Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323136303939.roa
File: 34352e39352e3231342e302f32342d3234203d3e20323136303939.roa (raw, json)
Hash identifier: e4sOWlDxZzPIXQ3Vnqya07udsUK1KYBFfN3K3q4TdIQ=
Subject key identifier: 1A:E9:C8:A9:60:64:2C:60:77:70:18:57:7B:47:AC:D9:8A:D7:CF:84
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 07B7DBC10772F94BF4666C3F7036202AF6854E68
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323136303939.roa
Signing time: Sat 01 Feb 2025 01:09:01 +0000
ROA not before: Sat 01 Feb 2025 01:04:01 +0000
ROA not after: Sat 31 Jan 2026 01:09:01 +0000
asID: 216099
IP address blocks: 45.95.214.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:b7:db:c1:07:72:f9:4b:f4:66:6c:3f:70:36:20:2a:f6:85:4e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Feb 1 01:04:01 2025 GMT
Not After : Jan 31 01:09:01 2026 GMT
Subject: CN=1AE9C8A960642C60777018577B47ACD98AD7CF84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1a:4c:49:a1:cd:01:af:ee:72:99:7e:71:5e:
9f:9a:25:31:0e:48:10:39:85:b6:91:11:d0:af:74:
34:5b:a4:64:e4:60:47:99:19:ab:35:7d:c9:ee:c8:
7f:de:a6:93:ed:47:9f:71:5f:67:ba:7f:c3:d4:82:
c8:c6:19:29:4c:f7:fd:8f:f5:23:74:a2:a0:53:bd:
a5:10:81:25:b6:50:a5:91:4b:c2:fe:cf:99:92:34:
e1:2d:ec:7a:ce:f5:35:15:c4:30:f5:78:07:86:73:
bd:80:cb:77:49:ff:24:84:7a:9a:7d:e3:52:65:ed:
e1:c3:85:be:22:aa:38:04:eb:e4:9e:1b:9b:81:b3:
99:9c:5f:2f:9e:aa:8c:2e:0f:67:94:ee:f2:12:90:
d0:67:67:01:47:02:44:60:86:10:b3:51:bf:b7:a6:
30:34:63:70:76:0e:12:fd:40:3f:c8:66:06:4b:81:
73:e5:38:10:83:8b:87:1d:c3:1f:b9:ff:db:8d:c8:
b6:28:e4:75:f8:17:f4:e9:09:99:81:3f:f0:d9:48:
78:fa:a8:58:00:43:04:e7:78:64:e8:46:f1:3b:6c:
c7:32:ca:20:49:1c:2e:32:c1:66:7e:88:60:e5:46:
7f:e6:15:82:f9:51:08:d8:a6:42:b8:50:05:ae:7a:
8e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E9:C8:A9:60:64:2C:60:77:70:18:57:7B:47:AC:D9:8A:D7:CF:84
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e39352e3231342e302f32342d3234203d3e20323136303939.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.214.0/24
Signature Algorithm: sha256WithRSAEncryption
68:44:57:2e:f6:79:df:d7:5f:85:ec:17:c1:0a:3c:74:ae:dc:
a6:16:91:72:b8:29:8a:69:89:62:4d:99:02:55:bd:03:4a:77:
a3:db:67:76:06:c4:27:6f:3c:24:09:2f:c8:c1:9c:cb:fa:0c:
70:45:93:aa:25:0b:88:96:f4:7c:ab:9f:25:1a:1c:d4:26:56:
1c:96:5a:61:2f:b6:68:24:13:e4:c8:1c:42:7f:7c:52:4a:97:
49:f1:7c:08:b5:58:3d:e3:12:b8:a4:f2:89:4c:53:73:b7:a9:
e8:35:f3:73:db:10:f1:cf:72:b9:1e:fd:ac:ba:fc:83:c7:2e:
de:f2:9b:ed:97:85:a9:da:2c:50:16:b2:21:47:5a:3e:21:07:
71:b9:5c:9b:54:b8:61:f4:36:2d:88:3b:db:84:5c:1c:65:79:
6e:1b:0d:ce:1b:26:be:ee:b8:9e:ee:ac:79:f5:67:52:32:2f:
05:83:5d:36:0d:e1:02:92:83:1b:7e:f4:b0:25:4c:d8:86:b5:
ea:61:63:2f:aa:8b:0e:e5:82:41:a3:6b:66:e6:21:86:3d:4f:
6a:84:a5:f1:16:aa:79:34:62:d6:12:d5:b4:ca:c9:9e:ad:01:
5f:25:c0:7f:57:56:a7:cc:51:92:2b:c9:7c:e0:66:68:79:85:
9b:6a:02:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUB7fbwQdy+Uv0Zmw/cDYgKvaFTmgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAyMDEwMTA0MDFaFw0yNjAxMzEwMTA5MDFaMDMxMTAvBgNV
BAMTKDFBRTlDOEE5NjA2NDJDNjA3NzcwMTg1NzdCNDdBQ0Q5OEFEN0NGODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdGkxJoc0Br+5ymX5xXp+aJTEO
SBA5hbaREdCvdDRbpGTkYEeZGas1fcnuyH/eppPtR59xX2e6f8PUgsjGGSlM9/2P
9SN0oqBTvaUQgSW2UKWRS8L+z5mSNOEt7HrO9TUVxDD1eAeGc72Ay3dJ/ySEepp9
41Jl7eHDhb4iqjgE6+SeG5uBs5mcXy+eqowuD2eU7vISkNBnZwFHAkRghhCzUb+3
pjA0Y3B2DhL9QD/IZgZLgXPlOBCDi4cdwx+5/9uNyLYo5HX4F/TpCZmBP/DZSHj6
qFgAQwTneGToRvE7bMcyyiBJHC4ywWZ+iGDlRn/mFYL5UQjYpkK4UAWueo7BAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUGunIqWBkLGB3cBhXe0es2YrXz4QwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzkzNTJlMzIzMTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM2MzAzOTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LV/WMA0GCSqGSIb3DQEBCwUAA4IBAQBoRFcu9nnf11+F7BfBCjx0rtymFpFyuCmK
aYliTZkCVb0DSnej22d2BsQnbzwkCS/IwZzL+gxwRZOqJQuIlvR8q58lGhzUJlYc
llphL7ZoJBPkyBxCf3xSSpdJ8XwItVg94xK4pPKJTFNzt6noNfNz2xDxz3K5Hv2s
uvyDxy7e8pvtl4Wp2ixQFrIhR1o+IQdxuVybVLhh9DYtiDvbhFwcZXluGw3OGya+
7rie7qx59WdSMi8Fg102DeECkoMbfvSwJUzYhrXqYWMvqosO5YJBo2tm5iGGPU9q
hKXxFqp5NGLWEtW0ysmerQFfJcB/V1anzFGSK8l84GZoeYWbagJD
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:02:14 2025 by rpki-client