Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
File: AS36530.roa (raw, json)
Hash identifier: jdRtaCA+/xam008htlZ6Bo+uFXzqfJoWfglMvE+a/BM=
Subject key identifier: 16:13:B2:62:20:53:2A:13:8C:6D:8E:9F:F1:EF:3F:3B:FD:96:27:B8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 60B91D5D8CDBA9C7A241E993F2F9F52F88566E60
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
Signing time: Thu 16 Jan 2025 09:21:47 +0000
ROA not before: Thu 16 Jan 2025 09:16:47 +0000
ROA not after: Thu 15 Jan 2026 09:21:47 +0000
asID: 36530
IP address blocks: 140.233.185.0/24 maxlen: 24
148.135.172.0/24 maxlen: 24
148.135.173.0/24 maxlen: 24
148.135.174.0/24 maxlen: 24
148.135.175.0/24 maxlen: 24
148.135.180.0/24 maxlen: 24
148.135.181.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:b9:1d:5d:8c:db:a9:c7:a2:41:e9:93:f2:f9:f5:2f:88:56:6e:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 16 09:16:47 2025 GMT
Not After : Jan 15 09:21:47 2026 GMT
Subject: CN=1613B26220532A138C6D8E9FF1EF3F3BFD9627B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:3b:85:75:6b:89:af:d5:2e:e2:fc:08:a9:
95:44:a5:e3:83:c3:04:ba:82:cf:79:6c:b3:88:0e:
a7:58:84:07:01:5b:6a:e7:91:3a:ef:90:0b:77:b9:
73:60:f5:3d:19:e9:b1:30:c8:bf:f8:46:32:99:4d:
79:b9:55:1f:1e:44:16:f5:05:e7:ec:70:4a:f5:a5:
8b:b1:bb:3d:11:e2:20:ce:dc:7a:ea:1c:08:a0:80:
73:e9:6f:66:0f:d6:3e:04:e1:3f:0c:13:dc:22:e9:
cd:99:41:9a:05:c1:48:70:86:dd:0a:93:e2:97:3c:
59:1b:da:97:a6:8a:b2:4b:34:35:96:b7:d1:fa:0d:
c0:1c:6c:37:a8:82:40:a8:1f:ff:89:20:bb:37:22:
eb:d8:90:b2:e1:58:fd:38:a3:d9:c7:00:78:e1:db:
62:08:e9:35:07:86:9e:1a:47:fd:e4:9b:bc:c7:8f:
59:87:9c:89:5f:1f:4a:0f:00:76:b6:6c:da:ed:22:
69:1b:4c:ae:8c:c3:f3:c6:f6:aa:dc:bb:a6:74:5d:
d7:15:91:e6:3f:92:38:72:1e:18:7b:21:e5:e7:48:
a0:97:ef:7a:dc:4d:07:2b:1d:65:30:aa:45:42:b6:
56:42:85:e9:fb:11:55:41:4a:2c:3d:0e:95:b8:d7:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:13:B2:62:20:53:2A:13:8C:6D:8E:9F:F1:EF:3F:3B:FD:96:27:B8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS36530.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.185.0/24
148.135.172.0/22
148.135.180.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:8b:e8:7d:6b:49:18:e6:aa:71:87:a4:1b:55:fa:36:d5:a1:
7c:c8:dc:2a:93:50:19:9d:33:89:65:a8:3e:fc:d9:3d:0d:34:
b4:6d:db:c8:c9:e9:0e:8b:43:a7:9a:3e:55:f6:ee:ad:fe:4d:
1c:ca:73:dc:8a:b2:b9:ca:88:ab:6e:0f:59:b4:df:98:5c:97:
29:5c:16:a6:c8:a3:7e:72:ff:74:7b:7d:eb:ef:17:8b:a4:25:
2a:e7:41:15:9e:46:18:91:96:88:fc:53:f8:ce:ff:71:f6:65:
7b:5e:42:11:24:b9:33:a7:15:18:f2:4b:77:a2:0e:41:c2:9f:
d8:68:fc:c1:ef:eb:1f:03:11:47:4d:c2:26:4e:a9:28:27:15:
07:80:42:84:90:5b:46:8e:95:1d:ca:34:3a:74:8b:e8:04:af:
97:88:a3:35:3f:0a:2d:02:df:38:3c:43:32:d0:d3:a6:70:8d:
a9:8a:55:1f:0d:f8:b4:d7:6a:a8:05:e2:f2:07:39:57:08:7f:
55:e8:32:f2:28:58:88:09:2e:47:29:99:51:92:32:a6:bd:c1:
85:14:80:b2:2e:2b:01:60:a0:8b:f2:b3:54:23:da:60:48:15:
40:54:72:32:b9:95:8f:85:4a:d6:8d:24:3f:92:18:c6:62:ac:
eb:8d:fc:19
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUYLkdXYzbqceiQemT8vn1L4hWbmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMTYwOTE2NDdaFw0yNjAxMTUwOTIxNDdaMDMxMTAvBgNV
BAMTKDE2MTNCMjYyMjA1MzJBMTM4QzZEOEU5RkYxRUYzRjNCRkQ5NjI3QjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/lDuFdWuJr9Uu4vwIqZVEpeOD
wwS6gs95bLOIDqdYhAcBW2rnkTrvkAt3uXNg9T0Z6bEwyL/4RjKZTXm5VR8eRBb1
BefscEr1pYuxuz0R4iDO3HrqHAiggHPpb2YP1j4E4T8ME9wi6c2ZQZoFwUhwht0K
k+KXPFkb2pemirJLNDWWt9H6DcAcbDeogkCoH/+JILs3IuvYkLLhWP04o9nHAHjh
22II6TUHhp4aR/3km7zHj1mHnIlfH0oPAHa2bNrtImkbTK6Mw/PG9qrcu6Z0XdcV
keY/kjhyHhh7IeXnSKCX73rcTQcrHWUwqkVCtlZChen7EVVBSiw9DpW418xzAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUFhOyYiBTKhOMbY6f8e8/O/2WJ7gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzY1MzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACM6bkD
BAKUh6wDBAGUh7QwDQYJKoZIhvcNAQELBQADggEBAK6L6H1rSRjmqnGHpBtV+jbV
oXzI3CqTUBmdM4llqD782T0NNLRt28jJ6Q6LQ6eaPlX27q3+TRzKc9yKsrnKiKtu
D1m035hclylcFqbIo35y/3R7fevvF4ukJSrnQRWeRhiRloj8U/jO/3H2ZXteQhEk
uTOnFRjyS3eiDkHCn9ho/MHv6x8DEUdNwiZOqSgnFQeAQoSQW0aOlR3KNDp0i+gE
r5eIozU/Ci0C3zg8QzLQ06ZwjamKVR8N+LTXaqgF4vIHOVcIf1XoMvIoWIgJLkcp
mVGSMqa9wYUUgLIuKwFgoIvys1Qj2mBIFUBUcjK5lY+FStaNJD+SGMZirOuN/Bk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 01:25:52 2025 by rpki-client