Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: EiVQxQ0wtIzs3YOjDEgy2KzS0rICgWnLKBFzUosWowQ=
Subject key identifier: 43:76:7D:10:C1:75:87:06:4A:32:D3:0F:7A:CE:36:D9:01:2E:1E:1E
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 1EAE63A881F52B758B093200A2E4ABE7665B2CEA
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
Signing time: Thu 05 Dec 2024 18:52:48 +0000
ROA not before: Thu 05 Dec 2024 18:47:48 +0000
ROA not after: Thu 04 Dec 2025 18:52:48 +0000
asID: 20473
IP address blocks: 141.11.9.0/24 maxlen: 24
141.11.26.0/24 maxlen: 24
141.11.70.0/24 maxlen: 24
141.11.100.0/24 maxlen: 24
141.11.154.0/23 maxlen: 24
141.11.236.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ae:63:a8:81:f5:2b:75:8b:09:32:00:a2:e4:ab:e7:66:5b:2c:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Dec 5 18:47:48 2024 GMT
Not After : Dec 4 18:52:48 2025 GMT
Subject: CN=43767D10C17587064A32D30F7ACE36D9012E1E1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:5b:bf:68:5b:9b:1e:93:b6:db:78:60:de:fd:
3d:88:b2:97:24:9b:52:d5:49:33:49:70:90:20:00:
f9:49:c2:a2:82:2e:4c:cc:67:aa:75:ea:51:d9:e5:
61:9a:7b:c9:17:d0:cc:2f:b6:04:50:28:8c:04:40:
34:bb:53:9e:5f:d7:96:ad:23:94:ad:6b:22:d5:01:
1c:e4:40:93:e8:1d:13:53:24:b9:43:71:7c:33:b5:
bc:e4:26:45:e9:5a:12:3a:b6:ce:17:f8:e7:e8:ee:
97:ee:d3:c9:b5:ee:1f:a3:3e:90:59:e2:93:98:85:
c6:3c:a2:fc:31:33:23:bf:87:89:d0:df:b3:83:b8:
bc:1e:b3:fa:1b:ad:5e:1e:61:a1:d2:d7:0f:6c:51:
37:9c:52:4d:d2:54:05:4a:6d:90:53:66:32:c5:5d:
a2:95:df:35:dc:ec:c1:f7:d1:d4:a7:ad:c9:bf:4d:
77:da:ae:00:89:d4:eb:32:f0:c2:5a:b0:b3:11:35:
fe:e2:94:ce:a4:ca:93:40:01:05:4f:e2:b4:c3:d5:
df:78:dd:25:5d:95:62:b2:fe:0d:01:7b:01:12:6a:
df:7b:2a:55:6d:0e:0c:41:e2:15:c2:4c:db:1f:b7:
cb:1c:22:ec:62:7e:a1:59:19:a6:72:b2:3d:ab:7b:
33:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:76:7D:10:C1:75:87:06:4A:32:D3:0F:7A:CE:36:D9:01:2E:1E:1E
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.9.0/24
141.11.26.0/24
141.11.70.0/24
141.11.100.0/24
141.11.154.0/23
141.11.236.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:62:ed:7e:21:05:ad:5b:3e:e0:07:4c:ee:36:a9:ef:8c:eb:
cc:f5:67:a5:89:d9:cb:71:12:a2:38:00:dd:dc:e1:d4:e1:1a:
b5:eb:14:90:02:e2:98:86:51:59:62:a3:f2:9d:36:00:ca:0c:
8a:63:7b:3b:6a:b5:61:f3:7b:de:42:ad:ba:d0:8f:be:24:36:
17:6a:b7:a5:76:0c:9e:ef:fc:70:0a:31:ec:1b:d2:eb:4c:dc:
6b:ce:ea:d0:51:5b:ca:81:09:4b:13:75:7d:a8:a1:78:f7:44:
8d:45:5f:2d:cb:12:5c:a2:5e:e5:37:bb:4c:93:32:4d:16:89:
d5:2e:8a:98:cf:d7:b1:cb:72:41:ac:2c:64:e7:62:91:43:e9:
d9:bd:86:65:db:1b:e9:f3:07:3c:46:1d:0d:ed:0c:e6:f2:11:
20:4e:e9:92:3e:de:27:aa:5e:c2:87:d3:54:50:c1:c7:c9:fc:
60:b6:0f:51:15:7f:c3:e8:f7:c3:4e:6b:25:d9:aa:ce:80:06:
00:b7:72:8a:6d:70:5a:94:bf:fe:7b:f9:29:2a:c3:93:0b:34:
e3:b2:2e:c3:32:0f:24:72:d2:cb:8d:55:d4:60:84:40:b9:3c:
3d:28:fe:55:cd:3b:db:d9:d0:37:e7:d6:2d:18:01:90:91:77:
6b:f2:a2:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUHq5jqIH1K3WLCTIAouSr52ZbLOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNDEyMDUxODQ3NDhaFw0yNTEyMDQxODUyNDhaMDMxMTAvBgNV
BAMTKDQzNzY3RDEwQzE3NTg3MDY0QTMyRDMwRjdBQ0UzNkQ5MDEyRTFFMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNW79oW5sek7bbeGDe/T2Ispck
m1LVSTNJcJAgAPlJwqKCLkzMZ6p16lHZ5WGae8kX0MwvtgRQKIwEQDS7U55f15at
I5StayLVARzkQJPoHRNTJLlDcXwztbzkJkXpWhI6ts4X+Ofo7pfu08m17h+jPpBZ
4pOYhcY8ovwxMyO/h4nQ37ODuLwes/obrV4eYaHS1w9sUTecUk3SVAVKbZBTZjLF
XaKV3zXc7MH30dSnrcm/TXfargCJ1Osy8MJasLMRNf7ilM6kypNAAQVP4rTD1d94
3SVdlWKy/g0BewESat97KlVtDgxB4hXCTNsft8scIuxifqFZGaZysj2rezPVAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUQ3Z9EMF1hwZKMtMPes422QEuHh4wHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACNCwkD
BACNCxoDBACNC0YDBACNC2QDBAGNC5oDBAGNC+wwDQYJKoZIhvcNAQELBQADggEB
AD5i7X4hBa1bPuAHTO42qe+M68z1Z6WJ2ctxEqI4AN3c4dThGrXrFJAC4piGUVli
o/KdNgDKDIpjeztqtWHze95CrbrQj74kNhdqt6V2DJ7v/HAKMewb0utM3GvO6tBR
W8qBCUsTdX2ooXj3RI1FXy3LElyiXuU3u0yTMk0WidUuipjP17HLckGsLGTnYpFD
6dm9hmXbG+nzBzxGHQ3tDObyESBO6ZI+3ieqXsKH01RQwcfJ/GC2D1EVf8Po98NO
ayXZqs6ABgC3coptcFqUv/57+Skqw5MLNOOyLsMyDyRy0suNVdRghEC5PD0o/lXN
O9vZ0Dfn1i0YAZCRd2vyogc=
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:35:10 2025 by rpki-client