Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60781.roa
File: AS60781.roa (raw, json)
Hash identifier: YDBk2rWtIQmwyYYuFWnhI4On1kWcQov6+qYQBNGQMA0=
Subject key identifier: 0C:69:AC:1E:BB:E6:97:60:03:52:63:E3:AA:B5:A7:4E:14:58:6E:CF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 25A9DCBFA91BB5354750134DCEAB484A0E7C38F1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60781.roa
Signing time: Thu 19 Dec 2024 13:46:09 +0000
ROA not before: Thu 19 Dec 2024 13:41:09 +0000
ROA not after: Thu 18 Dec 2025 13:46:09 +0000
asID: 60781
IP address blocks: 140.233.166.0/24 maxlen: 24
145.223.42.0/24 maxlen: 24
145.223.45.0/24 maxlen: 24
145.223.51.0/24 maxlen: 24
145.223.53.0/24 maxlen: 24
145.223.57.0/24 maxlen: 24
145.223.59.0/24 maxlen: 24
145.223.61.0/24 maxlen: 24
146.103.1.0/24 maxlen: 24
146.103.6.0/24 maxlen: 24
148.135.160.0/22 maxlen: 22
148.135.177.0/24 maxlen: 24
148.135.184.0/22 maxlen: 22
148.135.188.0/24 maxlen: 24
148.135.192.0/22 maxlen: 22
148.135.196.0/22 maxlen: 22
148.135.200.0/22 maxlen: 22
148.135.204.0/22 maxlen: 22
148.135.208.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:a9:dc:bf:a9:1b:b5:35:47:50:13:4d:ce:ab:48:4a:0e:7c:38:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 19 13:41:09 2024 GMT
Not After : Dec 18 13:46:09 2025 GMT
Subject: CN=0C69AC1EBBE69760035263E3AAB5A74E14586ECF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9b:25:6b:31:43:0d:b1:4b:6c:67:12:93:51:
c3:06:4e:eb:18:fb:15:c4:65:4a:37:fe:34:6b:48:
ca:34:50:82:bf:de:c9:ab:0a:c0:96:2d:08:b7:49:
db:3e:99:7d:5f:6a:e7:3b:be:71:28:91:05:3f:f0:
99:cf:d3:2c:e4:9e:36:f4:5b:04:3e:ec:f3:f4:05:
8a:d6:e7:46:29:75:d1:39:04:d0:8c:64:c1:a2:b2:
09:7c:e5:63:68:0c:ec:0a:f7:44:35:73:f5:30:f5:
30:1b:fc:69:30:a4:2a:68:17:0b:c0:79:c7:81:2e:
0b:c8:94:27:8c:40:62:b0:ae:d2:3e:60:96:59:57:
05:bb:97:af:da:ee:9f:22:81:77:8b:6a:c6:5e:69:
9e:f1:26:54:cb:04:49:2c:a0:03:ca:5c:ae:f0:7f:
c1:37:46:c2:48:16:59:9a:2e:69:ef:b2:1a:6f:16:
8d:c4:2f:5c:41:5c:69:4d:ff:c5:9b:b4:1a:9d:03:
39:a7:9e:e0:77:e4:e0:53:e5:57:bf:84:4f:64:1f:
e2:7f:b2:70:5b:31:cc:fa:c8:bb:fc:f6:31:a4:82:
34:2a:3c:7f:45:69:fc:2b:35:74:d9:50:07:50:51:
44:32:61:14:39:46:11:7c:79:0e:c2:bf:f8:c1:ae:
83:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:69:AC:1E:BB:E6:97:60:03:52:63:E3:AA:B5:A7:4E:14:58:6E:CF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS60781.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.166.0/24
145.223.42.0/24
145.223.45.0/24
145.223.51.0/24
