Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204770.roa
File: AS204770.roa (raw, json)
Hash identifier: 7xH1SRjDqNoB5DavCWKOpNoZH0IXO8mr8RwQGvaW9Gk=
Subject key identifier: 00:A8:D3:C1:50:6B:DD:CF:C5:41:6A:08:B5:FA:04:CD:2C:F0:87:1B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5A959F0CF0CDCD49C055D57E64EF02E318EB11FD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204770.roa
Signing time: Mon 03 Feb 2025 13:27:40 +0000
ROA not before: Mon 03 Feb 2025 13:22:40 +0000
ROA not after: Mon 02 Feb 2026 13:27:40 +0000
asID: 204770
IP address blocks: 82.23.0.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:95:9f:0c:f0:cd:cd:49:c0:55:d5:7e:64:ef:02:e3:18:eb:11:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 3 13:22:40 2025 GMT
Not After : Feb 2 13:27:40 2026 GMT
Subject: CN=00A8D3C1506BDDCFC5416A08B5FA04CD2CF0871B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:9c:b1:b3:9a:b2:2f:fc:fe:96:d9:4c:22:
63:91:7c:ec:48:15:87:72:94:0f:42:b7:c7:29:e8:
8f:35:19:72:29:e4:4d:71:d7:5c:33:e1:8a:01:2c:
28:10:60:e0:76:4b:10:51:85:fc:cd:d1:da:85:13:
78:1c:e5:b4:88:c7:a4:48:cc:a3:51:a7:b7:d1:23:
4c:ff:84:8d:a1:b8:ce:db:ac:4a:6b:80:7d:23:36:
23:d1:7a:2b:b5:b0:16:9f:c9:1a:ff:91:7a:48:ae:
f6:a3:45:ec:bd:88:d1:d9:13:24:19:4f:d1:a3:92:
a6:7b:d3:bf:ac:2c:e7:cf:3b:10:25:c0:fa:5c:92:
da:7b:60:47:6d:58:60:69:0a:7f:3e:2e:d6:9f:ce:
2b:f8:bf:a0:72:d7:7b:37:e7:e7:df:a3:e9:86:f4:
f3:25:f2:9a:a1:af:4c:47:75:90:c7:ac:72:60:f0:
12:11:db:af:ed:62:38:8b:c6:26:8b:e4:79:f0:1f:
6e:38:d7:9a:ee:a2:c6:bf:ef:68:6f:3b:b7:23:4b:
93:32:c1:f9:7a:b1:32:90:6b:4e:c1:8a:87:31:0b:
98:2a:ab:f8:a5:8d:17:d5:8b:5c:bc:42:da:dc:ed:
46:00:ab:e4:7e:ad:b4:d7:69:6e:e8:aa:b8:5b:20:
57:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A8:D3:C1:50:6B:DD:CF:C5:41:6A:08:B5:FA:04:CD:2C:F0:87:1B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS204770.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.0.0/23
Signature Algorithm: sha256WithRSAEncryption
29:9f:3a:b1:36:00:af:e3:ea:2c:26:9a:43:65:7d:20:23:6e:
37:2a:48:18:99:87:d5:01:ee:02:f4:06:db:34:4e:8c:74:7b:
44:94:40:ee:45:2f:97:eb:4e:64:43:32:49:68:b9:b0:f9:dc:
1d:9d:88:be:b9:5c:64:e6:93:8b:19:5c:9c:c2:f7:61:65:be:
fe:32:e2:a7:8c:01:2d:72:df:e9:6e:55:c7:47:54:18:14:82:
0f:17:85:06:31:3d:77:25:ac:b5:2d:2f:2d:56:c6:e2:8c:84:
7c:39:97:52:f6:2b:db:09:e0:b0:e3:a0:6e:c1:d7:92:90:96:
7a:1b:28:4b:4b:45:dc:04:4a:4b:48:54:d3:82:3c:ee:8b:ad:
48:9a:6b:35:4d:65:6b:79:a1:c8:70:8e:5e:e0:82:e2:71:50:
77:92:cc:a8:21:ce:e4:8d:36:a2:49:4f:22:26:fc:de:85:08:
c1:06:8d:0f:68:da:9b:a0:f8:fb:57:92:9a:27:b1:0d:c1:a9:
20:a4:b2:20:2a:44:08:58:be:ac:d7:94:ef:e5:3b:48:18:03:
7e:1a:ed:96:e7:3c:20:2b:43:23:45:71:42:be:31:24:50:25:
95:e3:da:a0:23:5f:d8:6d:35:23:d1:9d:98:02:06:7c:d8:28:
6b:49:a8:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUWpWfDPDNzUnAVdV+ZO8C4xjrEf0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDMxMzIyNDBaFw0yNjAyMDIxMzI3NDBaMDMxMTAvBgNV
BAMTKDAwQThEM0MxNTA2QkREQ0ZDNTQxNkEwOEI1RkEwNENEMkNGMDg3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0HZyxs5qyL/z+ltlMImORfOxI
FYdylA9Ct8cp6I81GXIp5E1x11wz4YoBLCgQYOB2SxBRhfzN0dqFE3gc5bSIx6RI
zKNRp7fRI0z/hI2huM7brEprgH0jNiPReiu1sBafyRr/kXpIrvajRey9iNHZEyQZ
T9GjkqZ707+sLOfPOxAlwPpcktp7YEdtWGBpCn8+Ltafziv4v6By13s35+ffo+mG
9PMl8pqhr0xHdZDHrHJg8BIR26/tYjiLxiaL5HnwH24415ruosa/72hvO7cjS5My
wfl6sTKQa07BiocxC5gqq/iljRfVi1y8Qtrc7UYAq+R+rbTXaW7oqrhbIFfXAgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUAKjTwVBr3c/FQWoItfoEzSzwhxswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjA0NzcwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUhcA
MA0GCSqGSIb3DQEBCwUAA4IBAQApnzqxNgCv4+osJppDZX0gI243KkgYmYfVAe4C
9AbbNE6MdHtElEDuRS+X605kQzJJaLmw+dwdnYi+uVxk5pOLGVycwvdhZb7+MuKn
jAEtct/pblXHR1QYFIIPF4UGMT13Jay1LS8tVsbijIR8OZdS9ivbCeCw46BuwdeS
kJZ6GyhLS0XcBEpLSFTTgjzui61Imms1TWVreaHIcI5e4ILicVB3ksyoIc7kjTai
SU8iJvzehQjBBo0PaNqboPj7V5KaJ7ENwakgpLIgKkQIWL6s15Tv5TtIGAN+Gu2W
5zwgK0MjRXFCvjEkUCWV49qgI1/YbTUj0Z2YAgZ82ChrSahh
-----END CERTIFICATE-----
Generated at Sat Mar 8 04:58:42 2025 by rpki-client on console.sobornost.net