Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
File: AS400040.roa (raw, json)
Hash identifier: fT/XGOHiiUGAaqFac4j6PdmMh+L6HLNsEJSYADy8EBM=
Subject key identifier: EA:06:09:7D:F3:9D:97:F2:3A:93:16:BF:B1:62:29:A7:37:A0:92:65
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 414EC2262634596006E4A5C6C399E4363869BA74
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
Signing time: Wed 02 Apr 2025 00:54:00 +0000
ROA not before: Wed 02 Apr 2025 00:49:00 +0000
ROA not after: Wed 01 Apr 2026 00:54:00 +0000
asID: 400040
IP address blocks: 181.214.84.0/24 maxlen: 24
181.215.198.0/24 maxlen: 24
191.96.61.0/24 maxlen: 24
191.96.223.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:4e:c2:26:26:34:59:60:06:e4:a5:c6:c3:99:e4:36:38:69:ba:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 2 00:49:00 2025 GMT
Not After : Apr 1 00:54:00 2026 GMT
Subject: CN=EA06097DF39D97F23A9316BFB16229A737A09265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2b:37:01:05:43:fe:56:0a:a3:48:0d:dd:4b:
ca:b8:b6:ae:d2:e7:4f:a2:83:f7:fd:4d:ad:d6:50:
7f:97:92:84:26:28:9f:3e:72:e8:53:90:a0:95:97:
5a:70:a2:35:a1:00:10:78:29:35:94:80:43:22:40:
f6:69:ca:25:a6:18:f5:62:59:05:cb:ef:79:fe:96:
a7:f0:12:44:9e:a6:5a:5f:e1:81:37:69:d7:59:8c:
9b:af:6e:90:96:ec:c3:49:6b:d3:58:0a:14:2e:1e:
74:b6:b2:e8:16:7c:1f:ef:f8:04:04:e4:7e:04:b2:
7d:5c:fd:dc:53:4a:cd:e0:f2:da:a2:2b:ed:7d:8e:
5d:09:1d:20:ad:83:34:06:8d:a5:b9:7c:45:13:ff:
6f:ad:7d:da:8a:87:de:25:e4:53:69:72:89:5b:b2:
31:b4:a0:18:cc:d5:fd:d8:b8:0c:ab:a5:84:60:0e:
ff:20:43:fd:43:dc:da:35:53:ff:a2:c3:80:fe:b5:
ea:70:29:ae:93:b5:76:0f:2e:f7:73:03:08:c7:4a:
dc:1f:ca:92:6e:0f:0a:f9:24:84:2c:0b:3b:7d:09:
0f:50:64:e3:d1:3e:2f:a7:fe:db:95:a2:6d:8f:bc:
af:59:61:cb:4c:64:4f:9d:e8:11:d5:59:af:06:38:
cd:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:06:09:7D:F3:9D:97:F2:3A:93:16:BF:B1:62:29:A7:37:A0:92:65
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400040.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.214.84.0/24
181.215.198.0/24
191.96.61.0/24
191.96.223.0/24
Signature Algorithm: sha256WithRSAEncryption
13:97:f7:8f:f8:30:87:b2:95:41:41:52:36:a6:53:78:37:c8:
7c:23:74:f1:80:88:9a:e4:54:92:85:d1:fc:a9:a0:5e:fc:5d:
e3:e3:9a:82:42:16:a1:6e:54:4d:15:58:54:9e:de:05:9c:1d:
c1:c7:6b:6c:dd:d9:d2:cd:40:87:91:fe:99:ca:44:9e:c1:95:
be:01:f0:73:04:e3:86:66:64:89:58:c7:a1:86:c4:21:a7:b8:
b2:a1:f8:b5:94:7a:2f:fb:ff:2f:b5:f3:95:38:a7:1d:c8:02:
33:ae:f3:55:c2:f9:28:ed:5e:de:24:30:8c:29:46:df:b5:59:
55:2b:b0:62:2a:d3:80:da:d6:b1:52:c2:1f:f2:3b:0a:bc:ab:
19:2a:0b:fd:6d:1f:ef:f7:e8:ff:31:bc:72:ce:58:5b:65:9b:
00:52:3d:c4:b4:63:c0:4b:9e:47:91:4f:e5:d3:8b:89:12:2a:
90:7c:c1:aa:34:30:29:06:15:96:dd:79:96:52:2e:7e:ec:c3:
c8:9a:97:e2:97:b6:88:1a:bd:49:a6:35:7f:94:e5:2a:1a:90:
e9:d3:4d:e6:74:9c:33:ec:dc:11:0b:55:29:e8:30:77:be:49:
c8:2b:55:7d:51:59:12:7b:3f:ab:d1:4a:17:e5:0c:18:b5:5d:
6d:8c:00:64
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUQU7CJiY0WWAG5KXGw5nkNjhpunQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MDIwMDQ5MDBaFw0yNjA0MDEwMDU0MDBaMDMxMTAvBgNV
BAMTKEVBMDYwOTdERjM5RDk3RjIzQTkzMTZCRkIxNjIyOUE3MzdBMDkyNjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmKzcBBUP+VgqjSA3dS8q4tq7S
50+ig/f9Ta3WUH+XkoQmKJ8+cuhTkKCVl1pwojWhABB4KTWUgEMiQPZpyiWmGPVi
WQXL73n+lqfwEkSeplpf4YE3addZjJuvbpCW7MNJa9NYChQuHnS2sugWfB/v+AQE
5H4Esn1c/dxTSs3g8tqiK+19jl0JHSCtgzQGjaW5fEUT/2+tfdqKh94l5FNpcolb
sjG0oBjM1f3YuAyrpYRgDv8gQ/1D3No1U/+iw4D+tepwKa6TtXYPLvdzAwjHStwf
ypJuDwr5JIQsCzt9CQ9QZOPRPi+n/tuVom2PvK9ZYctMZE+d6BHVWa8GOM2dAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQU6gYJffOdl/I6kxa/sWIppzegkmUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDQwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAtdZU
AwQAtdfGAwQAv2A9AwQAv2DfMA0GCSqGSIb3DQEBCwUAA4IBAQATl/eP+DCHspVB
QVI2plN4N8h8I3TxgIia5FSShdH8qaBe/F3j45qCQhahblRNFVhUnt4FnB3Bx2ts
3dnSzUCHkf6ZykSewZW+AfBzBOOGZmSJWMehhsQhp7iyofi1lHov+/8vtfOVOKcd
yAIzrvNVwvko7V7eJDCMKUbftVlVK7BiKtOA2taxUsIf8jsKvKsZKgv9bR/v9+j/
MbxyzlhbZZsAUj3EtGPAS55HkU/l04uJEiqQfMGqNDApBhWW3XmWUi5+7MPImpfi
l7aIGr1JpjV/lOUqGpDp003mdJwz7NwRC1Up6DB3vknIK1V9UVkSez+r0UoX5QwY
tV1tjABk
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:27 2025 by rpki-client on console.sobornost.net