Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
File: AS43641.roa (raw, json)
Hash identifier: mr8jmOTRIna28n+JvsXb2bO+MEJ3srtNYJ1geMDvL5k=
Subject key identifier: 9E:56:7E:45:66:E0:15:B2:CA:F2:AA:A1:76:4E:3E:F6:0B:6D:25:0C
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7C667A00C6654E42558C76420B799FC70D62253C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
Signing time: Thu 19 Dec 2024 11:58:34 +0000
ROA not before: Thu 19 Dec 2024 11:53:34 +0000
ROA not after: Thu 18 Dec 2025 11:58:34 +0000
asID: 43641
IP address blocks: 2.57.20.0/23 maxlen: 24
181.215.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:66:7a:00:c6:65:4e:42:55:8c:76:42:0b:79:9f:c7:0d:62:25:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 19 11:53:34 2024 GMT
Not After : Dec 18 11:58:34 2025 GMT
Subject: CN=9E567E4566E015B2CAF2AAA1764E3EF60B6D250C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b8:31:2d:c3:8e:1a:3a:49:06:4b:74:70:9f:
09:ac:32:61:99:f5:ce:e0:85:0f:5a:90:31:14:9d:
da:d0:fe:0a:d1:89:36:3e:44:e2:47:77:51:7b:53:
24:36:47:aa:9a:60:c5:ee:31:ac:c5:90:45:dc:37:
59:f9:f1:5b:72:f5:72:7f:d8:05:7d:b6:98:34:26:
7c:4a:a3:1e:a3:fc:22:63:40:58:5f:06:d3:df:af:
c7:76:6d:32:fa:a4:0c:ec:20:3a:22:22:be:5b:28:
1e:b4:14:59:4f:ca:81:3f:5f:fa:72:eb:7b:54:fd:
70:e5:cd:ec:e5:62:38:e2:bc:a1:35:aa:50:f0:bf:
3c:79:61:2d:50:d4:95:24:de:30:de:a3:91:53:70:
0a:df:fd:bc:d4:ac:08:61:b1:9c:bf:cc:8d:5b:61:
cc:be:05:7d:72:2f:bb:e2:c7:64:db:8d:ba:ca:fa:
78:c2:94:78:cc:a7:f5:a3:55:58:b9:92:e5:1e:42:
81:59:9a:d9:91:0a:3a:47:a9:24:7b:b9:44:dd:a2:
77:68:9b:54:cd:cf:7f:ad:52:dc:9d:30:b4:24:87:
31:13:53:a6:0c:41:90:f6:04:2c:dc:0e:66:03:73:
c1:8d:d0:3c:4d:7f:bc:25:fd:75:d8:79:ff:81:8b:
ba:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:56:7E:45:66:E0:15:B2:CA:F2:AA:A1:76:4E:3E:F6:0B:6D:25:0C
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS43641.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
181.215.58.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:2b:e4:93:1c:a8:b6:50:0b:f5:b9:95:83:eb:72:e7:d2:7a:
56:fd:74:85:72:b2:2b:33:22:c4:85:c4:8f:35:1a:57:97:99:
47:c6:06:18:52:01:25:d7:19:a2:03:88:41:99:9b:1a:4a:9b:
d4:bf:e3:90:1a:e1:24:26:fb:ba:62:85:f0:44:b3:68:3c:1f:
33:39:a3:5b:ba:07:d4:17:73:8c:88:7d:ce:29:7b:9e:3d:dc:
56:af:e7:3b:25:a4:d6:b0:d1:f4:cf:85:a8:4b:08:e1:7c:1d:
12:89:5b:0a:81:3c:74:f7:40:8f:97:07:9f:08:e1:4c:2b:1b:
9c:88:43:84:10:cc:40:c7:e0:12:0e:fb:b7:07:f4:e3:88:38:
51:79:1f:72:73:f9:d1:89:71:d2:2d:35:c0:3f:85:eb:c6:db:
61:8f:97:76:23:36:15:d8:ad:c7:2b:93:a0:1b:75:c1:82:ca:
26:c9:91:ea:89:af:0c:da:0f:48:dd:8e:2d:47:6b:a9:43:56:
7c:f9:ef:fa:0e:37:b9:d1:90:56:4d:ff:e3:8b:98:97:a4:bf:
2a:4f:5d:41:22:73:cb:fc:64:1b:02:0a:ce:e0:b7:97:42:ed:
f7:55:6e:6a:40:4d:9c:57:46:5b:2d:c9:a1:16:9b:63:c6:cb:
43:f6:d2:8a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUfGZ6AMZlTkJVjHZCC3mfxw1iJTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMTkxMTUzMzRaFw0yNTEyMTgxMTU4MzRaMDMxMTAvBgNV
BAMTKDlFNTY3RTQ1NjZFMDE1QjJDQUYyQUFBMTc2NEUzRUY2MEI2RDI1MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBuDEtw44aOkkGS3RwnwmsMmGZ
9c7ghQ9akDEUndrQ/grRiTY+ROJHd1F7UyQ2R6qaYMXuMazFkEXcN1n58Vty9XJ/
2AV9tpg0JnxKox6j/CJjQFhfBtPfr8d2bTL6pAzsIDoiIr5bKB60FFlPyoE/X/py
63tU/XDlzezlYjjivKE1qlDwvzx5YS1Q1JUk3jDeo5FTcArf/bzUrAhhsZy/zI1b
Ycy+BX1yL7vix2TbjbrK+njClHjMp/WjVVi5kuUeQoFZmtmRCjpHqSR7uUTdondo
m1TNz3+tUtydMLQkhzETU6YMQZD2BCzcDmYDc8GN0DxNf7wl/XXYef+Bi7p9AgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUnlZ+RWbgFbLK8qqhdk4+9gttJQwwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDM2NDEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAECORQD
BAC11zowDQYJKoZIhvcNAQELBQADggEBAI0r5JMcqLZQC/W5lYPrcufSelb9dIVy
siszIsSFxI81GleXmUfGBhhSASXXGaIDiEGZmxpKm9S/45Aa4SQm+7pihfBEs2g8
HzM5o1u6B9QXc4yIfc4pe5493Fav5zslpNaw0fTPhahLCOF8HRKJWwqBPHT3QI+X
B58I4UwrG5yIQ4QQzEDH4BIO+7cH9OOIOFF5H3Jz+dGJcdItNcA/hevG22GPl3Yj
NhXYrccrk6AbdcGCyibJkeqJrwzaD0jdji1Ha6lDVnz57/oON7nRkFZN/+OLmJek
vypPXUEic8v8ZBsCCs7gt5dC7fdVbmpATZxXRlstyaEWm2PGy0P20oo=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:36:38 2025 by rpki-client