Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
File: AS399486.roa (raw, json)
Hash identifier: wVTg8qxcJfRVT23+rxaBvOqRucvwkvKRdfFhl8iVgiM=
Subject key identifier: 83:1A:0F:F7:B0:2B:6B:9F:6B:93:0B:28:48:4D:E9:88:8F:99:6E:15
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 35A9F49BB1015688C40B55A8647AE4C3EAD07ADA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
Signing time: Wed 11 Dec 2024 21:24:09 +0000
ROA not before: Wed 11 Dec 2024 21:19:09 +0000
ROA not after: Wed 10 Dec 2025 21:24:09 +0000
asID: 399486
IP address blocks: 85.209.176.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:a9:f4:9b:b1:01:56:88:c4:0b:55:a8:64:7a:e4:c3:ea:d0:7a:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 11 21:19:09 2024 GMT
Not After : Dec 10 21:24:09 2025 GMT
Subject: CN=831A0FF7B02B6B9F6B930B28484DE9888F996E15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ac:f7:d2:3b:1e:ea:1f:1b:db:f2:be:7d:ca:
e8:68:30:41:c8:0e:c2:cf:44:63:e9:70:c7:cb:c3:
96:81:5c:83:de:f0:dc:39:e2:53:b8:b6:fd:d9:6e:
ca:72:c1:47:76:db:96:3f:2c:8c:be:07:5d:f6:90:
20:42:1b:66:18:6f:81:69:4d:f8:96:61:69:80:dd:
76:f0:c5:ab:1e:52:e0:a7:bf:c4:9a:e2:01:59:63:
57:2a:b0:2a:84:4a:55:57:99:ba:4a:22:d7:3a:dc:
71:f4:95:70:f3:04:db:94:11:5e:d2:e1:f9:6b:5d:
36:3f:a8:d2:69:d3:ca:6d:9b:7f:7b:34:cc:21:5c:
99:d6:1e:a8:81:fa:97:4a:84:34:4b:09:3e:e9:e0:
1d:f2:55:da:c8:b5:19:fe:74:09:02:4e:9a:8c:81:
e6:ee:0c:73:06:72:18:e0:71:1b:23:c8:71:ed:6d:
76:e6:60:88:7b:2f:76:60:eb:a2:ab:b8:ad:dd:62:
77:c6:30:12:87:87:b6:3f:a2:7a:fa:8e:94:64:70:
c1:82:b2:4f:09:b1:83:e6:10:1b:b6:8d:13:93:dc:
a2:73:49:ae:65:24:d4:54:dc:3e:53:9a:ab:33:1b:
47:a4:75:78:26:e7:07:4b:4f:8b:6d:85:dd:70:b6:
23:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:1A:0F:F7:B0:2B:6B:9F:6B:93:0B:28:48:4D:E9:88:8F:99:6E:15
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS399486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.176.0/24
191.101.148.0/24
Signature Algorithm: sha256WithRSAEncryption
14:7f:ae:75:43:8f:85:77:8c:7a:c4:43:7d:7c:62:08:e0:03:
7f:97:1f:db:b9:4d:cf:4f:d3:9c:02:16:01:62:a2:6f:ae:a6:
e1:28:ee:22:96:be:40:fa:f8:d0:7e:d2:61:3a:6e:ce:7d:ad:
dd:1d:7a:6d:a8:d8:81:a7:04:cb:a4:d2:a9:6e:0a:42:a0:66:
eb:18:01:82:ed:f7:f3:71:15:4b:b3:a4:15:0d:ac:61:83:66:
55:d0:cf:f2:63:14:d6:04:26:d6:14:64:f3:fc:72:c9:aa:05:
86:f1:79:7d:53:72:5e:cc:a6:f4:3a:9d:f2:28:49:92:1d:af:
8b:d8:60:f0:90:23:f8:f4:f0:9e:b3:58:8d:e4:2e:bc:bf:52:
03:56:62:19:1a:59:b8:9c:a7:9f:00:5d:b5:6c:62:83:32:28:
64:ab:a0:8c:27:cd:c0:2a:81:b3:0a:80:cb:77:9a:13:f5:35:
03:0f:2e:af:61:2d:bb:fe:d3:4b:f5:54:81:a0:fb:40:b7:fa:
04:0a:36:5f:11:ce:34:d3:d7:ff:a5:e7:29:85:f9:85:25:5c:
6d:04:5a:4c:9d:c9:94:17:fd:77:7d:74:bc:f6:2a:85:b8:50:
a9:68:20:5e:8f:e1:17:ea:4e:44:2b:4e:29:39:30:33:ac:0d:
68:e3:e3:b4
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIUNan0m7EBVojEC1WoZHrkw+rQetowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMTEyMTE5MDlaFw0yNTEyMTAyMTI0MDlaMDMxMTAvBgNV
BAMTKDgzMUEwRkY3QjAyQjZCOUY2QjkzMEIyODQ4NERFOTg4OEY5OTZFMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGrPfSOx7qHxvb8r59yuhoMEHI
DsLPRGPpcMfLw5aBXIPe8Nw54lO4tv3ZbspywUd225Y/LIy+B132kCBCG2YYb4Fp
TfiWYWmA3XbwxaseUuCnv8Sa4gFZY1cqsCqESlVXmbpKItc63HH0lXDzBNuUEV7S
4flrXTY/qNJp08ptm397NMwhXJnWHqiB+pdKhDRLCT7p4B3yVdrItRn+dAkCTpqM
gebuDHMGchjgcRsjyHHtbXbmYIh7L3Zg66KruK3dYnfGMBKHh7Y/onr6jpRkcMGC
sk8JsYPmEBu2jROT3KJzSa5lJNRU3D5TmqszG0ekdXgm5wdLT4tthd1wtiNNAgMB
AAGjggIQMIICDDAdBgNVHQ4EFgQUgxoP97Ara59rkwsoSE3piI+ZbhUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk5NDg2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVdGw
AwQAv2WUMA0GCSqGSIb3DQEBCwUAA4IBAQAUf651Q4+Fd4x6xEN9fGII4AN/lx/b
uU3PT9OcAhYBYqJvrqbhKO4ilr5A+vjQftJhOm7Ofa3dHXptqNiBpwTLpNKpbgpC
oGbrGAGC7ffzcRVLs6QVDaxhg2ZV0M/yYxTWBCbWFGTz/HLJqgWG8Xl9U3JezKb0
Op3yKEmSHa+L2GDwkCP49PCes1iN5C68v1IDVmIZGlm4nKefAF21bGKDMihkq6CM
J83AKoGzCoDLd5oT9TUDDy6vYS27/tNL9VSBoPtAt/oECjZfEc4009f/pecphfmF
JVxtBFpMncmUF/13fXS89iqFuFCpaCBej+EX6k5EK04pOTAzrA1o4+O0
-----END CERTIFICATE-----
Generated at Fri Apr 25 05:16:44 2025 by rpki-client