145.223.53.0/24
145.223.57.0/24
145.223.59.0/24
145.223.61.0/24
146.103.1.0/24
146.103.6.0/24
148.135.160.0/22
148.135.177.0/24
148.135.184.0-148.135.188.255
148.135.192.0-148.135.211.255
Signature Algorithm: sha256WithRSAEncryption
75:ee:ed:87:fe:11:28:50:a0:78:3a:10:ea:a9:ab:06:e5:e8:
9e:f3:21:0d:d6:9b:db:b5:de:a5:67:56:77:19:ee:76:61:13:
8d:22:1f:bf:b8:fa:33:51:d4:90:1b:80:37:87:5c:5b:43:49:
11:9d:82:e7:a2:d7:af:7f:69:3f:4d:4c:88:e0:0a:4a:14:3d:
68:d9:99:e1:96:9c:a5:db:09:32:ae:7f:b5:74:18:fa:10:cb:
55:ec:a9:ee:1d:fc:6d:8e:49:d4:6e:cb:11:42:5b:0a:61:47:
db:23:8b:b1:d7:64:a2:d5:57:bb:0d:4c:88:01:d5:b8:0a:43:
e8:e5:54:9d:28:31:a6:fb:d5:5a:cd:0d:c2:f0:2d:48:29:19:
a8:95:f0:b5:80:1b:1e:97:e9:bd:e8:b1:e7:8a:be:1a:3c:34:
bb:c8:b3:09:ad:bd:ed:36:1a:34:49:bd:02:c9:a7:c0:40:6c:
a2:e0:e5:5c:b2:c6:1c:97:84:4b:e9:73:b6:37:3f:f0:6f:aa:
52:51:24:d2:5e:2f:98:59:35:57:72:34:51:ac:e0:39:32:71:
dc:ae:28:e7:11:6f:b8:dd:a4:ab:84:b0:a8:02:2b:cd:ef:bf:
ff:bc:b6:a6:e0:5a:73:34:5e:ea:f1:06:83:12:a5:9b:69:9f:
f3:16:b1:49
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJancv6kbtTVHUBNNzqtISg58OPEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMTkxMzQxMDlaFw0yNTEyMTgxMzQ2MDlaMDMxMTAvBgNV
BAMTKDBDNjlBQzFFQkJFNjk3NjAwMzUyNjNFM0FBQjVBNzRFMTQ1ODZFQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOmyVrMUMNsUtsZxKTUcMGTusY
+xXEZUo3/jRrSMo0UIK/3smrCsCWLQi3Sds+mX1fauc7vnEokQU/8JnP0yzknjb0
WwQ+7PP0BYrW50YpddE5BNCMZMGisgl85WNoDOwK90Q1c/Uw9TAb/GkwpCpoFwvA
eceBLgvIlCeMQGKwrtI+YJZZVwW7l6/a7p8igXeLasZeaZ7xJlTLBEksoAPKXK7w
f8E3RsJIFlmaLmnvshpvFo3EL1xBXGlN/8WbtBqdAzmnnuB35OBT5Ve/hE9kH+J/
snBbMcz6yLv89jGkgjQqPH9FafwrNXTZUAdQUUQyYRQ5RhF8eQ7Cv/jBroPZAgMB
AAGjggJnMIICYzAdBgNVHQ4EFgQUDGmsHrvml2ADUmPjqrWnThRYbs8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNjA3ODEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwfQYIKwYBBQUHAQcBAf8EbjBsMGoEAgABMGQDBACM6aYD
BACR3yoDBACR3y0DBACR3zMDBACR3zUDBACR3zkDBACR3zsDBACR3z0DBACSZwED
BACSZwYDBAKUh6ADBACUh7EwDAMEA5SHuAMEAJSHvDAMAwQGlIfAAwQClIfQMA0G
CSqGSIb3DQEBCwUAA4IBAQB17u2H/hEoUKB4OhDqqasG5eie8yEN1pvbtd6lZ1Z3
Ge52YRONIh+/uPozUdSQG4A3h1xbQ0kRnYLnotevf2k/TUyI4ApKFD1o2Znhlpyl
2wkyrn+1dBj6EMtV7KnuHfxtjknUbssRQlsKYUfbI4ux12Si1Ve7DUyIAdW4CkPo
5VSdKDGm+9VazQ3C8C1IKRmolfC1gBsel+m96LHnir4aPDS7yLMJrb3tNho0Sb0C
yafAQGyi4OVcssYcl4RL6XO2Nz/wb6pSUSTSXi+YWTVXcjRRrOA5MnHcrijnEW+4
3aSrhLCoAivN77//vLam4FpzNF7q8QaDEqWbaZ/zFrFJ
-----END CERTIFICATE-----
Generated at Fri Apr 25 18:36:45 2025 by rpki-client