Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
File: AS16276.roa (raw, json)
Hash identifier: gSMB7mjMh/8shR2vrf+j46RGI1AVrUi98Mjwa+zuLlU=
Subject key identifier: 45:4A:D2:E9:0D:72:97:5F:85:92:94:46:B6:1E:92:B9:BA:B7:04:97
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3D71DAF774652B6005AB0BCF616F0BAF595AA2D8
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
Signing time: Fri 17 Jan 2025 07:48:26 +0000
ROA not before: Fri 17 Jan 2025 07:43:26 +0000
ROA not after: Fri 16 Jan 2026 07:48:26 +0000
asID: 16276
IP address blocks: 2.57.18.0/24 maxlen: 24
89.19.44.0/24 maxlen: 24
92.242.186.0/24 maxlen: 24
191.96.153.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:71:da:f7:74:65:2b:60:05:ab:0b:cf:61:6f:0b:af:59:5a:a2:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jan 17 07:43:26 2025 GMT
Not After : Jan 16 07:48:26 2026 GMT
Subject: CN=454AD2E90D72975F85929446B61E92B9BAB70497
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:70:2e:8f:4c:f5:63:d1:3d:00:2e:53:00:04:
fd:26:db:97:90:55:ed:7e:a8:3a:89:42:b0:d3:1b:
be:7a:cb:a7:a3:e6:74:aa:a9:37:8d:88:d0:08:5a:
d4:aa:36:27:96:6f:99:c7:76:cf:d3:06:00:09:b8:
71:74:23:51:9d:f3:63:50:90:3b:33:29:a7:de:19:
75:44:bc:1e:84:28:e4:df:a1:2e:23:42:a5:6c:a3:
aa:88:2c:15:b2:a3:f1:22:96:1f:aa:bb:6f:2e:14:
e8:f7:e7:72:b0:ad:d9:01:99:0d:b8:af:35:81:10:
cd:74:13:03:c8:b9:be:1e:75:c8:d6:4b:96:2c:aa:
f7:b3:76:67:df:ae:50:4b:5b:f9:bc:3f:b0:13:ba:
e8:d2:b2:b4:96:51:d8:97:7a:c2:90:49:e8:bf:13:
e9:5c:30:cb:a6:4b:d2:97:61:f3:44:4c:f2:f3:a9:
af:79:0b:95:36:68:d2:f0:27:9a:31:4f:f7:dc:cc:
3d:2f:2b:0f:02:3e:72:e5:35:e1:51:83:ce:ff:d5:
b8:82:35:cd:d2:0e:ba:58:80:37:11:17:0c:79:0c:
89:d9:56:e4:b0:d3:15:a4:06:6b:b4:7d:d9:ac:44:
94:23:ee:2b:5e:a8:ee:81:0c:bd:63:32:a0:c9:9d:
a9:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:4A:D2:E9:0D:72:97:5F:85:92:94:46:B6:1E:92:B9:BA:B7:04:97
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16276.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.18.0/24
89.19.44.0/24
92.242.186.0/24
191.96.153.0/24
191.101.177.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:39:0c:04:65:bd:65:8c:f7:27:0b:39:e5:25:f9:24:ad:9a:
94:41:71:7c:58:dd:89:22:7d:d6:f6:12:62:f8:ac:06:a6:ea:
24:25:d1:91:3e:38:21:b3:5a:36:dd:f9:89:98:91:d1:08:87:
f8:6b:59:72:cd:15:0e:3f:e6:1e:56:d0:50:2f:37:29:39:d1:
00:46:e7:a2:e8:37:49:f8:e2:b2:21:41:4c:8b:e3:11:43:09:
06:00:8b:fa:4e:f5:be:c7:73:af:57:df:4e:80:d0:88:57:18:
f6:f4:31:e8:d8:67:9c:42:92:d3:54:8c:93:59:75:5b:4b:0e:
6a:d1:4b:e9:86:f1:aa:af:87:61:9b:92:70:6b:da:a0:32:96:
2c:71:5d:ad:59:2e:59:16:35:ec:8a:ac:8f:b1:53:3b:94:85:
be:37:c4:08:1f:3b:d1:59:0e:79:3a:66:68:e7:c7:e0:db:7e:
8a:c0:de:7c:58:22:2c:26:b2:e6:21:de:55:1e:5d:5e:f8:32:
e9:06:89:30:1d:e4:17:28:fa:ac:ae:95:31:c7:a9:81:6a:70:
f9:da:4f:2b:50:a3:50:c9:77:51:8d:3a:5c:2b:b6:df:05:62:
ab:93:f5:8f:0e:03:38:fd:e4:55:23:1d:ef:9b:e1:c8:e1:46:
78:92:13:11
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUPXHa93RlK2AFqwvPYW8Lr1laotgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAxMTcwNzQzMjZaFw0yNjAxMTYwNzQ4MjZaMDMxMTAvBgNV
BAMTKDQ1NEFEMkU5MEQ3Mjk3NUY4NTkyOTQ0NkI2MUU5MkI5QkFCNzA0OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHcC6PTPVj0T0ALlMABP0m25eQ
Ve1+qDqJQrDTG756y6ej5nSqqTeNiNAIWtSqNieWb5nHds/TBgAJuHF0I1Gd82NQ
kDszKafeGXVEvB6EKOTfoS4jQqVso6qILBWyo/Eilh+qu28uFOj353KwrdkBmQ24
rzWBEM10EwPIub4edcjWS5YsqvezdmffrlBLW/m8P7ATuujSsrSWUdiXesKQSei/
E+lcMMumS9KXYfNETPLzqa95C5U2aNLwJ5oxT/fczD0vKw8CPnLlNeFRg87/1biC
Nc3SDrpYgDcRFwx5DInZVuSw0xWkBmu0fdmsRJQj7iteqO6BDL1jMqDJnalHAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQURUrS6Q1yl1+FkpRGth6Subq3BJcwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTYyNzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBAACORID
BABZEywDBABc8roDBAC/YJkDBAC/ZbEwDQYJKoZIhvcNAQELBQADggEBALU5DARl
vWWM9ycLOeUl+SStmpRBcXxY3Ykifdb2EmL4rAam6iQl0ZE+OCGzWjbd+YmYkdEI
h/hrWXLNFQ4/5h5W0FAvNyk50QBG56LoN0n44rIhQUyL4xFDCQYAi/pO9b7Hc69X
306A0IhXGPb0MejYZ5xCktNUjJNZdVtLDmrRS+mG8aqvh2GbknBr2qAylixxXa1Z
LlkWNeyKrI+xUzuUhb43xAgfO9FZDnk6Zmjnx+DbforA3nxYIiwmsuYh3lUeXV74
MukGiTAd5Bco+qyulTHHqYFqcPnaTytQo1DJd1GNOlwrtt8FYquT9Y8OAzj95FUj
He+b4cjhRniSExE=
-----END CERTIFICATE-----
Generated at Fri Apr 25 13:41:33 2025 by rpki-client