Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
File: AS5650.roa (raw, json)
Hash identifier: QHU06cnBfbyyfAn3D71yX5NUg8kJ/C/nnRDoEzz+yXc=
Subject key identifier: 18:A1:69:B3:C3:CB:17:2B:AC:2D:85:7F:74:01:5E:BA:4D:DD:AA:DF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5ADFC844F4CE9BDD75897B80B4963B6938CB977F
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
Signing time: Thu 16 Jan 2025 14:59:58 +0000
ROA not before: Thu 16 Jan 2025 14:54:58 +0000
ROA not after: Thu 15 Jan 2026 14:59:58 +0000
asID: 5650
IP address blocks: 46.203.160.0/24 maxlen: 24
46.203.164.0/24 maxlen: 24
92.112.32.0/24 maxlen: 24
92.112.33.0/24 maxlen: 24
92.112.34.0/24 maxlen: 24
92.112.35.0/24 maxlen: 24
92.112.36.0/23 maxlen: 24
92.112.38.0/23 maxlen: 24
92.112.40.0/21 maxlen: 24
92.112.157.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:df:c8:44:f4:ce:9b:dd:75:89:7b:80:b4:96:3b:69:38:cb:97:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 16 14:54:58 2025 GMT
Not After : Jan 15 14:59:58 2026 GMT
Subject: CN=18A169B3C3CB172BAC2D857F74015EBA4DDDAADF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:08:d3:aa:b5:bd:07:9f:c4:4e:93:60:40:0c:
39:e7:26:1f:00:39:08:57:2a:11:d0:b5:d6:cb:83:
ad:9f:ed:8d:8c:ce:7f:3a:08:ba:9d:ff:3c:ec:e2:
ca:06:b2:cd:4d:02:9f:9e:cc:c1:5f:fa:93:24:24:
c9:e9:54:c9:66:68:d4:ae:5d:12:4d:59:7d:dc:cc:
cd:19:bc:a3:3c:8c:00:00:11:ec:50:c7:8f:d5:0a:
38:35:9a:75:cf:cc:34:67:25:9c:83:fb:e6:6b:b8:
80:e5:cd:3f:36:c0:e1:78:ed:5e:66:c2:a4:c8:79:
b7:ca:9f:b4:da:d6:e4:c0:2a:21:17:4f:cc:25:3c:
47:bd:9f:4b:87:c3:b6:17:34:40:f4:cd:8e:71:97:
e3:65:30:03:71:cf:4d:73:fd:b4:18:c1:95:63:f5:
3d:e6:43:76:ac:d6:fa:40:12:8c:0c:1f:97:6d:27:
6f:ac:c1:e9:b6:5d:48:5a:a6:f2:e8:15:f6:b1:fe:
06:a7:7c:10:67:8d:f5:c9:f2:d0:36:85:29:eb:ac:
e7:40:92:b6:7c:91:a4:a3:0b:5a:ad:b5:4e:32:8a:
55:8f:52:f7:66:9a:6f:16:93:c5:51:2a:ac:b6:75:
47:ed:53:5d:93:f4:8e:99:cc:5e:87:75:30:33:03:
67:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A1:69:B3:C3:CB:17:2B:AC:2D:85:7F:74:01:5E:BA:4D:DD:AA:DF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS5650.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.160.0/24
46.203.164.0/24
92.112.32.0/20
92.112.157.0/24
Signature Algorithm: sha256WithRSAEncryption
43:4f:e3:31:55:8f:91:5f:2b:82:2d:e7:53:93:a0:91:16:5d:
dd:14:95:a4:36:48:4d:70:82:87:4b:5a:74:8b:86:f9:68:e9:
15:ed:24:0b:5d:d3:ab:87:96:cc:50:b9:e3:66:7a:b8:bb:12:
23:1b:62:2a:8b:b0:36:4e:f1:51:83:24:ec:f1:c2:bd:9b:4e:
2f:57:aa:91:54:48:cf:70:75:b6:a9:93:80:c3:3e:68:32:6c:
78:93:6d:e4:99:1b:d1:1b:b8:d5:29:8b:7f:80:3e:ea:a4:d2:
c9:87:1f:8c:4c:2a:d5:b2:49:89:91:02:18:5e:71:b1:d8:0c:
7e:45:18:4f:58:10:b1:9a:e8:65:7a:2d:64:1d:5f:55:48:58:
be:19:af:de:80:06:85:8f:e0:69:3f:ef:1a:68:05:18:8e:50:
20:e4:97:10:a9:b0:36:f9:b3:6f:33:19:13:df:6d:78:bd:3b:
8e:5b:63:27:82:97:cb:67:13:1b:c0:ac:6b:2f:49:37:cb:2c:
7e:06:9b:62:38:0c:f7:c6:4b:42:88:39:80:b8:3c:39:1a:e8:
31:5a:a5:24:72:e0:13:95:ed:1d:e3:c1:a2:b1:df:03:b7:c2:
ef:78:d7:8b:35:3c:af:c9:8c:9e:e0:46:5f:95:27:9e:22:a8:
18:ef:df:02
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUWt/IRPTOm911iXuAtJY7aTjLl38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMTYxNDU0NThaFw0yNjAxMTUxNDU5NThaMDMxMTAvBgNV
BAMTKDE4QTE2OUIzQzNDQjE3MkJBQzJEODU3Rjc0MDE1RUJBNEREREFBREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDECNOqtb0Hn8ROk2BADDnnJh8A
OQhXKhHQtdbLg62f7Y2Mzn86CLqd/zzs4soGss1NAp+ezMFf+pMkJMnpVMlmaNSu
XRJNWX3czM0ZvKM8jAAAEexQx4/VCjg1mnXPzDRnJZyD++ZruIDlzT82wOF47V5m
wqTIebfKn7Ta1uTAKiEXT8wlPEe9n0uHw7YXNED0zY5xl+NlMANxz01z/bQYwZVj
9T3mQ3as1vpAEowMH5dtJ2+swem2XUhapvLoFfax/ganfBBnjfXJ8tA2hSnrrOdA
krZ8kaSjC1qttU4yilWPUvdmmm8Wk8VRKqy2dUftU12T9I6ZzF6HdTAzA2dfAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUGKFps8PLFyusLYV/dAFeuk3dqt8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNTY1MC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC7LoAME
AC7LpAMEBFxwIAMEAFxwnTANBgkqhkiG9w0BAQsFAAOCAQEAQ0/jMVWPkV8rgi3n
U5OgkRZd3RSVpDZITXCCh0tadIuG+WjpFe0kC13Tq4eWzFC542Z6uLsSIxtiKouw
Nk7xUYMk7PHCvZtOL1eqkVRIz3B1tqmTgMM+aDJseJNt5Jkb0Ru41SmLf4A+6qTS
yYcfjEwq1bJJiZECGF5xsdgMfkUYT1gQsZroZXotZB1fVUhYvhmv3oAGhY/gaT/v
GmgFGI5QIOSXEKmwNvmzbzMZE99teL07jltjJ4KXy2cTG8Csay9JN8ssfgabYjgM
98ZLQog5gLg8ORroMVqlJHLgE5XtHePBorHfA7fC73jXizU8r8mMnuBGX5UnniKo
GO/fAg==
-----END CERTIFICATE-----
Generated at Sat May 3 02:46:03 2025 by rpki-client