Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
File: AS203020.roa (raw, json)
Hash identifier: CQ3lUlZ9oL/KM6vMXtntBvx1SfVWdAxAg1uTnHrEAyY=
Subject key identifier: 5D:A8:13:5D:2E:9B:A3:B9:54:4A:58:77:8E:64:54:63:37:EB:DB:5F
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 73A7D9EF150AB492B01D69431B00C9893CA965AF
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
Signing time: Fri 07 Feb 2025 12:08:29 +0000
ROA not before: Fri 07 Feb 2025 12:03:29 +0000
ROA not after: Fri 06 Feb 2026 12:08:29 +0000
asID: 203020
IP address blocks: 2.57.176.0/22 maxlen: 24
45.140.236.0/22 maxlen: 24
193.0.234.0/23 maxlen: 24
193.161.206.0/24 maxlen: 24
212.80.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:a7:d9:ef:15:0a:b4:92:b0:1d:69:43:1b:00:c9:89:3c:a9:65:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Feb 7 12:03:29 2025 GMT
Not After : Feb 6 12:08:29 2026 GMT
Subject: CN=5DA8135D2E9BA3B9544A58778E64546337EBDB5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f5:76:e8:76:b0:75:49:a4:d8:fc:47:83:b5:
c4:c4:81:b3:59:9e:de:73:7b:a2:20:10:06:94:26:
ff:d4:8c:37:79:82:94:a4:2b:46:5a:99:64:f7:9a:
99:15:2c:db:6a:45:a1:ee:48:f9:f5:0a:46:cb:03:
7b:02:86:b9:04:75:30:48:c6:af:dd:79:d4:06:2f:
40:78:5b:42:38:19:f2:d9:e3:9e:42:b1:4b:95:ed:
8a:7d:b6:13:ba:07:2f:7f:2b:fc:4e:84:2e:ad:ab:
ca:79:ca:e3:df:bb:f4:c9:d5:0a:fb:16:b7:f7:1c:
0e:f3:1c:c1:26:20:98:da:84:9d:5d:1e:77:63:c9:
d4:7b:7e:31:84:e7:c2:6f:a0:71:7b:3f:d5:e0:4f:
20:53:9c:07:91:57:80:ee:b9:9e:c5:d3:e4:53:b5:
a3:ab:2a:15:9b:52:d2:61:7b:77:50:d5:8b:08:de:
b0:59:aa:6f:6c:81:71:62:eb:41:d5:36:fd:8c:1a:
bc:38:45:73:8f:86:00:a7:f4:bb:95:cd:bc:a3:07:
6b:a9:53:bd:e1:3b:51:62:31:42:fc:49:40:46:83:
35:ee:c3:01:d5:04:b6:90:4e:d0:0c:42:19:f0:a2:
bc:c2:ff:fc:c4:04:6f:7d:d7:a3:64:38:fc:42:15:
20:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A8:13:5D:2E:9B:A3:B9:54:4A:58:77:8E:64:54:63:37:EB:DB:5F
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.176.0/22
45.140.236.0/22
193.0.234.0/23
193.161.206.0/24
212.80.192.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:78:bb:e8:2d:f7:14:05:45:e6:15:47:a5:85:c7:e0:d8:c0:
b4:db:aa:71:d1:11:61:a1:9c:e0:dd:c5:40:b8:6c:6a:3b:82:
71:7b:b4:5f:c1:67:93:d8:c9:75:9f:6c:d0:1c:3c:8f:52:d2:
9d:24:16:9e:3b:ff:80:db:fe:5c:de:14:27:04:52:5c:57:dd:
de:1c:15:4e:3a:17:b6:48:28:04:ab:3f:4c:e7:2f:59:53:6c:
e2:74:58:14:45:01:14:36:1e:b0:47:d3:03:a0:28:a0:9a:d1:
61:99:2c:7b:a7:d4:06:1a:5a:14:76:f1:47:45:6a:f0:e1:67:
61:10:ea:7e:1d:c6:1d:94:d7:1a:04:52:3a:d7:88:cb:4d:99:
d9:53:06:90:6b:4b:42:a9:05:7c:af:bc:89:63:a1:a9:96:9f:
1d:a8:d3:33:97:ae:1f:9e:cb:75:e7:5b:a9:fb:40:48:bc:2c:
18:07:c8:9d:8d:21:59:f6:85:3e:06:43:ef:68:62:29:08:ff:
7e:ed:43:cf:35:4d:06:ee:a4:25:51:4d:5e:2e:fa:3d:0f:67:
91:2c:e8:02:e8:84:30:b4:03:7c:24:8b:42:ef:02:5e:78:ca:
a4:ae:9f:68:19:3c:30:f7:cb:26:91:ca:c7:4f:90:b8:86:44:
bb:3f:1b:a2
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUc6fZ7xUKtJKwHWlDGwDJiTypZa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAyMDcxMjAzMjlaFw0yNjAyMDYxMjA4MjlaMDMxMTAvBgNV
BAMTKDVEQTgxMzVEMkU5QkEzQjk1NDRBNTg3NzhFNjQ1NDYzMzdFQkRCNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCW9XbodrB1SaTY/EeDtcTEgbNZ
nt5ze6IgEAaUJv/UjDd5gpSkK0ZamWT3mpkVLNtqRaHuSPn1CkbLA3sChrkEdTBI
xq/dedQGL0B4W0I4GfLZ455CsUuV7Yp9thO6By9/K/xOhC6tq8p5yuPfu/TJ1Qr7
Frf3HA7zHMEmIJjahJ1dHndjydR7fjGE58JvoHF7P9XgTyBTnAeRV4DuuZ7F0+RT
taOrKhWbUtJhe3dQ1YsI3rBZqm9sgXFi60HVNv2MGrw4RXOPhgCn9LuVzbyjB2up
U73hO1FiMUL8SUBGgzXuwwHVBLaQTtAMQhnworzC//zEBG9916NkOPxCFSBpAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUXagTXS6bo7lUSlh3jmRUYzfr218wHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjmw
AwQCLYzsAwQBwQDqAwQAwaHOAwQC1FDAMA0GCSqGSIb3DQEBCwUAA4IBAQAseLvo
LfcUBUXmFUelhcfg2MC026px0RFhoZzg3cVAuGxqO4Jxe7RfwWeT2Ml1n2zQHDyP
UtKdJBaeO/+A2/5c3hQnBFJcV93eHBVOOhe2SCgEqz9M5y9ZU2zidFgURQEUNh6w
R9MDoCigmtFhmSx7p9QGGloUdvFHRWrw4WdhEOp+HcYdlNcaBFI614jLTZnZUwaQ
a0tCqQV8r7yJY6Gplp8dqNMzl64fnst151up+0BIvCwYB8idjSFZ9oU+BkPvaGIp
CP9+7UPPNU0G7qQlUU1eLvo9D2eRLOgC6IQwtAN8JItC7wJeeMqkrp9oGTww98sm
kcrHT5C4hkS7Pxui
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:09:00 2025 by rpki-client