Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS152911.roa
File: AS152911.roa (raw, json)
Hash identifier: aC/sywbHVrNaUA1eYvLHlWp+tXb5DwkyoE0OSAVEAvU=
Subject key identifier: 88:51:F2:4D:A6:88:2E:8B:7F:2A:5A:D6:EC:F2:9D:E8:2C:B4:AE:B1
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 4118FD753D18026E02C0E80024EF623C58E4FD6F
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS152911.roa
Signing time: Wed 15 Jan 2025 02:45:06 +0000
ROA not before: Wed 15 Jan 2025 02:40:06 +0000
ROA not after: Wed 14 Jan 2026 02:45:06 +0000
asID: 152911
IP address blocks: 2a0f:85c1:b4a::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:18:fd:75:3d:18:02:6e:02:c0:e8:00:24:ef:62:3c:58:e4:fd:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 15 02:40:06 2025 GMT
Not After : Jan 14 02:45:06 2026 GMT
Subject: CN=8851F24DA6882E8B7F2A5AD6ECF29DE82CB4AEB1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2e:5f:96:d3:0b:87:f7:61:58:ce:31:5f:b5:
fb:ce:9e:e8:ac:12:95:17:4f:46:4c:89:5e:55:4c:
34:dc:3a:28:bf:df:24:ea:7e:ea:23:28:e5:37:43:
36:d6:8d:bd:e9:53:b3:53:b1:f0:a8:11:94:1f:45:
37:53:9d:08:eb:89:0e:e8:bd:c6:87:ba:23:a7:63:
6b:d1:97:8f:f3:ae:ce:28:88:67:79:01:97:ea:1a:
c5:81:fd:2d:4a:82:af:39:26:15:8f:66:37:50:68:
94:80:2b:c5:ea:2b:17:84:7d:71:cb:4f:89:ba:3b:
9f:84:b9:6a:fe:70:e0:bb:a8:fb:08:11:5f:01:bc:
07:c3:be:ae:a9:e8:c4:d9:ec:16:79:18:30:e8:5f:
04:3f:f7:0c:2d:14:03:87:e9:e5:46:92:64:0d:e3:
ed:9d:4e:2a:c5:70:75:4a:30:b2:6b:28:6e:f8:3d:
72:be:bd:59:9e:16:53:d5:b5:94:c9:07:fe:25:cf:
99:72:9f:82:48:3b:6f:ed:b6:19:86:88:c3:ff:c4:
60:8c:8c:4e:67:16:ec:33:c2:1e:98:50:85:74:8f:
1d:27:5e:96:ab:cd:e3:30:cd:1a:bc:f6:35:78:77:
2a:2d:c7:62:d6:66:10:59:fd:9e:96:4d:9c:d5:1e:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:51:F2:4D:A6:88:2E:8B:7F:2A:5A:D6:EC:F2:9D:E8:2C:B4:AE:B1
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS152911.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b4a::/48
Signature Algorithm: sha256WithRSAEncryption
54:54:15:e3:83:11:fb:b5:70:32:c6:8f:77:d0:37:6e:98:d1:
3a:ca:4c:78:4e:78:a4:19:85:71:08:af:eb:67:32:16:18:48:
12:1f:4e:6b:c3:05:10:69:cc:ba:6f:cb:9d:ea:4d:7e:64:b0:
8a:e9:9a:41:53:ae:f2:a7:e3:64:8f:ed:ae:f1:fa:60:72:bd:
af:5d:e3:a3:86:bb:5e:bc:87:fe:e1:c4:7d:9a:89:b4:af:c7:
ea:6f:b4:88:fa:d4:17:99:28:59:b1:41:88:a4:67:a0:eb:8c:
f5:a3:53:ed:76:63:00:14:34:b3:7a:4d:68:a1:17:3c:c7:a3:
e4:22:ef:70:57:d3:79:76:04:ff:2b:17:34:06:b7:33:85:0d:
79:0c:0e:6e:cb:e2:c6:17:68:19:c9:8f:e1:83:2a:93:42:e7:
38:ed:a6:9d:1f:d1:1d:6a:27:bb:e3:a8:89:71:31:9f:24:6a:
91:ff:08:dd:0f:5b:e7:70:96:22:ae:04:9a:89:6f:0a:8b:af:
56:5a:17:e7:80:9d:b7:b5:84:0e:66:a8:b8:30:96:02:30:52:
d9:bf:03:29:a3:b2:fc:91:10:b6:09:02:ec:c4:93:85:6a:d3:
ea:da:bb:42:cf:57:ff:f0:53:71:7b:10:9a:d1:f9:7c:ce:67:
f6:fb:2a:a1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUQRj9dT0YAm4CwOgAJO9iPFjk/W8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMTUwMjQwMDZaFw0yNjAxMTQwMjQ1MDZaMDMxMTAvBgNV
BAMTKDg4NTFGMjREQTY4ODJFOEI3RjJBNUFENkVDRjI5REU4MkNCNEFFQjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnLl+W0wuH92FYzjFftfvOnuis
EpUXT0ZMiV5VTDTcOii/3yTqfuojKOU3QzbWjb3pU7NTsfCoEZQfRTdTnQjriQ7o
vcaHuiOnY2vRl4/zrs4oiGd5AZfqGsWB/S1Kgq85JhWPZjdQaJSAK8XqKxeEfXHL
T4m6O5+EuWr+cOC7qPsIEV8BvAfDvq6p6MTZ7BZ5GDDoXwQ/9wwtFAOH6eVGkmQN
4+2dTirFcHVKMLJrKG74PXK+vVmeFlPVtZTJB/4lz5lyn4JIO2/tthmGiMP/xGCM
jE5nFuwzwh6YUIV0jx0nXparzeMwzRq89jV4dyotx2LWZhBZ/Z6WTZzVHqZBAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUiFHyTaaILot/KlrW7PKd6Cy0rrEwHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMTUyOTExLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQtKMA0GCSqGSIb3DQEBCwUAA4IBAQBUVBXjgxH7tXAyxo930DdumNE6ykx4Tnik
GYVxCK/rZzIWGEgSH05rwwUQacy6b8ud6k1+ZLCK6ZpBU67yp+Nkj+2u8fpgcr2v
XeOjhrtevIf+4cR9mom0r8fqb7SI+tQXmShZsUGIpGeg64z1o1PtdmMAFDSzek1o
oRc8x6PkIu9wV9N5dgT/Kxc0BrczhQ15DA5uy+LGF2gZyY/hgyqTQuc47aadH9Ed
aie746iJcTGfJGqR/wjdD1vncJYirgSaiW8Ki69WWhfngJ23tYQOZqi4MJYCMFLZ
vwMpo7L8kRC2CQLsxJOFatPq2rtCz1f/8FNxexCa0fl8zmf2+yqh
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:34:13 2025 by rpki-client