:51:
36:30:02:4d:dd:d5:c3:91:26:52:f8:22:52:26:03:
65:b0:33:c4:7c:e7:7e:b5:85:31:ea:fb:6a:26:ec:
b9:ed:9a:2e:f0:19:d4:d0:0c:be:c8:61:78:0e:87:
4a:82:02:d2:30:cd:7a:9d:c5:60:dd:75:25:0c:ee:
b8:8a:4c:2f:dc:c9:95:83:80:b6:6d:43:47:f5:b7:
14:8f:84:13:8d:52:db:64:c4:40:53:95:90:f8:2b:
c6:af:5f:f5:7b:77:c1:99:51:e4:de:a0:a8:3a:94:
1c:e3:a0:b7:13:c4:db:c2:7e:89:ed:c9:31:83:42:
92:ee:fc:0d:e0:59:22:a1:81:4c:7e:1a:ee:1c:15:
39:a5:85:2a:82:18:e0:3b:59:74:62:b3:08:c4:f3:
10:70:11:4e:b6:ed:a3:5c:b1:22:08:3f:f2:2f:f4:
95:d5:16:c1:bb:04:db:e7:f8:51:c6:74:85:7d:52:
ee:a7:eb:01:a9:7e:8e:ff:ea:3b:23:ee:3f:ea:24:
fb:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BE:1F:D5:8D:E4:58:B1:22:C9:7E:9C:42:02:2B:17:01:59:7E:33
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS57043.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.20.0/24
Signature Algorithm: sha256WithRSAEncryption
85:07:5a:68:82:32:67:58:d5:a7:0c:97:86:3f:11:f4:84:85:
50:5d:5b:8b:47:c8:a3:84:25:31:80:b1:48:aa:c2:38:fe:e2:
b4:19:14:ce:eb:8c:2e:cd:44:b6:26:68:2d:c7:57:c6:d1:ca:
9a:30:71:b4:3f:a4:e2:5a:86:14:99:4a:9f:bf:79:fb:4a:f3:
04:35:95:21:5b:3b:08:69:bb:78:14:88:90:19:8f:bc:eb:9a:
b3:3f:ea:bc:e3:77:b8:16:bc:e1:f5:cc:25:98:ef:53:e2:2e:
11:a3:97:09:84:c6:d5:61:e4:8a:87:db:ca:a9:13:fc:fa:ed:
2a:8f:b8:57:b3:4e:9d:38:df:ee:04:73:b8:5d:ff:25:da:7e:
85:e5:b0:ff:03:fd:ce:5b:e8:0a:30:30:1f:51:be:60:70:8c:
58:c5:04:51:f3:a9:a1:8c:ff:b6:cb:b4:92:1c:67:7c:d6:8c:
cf:10:fc:94:60:43:21:cb:43:cd:5b:78:0c:9a:c5:ae:1b:a4:
b4:fa:b9:b1:df:17:a9:ab:c1:53:1c:56:c4:28:d7:ae:df:22:
77:3a:1c:2a:c3:be:e2:72:61:13:6f:bf:48:24:9e:bf:a1:16:
34:55:91:a9:07:89:eb:5c:24:cb:08:59:4d:0e:df:d4:ef:fc:
a8:be:68:dc
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUYi2pLndvL+FBlAoLTxXu0RJcR5AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMTMxNTQzNDNaFw0yNjAyMTIxNTQ4NDNaMDMxMTAvBgNV
BAMTKDlGQkUxRkQ1OERFNDU4QjEyMkM5N0U5QzQyMDIyQjE3MDE1OTdFMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1DDj7Cs0teNe0IJhWDMCV+oot
9Y7fo7sEHIGwAZIK9P/5hjMAX3GuGIEP2KkIyMTN0FdMdczSgEo9UTYwAk3d1cOR
JlL4IlImA2WwM8R85361hTHq+2om7Lntmi7wGdTQDL7IYXgOh0qCAtIwzXqdxWDd
dSUM7riKTC/cyZWDgLZtQ0f1txSPhBONUttkxEBTlZD4K8avX/V7d8GZUeTeoKg6
lBzjoLcTxNvCfontyTGDQpLu/A3gWSKhgUx+Gu4cFTmlhSqCGOA7WXRiswjE8xBw
EU627aNcsSIIP/Iv9JXVFsG7BNvn+FHGdIV9Uu6n6wGpfo7/6jsj7j/qJPtNAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUn74f1Y3kWLEiyX6cQgIrFwFZfjMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNTcwNDMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSGRQw
DQYJKoZIhvcNAQELBQADggEBAIUHWmiCMmdY1acMl4Y/EfSEhVBdW4tHyKOEJTGA
sUiqwjj+4rQZFM7rjC7NRLYmaC3HV8bRypowcbQ/pOJahhSZSp+/eftK8wQ1lSFb
Owhpu3gUiJAZj7zrmrM/6rzjd7gWvOH1zCWY71PiLhGjlwmExtVh5IqH28qpE/z6
7SqPuFezTp043+4Ec7hd/yXafoXlsP8D/c5b6AowMB9RvmBwjFjFBFHzqaGM/7bL
tJIcZ3zWjM8Q/JRgQyHLQ81beAyaxa4bpLT6ubHfF6mrwVMcVsQo167fInc6HCrD
vuJyYRNvv0gknr+hFjRVkakHietcJMsIWU0O39Tv/Ki+aNw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 18:49:47 2025 by rpki-client