Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS395839.roa
File: AS395839.roa (raw, json)
Hash identifier: QsLI/ggixzWGIH9USiz62Rfs1b7v3MARtUGhMJ6wqvY=
Subject key identifier: 61:C8:47:9F:1F:85:82:11:33:C3:DA:41:5E:B6:58:AF:7A:DD:8E:99
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 32837F62625404B3D0C66823B36CD5A97BA0A5FD
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS395839.roa
Signing time: Mon 07 Apr 2025 00:54:00 +0000
ROA not before: Mon 07 Apr 2025 00:49:00 +0000
ROA not after: Mon 06 Apr 2026 00:54:00 +0000
asID: 395839
IP address blocks: 191.96.148.0/24 maxlen: 24
191.96.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:83:7f:62:62:54:04:b3:d0:c6:68:23:b3:6c:d5:a9:7b:a0:a5:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 7 00:49:00 2025 GMT
Not After : Apr 6 00:54:00 2026 GMT
Subject: CN=61C8479F1F85821133C3DA415EB658AF7ADD8E99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:47:25:cc:2f:5e:4b:33:54:e2:37:06:07:45:
71:2f:bf:8e:c4:1a:cc:8e:42:18:d9:a5:64:9f:d8:
37:c1:ac:0c:5f:3f:6e:1e:90:59:35:1b:4a:0f:05:
13:32:0c:41:49:d8:30:76:08:47:47:d7:95:0c:38:
f7:3a:a5:ea:42:2c:c0:be:d1:52:d3:80:6b:52:86:
b2:a5:bb:4c:37:37:b0:b4:14:e4:f2:4e:5a:b4:c1:
3a:02:d6:08:ed:f8:16:f8:1b:6b:ba:28:94:9f:ec:
57:cf:30:19:1c:47:1c:f7:21:1b:67:41:d8:ff:0d:
2e:b5:ff:a2:de:4d:ba:ae:11:0f:9a:56:4f:36:2b:
ca:0f:32:5c:4f:bb:6f:97:6f:9a:d2:ee:d3:a4:58:
74:73:c0:fa:2c:06:06:2a:1e:e2:5e:2f:bf:8a:3a:
52:cf:33:5a:6d:95:a4:23:13:0a:22:99:ee:d2:76:
22:95:e4:65:3c:84:60:a1:b5:88:8e:02:6d:b5:e9:
93:9c:79:27:81:7e:a8:c8:ec:36:ea:66:02:d7:06:
52:64:2c:9c:d3:42:f8:a1:df:fa:5c:34:b6:89:e5:
7d:77:df:7a:fc:c3:48:8b:98:c6:8c:7b:00:86:68:
2a:74:f5:20:03:fa:56:c8:92:f1:4f:61:81:6e:5c:
dd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C8:47:9F:1F:85:82:11:33:C3:DA:41:5E:B6:58:AF:7A:DD:8E:99
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS395839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
191.96.148.0/24
191.96.226.0/24
Signature Algorithm: sha256WithRSAEncryption
32:ab:a7:96:88:0a:e6:9d:4b:0b:0d:62:23:2a:77:19:bc:3f:
39:03:77:74:2f:46:d6:b0:50:47:9c:c1:80:fa:14:58:ea:d9:
10:64:d9:01:4c:36:2a:13:0f:f1:37:4b:2c:70:60:bf:33:72:
4f:fd:35:0e:8f:e4:e7:c1:33:90:7b:b0:63:67:5b:fc:68:03:
bc:56:9d:23:c5:a9:e1:80:35:f8:a6:d6:19:7c:7a:4e:3f:92:
1d:3a:a0:70:97:d4:c7:ea:6f:3b:48:ec:59:9c:66:2d:b4:42:
09:f4:7b:82:6d:b1:d4:ea:e4:06:b7:c6:28:86:e9:50:d2:d5:
03:18:23:dc:3c:31:65:e7:a2:61:75:b9:17:d1:e9:e1:72:a4:
0f:2b:c5:89:e4:3f:f4:a0:ae:a6:e5:52:ca:0c:a5:f8:35:bd:
84:f8:1c:eb:f6:28:97:1e:88:6c:21:12:87:25:2f:d8:12:96:
4b:06:54:99:56:ee:b1:8f:49:a3:d4:30:bc:3a:a5:2b:59:4b:
c9:04:eb:45:4f:55:be:d4:a9:e8:25:25:44:c6:4d:33:a7:3e:
c5:c5:97:78:59:52:64:e3:13:26:7f:cf:03:3d:f8:a5:22:44:
3d:4f:7e:65:26:eb:da:73:2b:b1:da:71:d8:84:7b:0b:38:dc:
51:f5:af:13
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUMoN/YmJUBLPQxmgjs2zVqXugpf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MDcwMDQ5MDBaFw0yNjA0MDYwMDU0MDBaMDMxMTAvBgNV
BAMTKDYxQzg0NzlGMUY4NTgyMTEzM0MzREE0MTVFQjY1OEFGN0FERDhFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGRyXML15LM1TiNwYHRXEvv47E
GsyOQhjZpWSf2DfBrAxfP24ekFk1G0oPBRMyDEFJ2DB2CEdH15UMOPc6pepCLMC+
0VLTgGtShrKlu0w3N7C0FOTyTlq0wToC1gjt+Bb4G2u6KJSf7FfPMBkcRxz3IRtn
Qdj/DS61/6LeTbquEQ+aVk82K8oPMlxPu2+Xb5rS7tOkWHRzwPosBgYqHuJeL7+K
OlLPM1ptlaQjEwoime7SdiKV5GU8hGChtYiOAm216ZOceSeBfqjI7DbqZgLXBlJk
LJzTQvih3/pcNLaJ5X1333r8w0iLmMaMewCGaCp09SAD+lbIkvFPYYFuXN3ZAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUYchHnx+FghEzw9pBXrZYr3rdjpkwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk1ODM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAv2CU
AwQAv2DiMA0GCSqGSIb3DQEBCwUAA4IBAQAyq6eWiArmnUsLDWIjKncZvD85A3d0
L0bWsFBHnMGA+hRY6tkQZNkBTDYqEw/xN0sscGC/M3JP/TUOj+TnwTOQe7BjZ1v8
aAO8Vp0jxanhgDX4ptYZfHpOP5IdOqBwl9TH6m87SOxZnGYttEIJ9HuCbbHU6uQG
t8YohulQ0tUDGCPcPDFl56JhdbkX0enhcqQPK8WJ5D/0oK6m5VLKDKX4Nb2E+Bzr
9iiXHohsIRKHJS/YEpZLBlSZVu6xj0mj1DC8OqUrWUvJBOtFT1W+1KnoJSVExk0z
pz7FxZd4WVJk4xMmf88DPfilIkQ9T35lJuvacyux2nHYhHsLONxR9a8T
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:26 2025 by rpki-client on console.sobornost.net