Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: MKBqo1Xm8/LaMPpttvwuCiN3aTDkyNByfr8xKvEYFSs=
Subject key identifier: 01:65:A2:15:93:66:F4:49:3C:F1:4E:DF:E8:FA:DB:BD:30:18:B2:A6
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 248CAF8EB9198147AA2ED9001722D6D8BDDCEF11
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Tue 28 Jan 2025 17:35:06 +0000
ROA not before: Tue 28 Jan 2025 17:30:06 +0000
ROA not after: Tue 27 Jan 2026 17:35:06 +0000
asID: 9304
IP address blocks: 96.62.140.0/24 maxlen: 24
96.62.152.0/22 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
96.62.231.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:8c:af:8e:b9:19:81:47:aa:2e:d9:00:17:22:d6:d8:bd:dc:ef:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 28 17:30:06 2025 GMT
Not After : Jan 27 17:35:06 2026 GMT
Subject: CN=0165A2159366F4493CF14EDFE8FADBBD3018B2A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cb:ce:65:31:9d:28:50:f7:ca:a3:f7:b9:49:
c0:78:fd:a4:d2:3d:84:55:0e:df:18:66:25:41:4b:
06:ec:ff:af:85:d4:aa:ff:f9:e4:53:8a:e7:ac:ca:
a9:a3:08:62:77:90:b5:91:28:88:14:54:f0:a0:4e:
03:d1:30:e4:ff:91:fd:45:15:24:90:61:2c:9d:15:
17:55:1f:91:80:b4:ae:e0:a1:0e:99:2f:cc:82:60:
6b:db:ef:e6:ed:3b:ec:b1:7b:ea:ff:39:de:26:68:
72:26:51:2a:86:16:13:30:dc:81:0d:ad:c2:1a:c7:
08:7b:c4:92:03:c7:83:5e:f6:23:ec:5e:5e:26:c9:
32:70:27:e8:f7:49:18:d9:ea:1d:ea:7d:98:a3:75:
74:7d:13:c8:21:01:1c:d2:a7:78:1a:8a:cf:70:40:
a3:6f:f9:f6:34:c7:f6:ab:c0:08:6f:2f:53:42:22:
c3:78:49:eb:b7:d0:72:aa:72:d0:93:22:40:98:23:
40:bf:a9:8d:6e:3d:83:bb:1e:0d:92:0f:4f:8d:7b:
2f:4e:2e:83:dc:39:63:65:5a:b7:06:61:25:20:2e:
52:e3:47:a6:57:af:6e:f4:a9:dd:78:cf:08:d5:03:
ae:78:c7:eb:c1:82:0d:39:20:ef:0e:83:89:52:5f:
a6:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:65:A2:15:93:66:F4:49:3C:F1:4E:DF:E8:FA:DB:BD:30:18:B2:A6
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.140.0/24
96.62.152.0/21
96.62.224.0/24
96.62.231.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:f5:c9:8d:67:2b:72:06:87:6d:86:f4:40:5e:bb:5c:0c:6c:
3d:f0:55:36:7a:0a:5b:f7:e2:ab:9e:a9:ac:dc:ad:09:a5:22:
df:62:dd:b7:0e:a1:e2:a1:92:3c:d5:bf:6b:c4:05:01:b2:6d:
43:98:9f:55:bc:0a:40:78:99:8b:d5:dc:e8:95:ea:00:2c:6e:
4e:9f:e3:92:a5:a0:fb:67:59:6d:cd:f4:53:8a:7b:83:06:2f:
b9:8b:ae:d8:22:fd:f9:41:b5:9e:12:18:63:2e:29:cc:fd:e1:
b1:6e:bf:82:41:b6:3c:8c:08:54:81:63:5d:6d:80:20:6e:01:
0b:df:01:6f:a8:65:09:44:91:a9:79:d1:cb:fc:3f:c5:af:4f:
78:35:28:cd:08:75:e4:7e:03:f9:f2:ec:0e:29:29:15:b3:d8:
bd:70:37:b8:32:df:56:ee:02:6c:8b:ae:52:cf:17:99:4c:31:
c4:79:91:a2:8c:13:51:09:a8:85:21:59:34:07:61:b1:46:4f:
9a:97:83:ed:3f:12:65:b8:8f:52:9d:6b:29:e8:4d:a4:01:b8:
31:6f:38:96:70:0b:00:97:88:2e:14:d7:1d:94:61:b9:b0:91:
8f:3c:59:5f:4a:e9:3d:b5:64:d4:c0:0d:e2:cf:da:99:bf:95:
4e:3b:5f:bc
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUJIyvjrkZgUeqLtkAFyLW2L3c7xEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMjgxNzMwMDZaFw0yNjAxMjcxNzM1MDZaMDMxMTAvBgNV
BAMTKDAxNjVBMjE1OTM2NkY0NDkzQ0YxNEVERkU4RkFEQkJEMzAxOEIyQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjy85lMZ0oUPfKo/e5ScB4/aTS
PYRVDt8YZiVBSwbs/6+F1Kr/+eRTiuesyqmjCGJ3kLWRKIgUVPCgTgPRMOT/kf1F
FSSQYSydFRdVH5GAtK7goQ6ZL8yCYGvb7+btO+yxe+r/Od4maHImUSqGFhMw3IEN
rcIaxwh7xJIDx4Ne9iPsXl4myTJwJ+j3SRjZ6h3qfZijdXR9E8ghARzSp3gais9w
QKNv+fY0x/arwAhvL1NCIsN4Seu30HKqctCTIkCYI0C/qY1uPYO7Hg2SD0+Ney9O
LoPcOWNlWrcGYSUgLlLjR6ZXr270qd14zwjVA654x+vBgg05IO8Og4lSX6YjAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUAWWiFZNm9Ek88U7f6PrbvTAYsqYwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAGA+jAME
A2A+mAMEAGA+4AMEAGA+5zANBgkqhkiG9w0BAQsFAAOCAQEAt/XJjWcrcgaHbYb0
QF67XAxsPfBVNnoKW/fiq56prNytCaUi32Ldtw6h4qGSPNW/a8QFAbJtQ5ifVbwK
QHiZi9Xc6JXqACxuTp/jkqWg+2dZbc30U4p7gwYvuYuu2CL9+UG1nhIYYy4pzP3h
sW6/gkG2PIwIVIFjXW2AIG4BC98Bb6hlCUSRqXnRy/w/xa9PeDUozQh15H4D+fLs
DikpFbPYvXA3uDLfVu4CbIuuUs8XmUwxxHmRoowTUQmohSFZNAdhsUZPmpeD7T8S
ZbiPUp1rKehNpAG4MW84lnALAJeILhTXHZRhubCRjzxZX0rpPbVk1MAN4s/amb+V
TjtfvA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 04:51:10 2025 by rpki-client