Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400039.roa
File: AS400039.roa (raw, json)
Hash identifier: 67wNOilNr6UBOIc0V1nzFZxSRFCOJVDOwrXNOOhTUPU=
Subject key identifier: 44:11:9A:6F:C6:C5:03:66:C7:0B:C1:33:43:A7:EC:A4:7E:DA:B0:0C
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 7EFEAE7C1BFBEB4BF72938C5548BB3CB2C2B672F
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400039.roa
Signing time: Fri 31 Jan 2025 00:53:52 +0000
ROA not before: Fri 31 Jan 2025 00:48:52 +0000
ROA not after: Fri 30 Jan 2026 00:53:52 +0000
asID: 400039
IP address blocks: 141.98.156.0/24 maxlen: 24
192.166.83.0/24 maxlen: 24
195.20.105.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:fe:ae:7c:1b:fb:eb:4b:f7:29:38:c5:54:8b:b3:cb:2c:2b:67:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jan 31 00:48:52 2025 GMT
Not After : Jan 30 00:53:52 2026 GMT
Subject: CN=44119A6FC6C50366C70BC13343A7ECA47EDAB00C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e9:8f:fd:de:9a:05:aa:0a:2e:89:0c:c1:bd:
52:62:72:36:ea:7e:09:da:82:6b:69:62:33:bb:88:
9e:6f:46:3c:87:ca:a9:ea:80:9e:ae:e6:9d:f8:ad:
b8:0a:09:55:e3:c7:40:0d:0d:d5:e5:f6:27:ec:fb:
43:ef:a0:16:0d:42:5a:3a:2e:8d:e6:56:fa:00:52:
60:05:e6:81:c1:8e:70:bd:5a:13:de:53:c4:33:0f:
c4:45:47:d2:26:d6:4a:3b:14:77:9a:ec:cf:b5:7e:
d7:f5:8a:bb:fd:73:c6:c2:06:50:73:b1:b0:b6:9f:
26:7e:0a:50:e6:02:4f:0f:96:3e:d6:05:58:0f:ab:
d1:14:cb:a0:3b:f1:a6:92:ed:68:da:77:27:28:46:
c8:a4:62:f3:1f:09:02:e1:cc:bb:05:d2:84:7d:77:
5e:76:29:36:44:a5:7e:25:7b:59:2f:6c:62:fa:29:
67:e0:b1:a9:a7:19:05:ce:3c:52:f9:a7:91:48:21:
25:09:3d:fc:fc:9f:b0:8d:e2:be:6c:74:ee:85:79:
7a:98:92:de:4c:7d:3c:0f:b6:b9:cb:8a:8e:eb:dd:
ea:bc:de:68:e9:7b:3e:48:cf:4d:ce:5d:f4:95:24:
a2:15:c7:97:81:6b:eb:cf:6b:5f:b0:1b:c8:0b:7d:
d1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:11:9A:6F:C6:C5:03:66:C7:0B:C1:33:43:A7:EC:A4:7E:DA:B0:0C
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS400039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.156.0/24
192.166.83.0/24
195.20.105.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:f8:3e:55:ff:2e:c3:48:eb:6b:b7:b3:7e:14:60:14:ab:9e:
6b:63:31:b8:08:48:f1:1c:b7:67:db:ad:4b:09:2d:96:a5:3b:
43:4f:18:6b:b3:45:b9:98:2c:5d:7b:6e:3f:a9:e0:bf:6c:49:
1b:fa:20:2a:53:10:b8:e3:ed:ae:68:e8:eb:c7:48:f3:b5:db:
33:d8:f6:43:fd:c3:fc:39:58:4d:f0:bc:52:cf:01:35:59:7e:
9f:32:f2:27:b9:eb:87:83:c5:61:7c:7c:17:b2:7b:b4:54:10:
c8:22:ce:6a:af:97:f5:df:41:f3:aa:9e:41:e3:c4:26:4e:dd:
d6:3b:d2:93:5b:95:2a:fa:b8:c6:22:93:a5:60:05:44:2f:17:
98:15:43:58:d5:0e:3b:e2:d9:fa:cd:2f:6a:78:86:f7:b2:c1:
1f:dc:58:c1:a5:ed:da:71:62:69:f4:a7:84:33:1d:ff:a4:5e:
20:7e:85:8a:38:dd:0e:14:a9:81:7f:11:67:07:ab:bf:d7:e8:
1a:b8:f3:58:8c:e1:c3:da:00:f3:3f:fd:3a:19:95:d3:9e:c1:
19:70:52:d8:78:f4:72:63:e8:ee:ca:29:c8:69:de:ee:97:be:
7a:18:0f:79:a8:fe:f7:4c:a4:94:cd:62:a3:4e:0a:d6:f9:06:
5b:64:e2:d3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIUfv6ufBv760v3KTjFVIuzyywrZy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTAxMzEwMDQ4NTJaFw0yNjAxMzAwMDUzNTJaMDMxMTAvBgNV
BAMTKDQ0MTE5QTZGQzZDNTAzNjZDNzBCQzEzMzQzQTdFQ0E0N0VEQUIwMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC06Y/93poFqgouiQzBvVJicjbq
fgnagmtpYjO7iJ5vRjyHyqnqgJ6u5p34rbgKCVXjx0ANDdXl9ifs+0PvoBYNQlo6
Lo3mVvoAUmAF5oHBjnC9WhPeU8QzD8RFR9Im1ko7FHea7M+1ftf1irv9c8bCBlBz
sbC2nyZ+ClDmAk8Plj7WBVgPq9EUy6A78aaS7WjadycoRsikYvMfCQLhzLsF0oR9
d152KTZEpX4le1kvbGL6KWfgsamnGQXOPFL5p5FIISUJPfz8n7CN4r5sdO6FeXqY
kt5MfTwPtrnLio7r3eq83mjpez5Iz03OXfSVJKIVx5eBa+vPa1+wG8gLfdFrAgMB
AAGjggIWMIICEjAdBgNVHQ4EFgQURBGab8bFA2bHC8EzQ6fspH7asAwwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTNDAwMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjWKc
AwQAwKZTAwQAwxRpMA0GCSqGSIb3DQEBCwUAA4IBAQB6+D5V/y7DSOtrt7N+FGAU
q55rYzG4CEjxHLdn261LCS2WpTtDTxhrs0W5mCxde24/qeC/bEkb+iAqUxC44+2u
aOjrx0jztdsz2PZD/cP8OVhN8LxSzwE1WX6fMvInueuHg8VhfHwXsnu0VBDIIs5q
r5f130Hzqp5B48QmTt3WO9KTW5Uq+rjGIpOlYAVELxeYFUNY1Q474tn6zS9qeIb3
ssEf3FjBpe3acWJp9KeEMx3/pF4gfoWKON0OFKmBfxFnB6u/1+gauPNYjOHD2gDz
P/06GZXTnsEZcFLYePRyY+juyinIad7ul756GA95qP73TKSUzWKjTgrW+QZbZOLT
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:20:48 2025 by rpki-client