Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS138156.roa
File: AS138156.roa (raw, json)
Hash identifier: pmqwaj9IMcl5cgxPOgo3/O8sEDwcESFVVKa2JET5hxQ=
Subject key identifier: 16:AE:9A:EE:80:F0:26:26:41:2D:CD:9C:A8:E5:EF:E8:30:03:FD:36
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 631BA4F87E66224F5DFCAD683AF5B913851EF4CA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS138156.roa
Signing time: Tue 14 Jan 2025 10:53:51 +0000
ROA not before: Tue 14 Jan 2025 10:48:51 +0000
ROA not after: Tue 13 Jan 2026 10:53:51 +0000
asID: 138156
IP address blocks: 141.11.156.0/24 maxlen: 24
141.11.157.0/24 maxlen: 24
141.11.158.0/24 maxlen: 24
141.11.159.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:1b:a4:f8:7e:66:22:4f:5d:fc:ad:68:3a:f5:b9:13:85:1e:f4:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Jan 14 10:48:51 2025 GMT
Not After : Jan 13 10:53:51 2026 GMT
Subject: CN=16AE9AEE80F02626412DCD9CA8E5EFE83003FD36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ce:7f:9a:5f:97:69:1b:57:7b:ee:a1:0d:8e:
bb:88:8d:0e:ce:06:fc:ac:33:70:5b:9d:4c:45:86:
5a:e8:53:15:1a:10:ca:7f:91:9b:ca:ab:8f:0f:1f:
b4:f1:b7:97:61:fe:5d:bc:2d:f9:d7:e4:2c:24:7c:
8c:2e:fe:69:4c:e6:b3:66:08:d0:56:09:56:7c:6d:
68:2c:4e:0d:b2:79:e4:3a:3f:71:0d:01:7e:e2:75:
f0:05:21:88:08:2b:60:cc:2c:70:1e:9d:31:a2:c0:
3e:8b:6d:6e:c2:ef:f5:25:41:b2:61:b8:b6:d2:d5:
91:a6:51:af:88:1c:1b:d5:93:cb:1e:e3:7a:9f:c1:
70:f6:ea:0b:af:44:a1:0a:20:ce:e5:40:b7:5d:da:
2a:de:8a:06:c9:70:84:68:da:9d:f4:3f:85:f9:d5:
59:17:21:3a:c3:89:6c:04:ce:cb:7d:e9:e9:43:a4:
ac:e2:e5:2c:e8:5a:ba:0d:e8:ad:09:75:53:89:48:
76:aa:22:cc:d4:91:a2:47:d4:0a:d0:53:ac:4b:75:
8e:cc:8a:ff:11:81:2d:8e:70:b8:88:e1:00:7c:f6:
9a:dd:05:6e:a1:29:8c:6b:85:5f:c1:f1:0f:c0:4f:
dd:c8:ac:e3:bd:d3:39:53:f4:83:0e:b3:e3:57:5c:
b4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:AE:9A:EE:80:F0:26:26:41:2D:CD:9C:A8:E5:EF:E8:30:03:FD:36
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS138156.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.156.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:6c:d2:4e:a0:c1:f6:d2:ef:b1:86:90:87:59:eb:42:b9:6a:
ca:4a:7a:cb:28:d9:d5:12:30:8a:f1:02:83:1c:6d:49:e8:25:
89:3f:d6:1c:fe:a6:5c:9f:a9:56:a6:0b:82:cd:76:63:7c:50:
f3:9d:98:fd:79:99:81:9e:08:3a:b5:56:74:cf:28:f1:02:7a:
29:4b:22:49:e5:af:d7:65:ad:93:0a:27:b3:5a:b8:69:3d:67:
0c:b1:87:83:7d:0b:03:42:19:a7:13:4d:2f:24:8d:32:c6:90:
0c:16:41:50:6b:c4:de:77:7d:51:d1:b3:be:3c:6e:5c:75:f1:
21:b3:38:96:7b:62:81:16:67:ec:ed:01:fd:bc:28:4b:1d:b6:
87:02:da:cb:da:72:f9:4f:1e:9d:63:ed:6d:77:16:b9:6a:89:
e5:a3:d8:32:ef:2f:bd:ae:1d:12:cf:a7:3f:e6:cf:8d:fe:4c:
ca:b4:44:32:ca:21:4d:8e:b5:b6:36:54:91:2d:ee:38:d3:d0:
77:7a:a9:3b:5a:56:bb:31:1e:e5:b6:3e:9f:3f:3a:d9:54:40:
07:5e:35:fb:a4:fc:8e:db:37:74:b5:ca:35:72:af:1c:e9:64:
74:65:fe:22:20:f5:4e:66:d7:5f:e8:25:9a:2e:c6:65:e4:ae:
1f:29:75:c2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUYxuk+H5mIk9d/K1oOvW5E4Ue9MowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAxMTQxMDQ4NTFaFw0yNjAxMTMxMDUzNTFaMDMxMTAvBgNV
BAMTKDE2QUU5QUVFODBGMDI2MjY0MTJEQ0Q5Q0E4RTVFRkU4MzAwM0ZEMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYzn+aX5dpG1d77qENjruIjQ7O
BvysM3BbnUxFhlroUxUaEMp/kZvKq48PH7Txt5dh/l28LfnX5CwkfIwu/mlM5rNm
CNBWCVZ8bWgsTg2yeeQ6P3ENAX7idfAFIYgIK2DMLHAenTGiwD6LbW7C7/UlQbJh
uLbS1ZGmUa+IHBvVk8se43qfwXD26guvRKEKIM7lQLdd2ireigbJcIRo2p30P4X5
1VkXITrDiWwEzst96elDpKzi5SzoWroN6K0JdVOJSHaqIszUkaJH1ArQU6xLdY7M
iv8RgS2OcLiI4QB89prdBW6hKYxrhV/B8Q/AT93IrOO90zlT9IMOs+NXXLQ3AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUFq6a7oDwJiZBLc2cqOXv6DAD/TYwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTM4MTU2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjQuc
MA0GCSqGSIb3DQEBCwUAA4IBAQCpbNJOoMH20u+xhpCHWetCuWrKSnrLKNnVEjCK
8QKDHG1J6CWJP9Yc/qZcn6lWpguCzXZjfFDznZj9eZmBngg6tVZ0zyjxAnopSyJJ
5a/XZa2TCiezWrhpPWcMsYeDfQsDQhmnE00vJI0yxpAMFkFQa8Ted31R0bO+PG5c
dfEhsziWe2KBFmfs7QH9vChLHbaHAtrL2nL5Tx6dY+1tdxa5aonlo9gy7y+9rh0S
z6c/5s+N/kzKtEQyyiFNjrW2NlSRLe4409B3eqk7Wla7MR7ltj6fPzrZVEAHXjX7
pPyO2zd0tco1cq8c6WR0Zf4iIPVOZtdf6CWaLsZl5K4fKXXC
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:48 2025 by rpki-client