Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: gW6nr8NEKrAtZlqjwmdKqC8zibYAVL8yJ6Ol5LfzZek=
Subject key identifier: C8:98:38:29:A9:33:47:E8:21:25:4A:18:BB:84:E5:9A:D9:64:C3:99
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 59329A1F4073D2C4CC0D0756BD91873EF6459B3A
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
Signing time: Sat 15 Mar 2025 03:11:18 +0000
ROA not before: Sat 15 Mar 2025 03:06:18 +0000
ROA not after: Sat 14 Mar 2026 03:11:18 +0000
asID: 16509
IP address blocks: 141.11.12.0/22 maxlen: 24
141.11.112.0/24 maxlen: 24
194.60.94.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:32:9a:1f:40:73:d2:c4:cc:0d:07:56:bd:91:87:3e:f6:45:9b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Mar 15 03:06:18 2025 GMT
Not After : Mar 14 03:11:18 2026 GMT
Subject: CN=C8983829A93347E821254A18BB84E59AD964C399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2f:c6:5b:0a:3f:a9:72:97:d8:1c:78:69:61:
6d:47:d0:32:36:bd:9d:f0:be:5c:4a:7e:f4:92:e7:
13:a8:a8:87:31:7d:9c:c0:7f:ff:89:7d:4d:88:fc:
6a:43:a3:05:9c:11:d9:ac:a4:3d:ce:f9:ff:cb:af:
b1:d1:3c:ee:8c:23:a4:cf:2c:1a:45:e6:00:f7:dc:
7f:1b:6c:c3:16:bd:1f:a2:42:05:fc:ec:e2:14:d8:
28:c8:57:26:71:22:a6:07:e6:cd:1a:30:9f:4a:d9:
df:a7:34:75:36:f8:d9:2d:7a:8b:58:3e:80:30:3d:
fb:50:a7:a6:14:d5:f6:07:5c:49:b4:a6:62:64:33:
1b:e0:03:a9:d5:2d:f5:47:89:d3:e4:40:a4:6f:2b:
5a:22:53:cb:bd:34:fe:72:6c:17:7f:7c:2e:4d:a5:
d1:29:90:d4:5e:1d:a7:55:10:4d:d4:0d:99:8a:34:
60:b6:62:0d:75:b0:7f:b5:4e:b6:18:d5:31:2c:4c:
52:95:9f:07:a6:6e:18:b8:dd:1e:69:a5:0e:85:c8:
eb:cf:5c:98:31:14:42:92:80:59:57:7a:ba:2d:13:
6e:20:fc:d1:8e:9f:35:24:71:8b:24:2f:57:7e:cd:
7d:01:7c:af:b4:00:ec:67:26:80:29:f3:fe:25:d2:
7e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:98:38:29:A9:33:47:E8:21:25:4A:18:BB:84:E5:9A:D9:64:C3:99
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.12.0/22
141.11.112.0/24
194.60.94.0/24
Signature Algorithm: sha256WithRSAEncryption
60:41:ce:e1:ad:70:37:3f:24:75:95:27:3c:cd:fc:69:32:91:
6f:59:9f:74:81:e3:ca:bb:0a:b3:c0:34:d7:8e:3b:0b:27:a6:
21:eb:13:6d:6e:94:53:b2:97:e9:4d:36:f5:f1:b6:ce:bd:9f:
15:f7:95:5c:32:d4:35:44:94:52:7b:a6:86:2f:00:7b:1c:31:
9a:aa:54:b0:d5:75:5c:60:d0:bf:8d:55:07:62:98:61:6f:3e:
7d:70:f1:8c:05:7b:2d:1e:19:a6:87:fd:34:cf:26:0f:f4:1d:
25:48:b8:0e:64:73:b7:d1:d5:1a:db:1c:3c:4a:0c:e0:8a:ca:
61:44:c8:dd:f3:12:a5:d0:3f:aa:4d:ad:36:96:e1:1b:ff:54:
2f:72:7d:9a:13:aa:1f:6a:33:c2:87:42:b6:06:7f:ea:fc:e2:
72:eb:d0:7e:aa:23:e2:80:3d:b3:f8:ec:17:85:80:10:d7:56:
03:42:dd:97:7c:9f:15:fb:f8:c8:f9:11:84:52:25:e4:22:9c:
82:06:c1:9f:48:bc:86:27:27:f6:a4:2b:5e:1b:e5:67:ca:9c:
17:fd:c7:7d:cd:c0:48:1f:e0:eb:7e:88:ef:b9:ae:b4:fb:7f:
d8:db:db:b7:e0:b2:03:aa:90:15:52:4c:53:f8:72:81:40:92:
da:3c:48:d6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUWTKaH0Bz0sTMDQdWvZGHPvZFmzowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTAzMTUwMzA2MThaFw0yNjAzMTQwMzExMThaMDMxMTAvBgNV
BAMTKEM4OTgzODI5QTkzMzQ3RTgyMTI1NEExOEJCODRFNTlBRDk2NEMzOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGL8ZbCj+pcpfYHHhpYW1H0DI2
vZ3wvlxKfvSS5xOoqIcxfZzAf/+JfU2I/GpDowWcEdmspD3O+f/Lr7HRPO6MI6TP
LBpF5gD33H8bbMMWvR+iQgX87OIU2CjIVyZxIqYH5s0aMJ9K2d+nNHU2+NkteotY
PoAwPftQp6YU1fYHXEm0pmJkMxvgA6nVLfVHidPkQKRvK1oiU8u9NP5ybBd/fC5N
pdEpkNReHadVEE3UDZmKNGC2Yg11sH+1TrYY1TEsTFKVnwembhi43R5ppQ6FyOvP
XJgxFEKSgFlXerotE24g/NGOnzUkcYskL1d+zX0BfK+0AOxnJoAp8/4l0n63AgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUyJg4KakzR+ghJUoYu4Tlmtlkw5kwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAKNCwwD
BACNC3ADBADCPF4wDQYJKoZIhvcNAQELBQADggEBAGBBzuGtcDc/JHWVJzzN/Gky
kW9Zn3SB48q7CrPANNeOOwsnpiHrE21ulFOyl+lNNvXxts69nxX3lVwy1DVElFJ7
poYvAHscMZqqVLDVdVxg0L+NVQdimGFvPn1w8YwFey0eGaaH/TTPJg/0HSVIuA5k
c7fR1RrbHDxKDOCKymFEyN3zEqXQP6pNrTaW4Rv/VC9yfZoTqh9qM8KHQrYGf+r8
4nLr0H6qI+KAPbP47BeFgBDXVgNC3Zd8nxX7+Mj5EYRSJeQinIIGwZ9IvIYnJ/ak
K14b5WfKnBf9x33NwEgf4Ot+iO+5rrT7f9jb27fgsgOqkBVSTFP4coFAkto8SNY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:50 2025 by rpki-client