Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
File: 34352e3135362e3131362e302f32342d3234203d3e203539343332.roa (raw, json)
Hash identifier: 4toCpn/7/DPagqOrqdjcuGKlQTqIDTUq3hpJ2ufIA5o=
Subject key identifier: DA:16:00:18:BF:E9:99:62:AC:36:D5:69:67:88:41:9E:F7:F0:33:3A
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 48BE4466172D03E95C9B9207A8E9AB587B411040
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
Signing time: Mon 06 Jan 2025 07:53:51 +0000
ROA not before: Mon 06 Jan 2025 07:48:51 +0000
ROA not after: Mon 05 Jan 2026 07:53:51 +0000
asID: 59432
IP address blocks: 45.156.116.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:be:44:66:17:2d:03:e9:5c:9b:92:07:a8:e9:ab:58:7b:41:10:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Jan 6 07:48:51 2025 GMT
Not After : Jan 5 07:53:51 2026 GMT
Subject: CN=DA160018BFE99962AC36D5696788419EF7F0333A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3d:7c:97:e8:8e:aa:92:d1:25:16:76:7e:e9:
01:e1:c7:4c:63:ad:96:1e:cc:78:b0:54:8d:51:32:
ee:56:08:37:11:10:0d:ab:98:bd:6a:d3:27:34:fd:
6c:09:f2:2b:5f:59:7a:e7:c7:45:fb:c7:2d:c7:3c:
14:32:cc:54:b1:39:6f:bf:55:23:e6:e5:0a:15:a4:
e8:a8:c6:17:72:cc:38:4d:8f:d7:54:dc:45:b8:21:
37:44:6a:15:6f:0c:1e:a1:3d:41:07:62:94:87:d1:
c6:b8:35:99:66:a7:ba:f4:6c:74:08:92:81:22:32:
b7:94:c2:49:75:71:0c:43:98:d7:b6:12:8d:05:03:
d4:b9:3f:ae:d5:b7:a4:7a:3d:b8:eb:b6:7a:21:16:
b2:be:ea:ee:2b:8e:63:8a:df:76:e0:fa:76:fd:c2:
ac:be:00:2f:34:75:b2:86:cf:7d:a9:15:a6:4d:25:
7b:b1:9f:25:f2:8f:21:18:c3:46:01:11:b8:9c:c4:
23:20:22:b5:28:c8:12:fb:df:04:3b:6f:be:47:6e:
1a:72:82:8c:ea:a7:4f:fc:80:14:cc:4a:1d:10:44:
d7:03:ab:62:89:7a:f6:7a:7f:a7:0d:ae:6b:cf:ce:
84:6f:86:bd:a5:70:34:c4:10:97:71:d8:03:88:19:
48:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:16:00:18:BF:E9:99:62:AC:36:D5:69:67:88:41:9E:F7:F0:33:3A
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131362e302f32342d3234203d3e203539343332.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.116.0/24
Signature Algorithm: sha256WithRSAEncryption
88:18:ca:6b:bb:55:4b:fa:a1:79:c0:91:8f:1a:62:68:a2:9e:
64:d6:ef:15:4a:ca:1f:e5:79:ab:66:7e:1b:fd:3c:51:d7:a2:
30:00:72:da:8a:91:2d:34:3d:07:6e:20:16:fc:e4:74:87:ef:
51:c3:54:20:b6:33:e8:16:a3:f7:e1:3c:4a:c5:10:f4:42:c9:
ba:3b:83:4b:2b:8a:42:fe:87:f0:09:29:f7:d6:81:8c:cc:38:
8e:b3:b2:dd:a2:bd:9c:97:df:e2:2f:6b:7d:a2:5c:98:ca:ad:
40:4c:93:f2:2c:4f:9b:84:51:b6:e7:21:2c:a5:4e:23:b5:bc:
6f:6a:40:18:4e:c0:f3:a4:16:f6:da:f4:c9:74:32:df:92:8f:
0d:ad:84:f3:75:af:96:3c:6b:78:f9:bb:f5:a9:01:06:c4:d9:
12:e0:26:e7:69:ee:17:db:a1:dd:15:ba:0f:7a:02:19:1a:cf:
4f:ae:cb:16:6f:b0:ca:ea:dc:02:4d:db:3f:ce:ee:28:99:33:
16:81:4c:bb:38:76:74:ca:bd:af:1e:fb:77:59:9c:64:e7:91:
5e:78:09:9a:80:c1:ff:b4:30:d4:bf:f8:4a:a4:c6:d2:fd:e7:
ac:1c:e6:c5:55:68:87:9e:60:8a:19:54:eb:46:9f:a1:fd:0a:
16:62:35:26
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSL5EZhctA+lcm5IHqOmrWHtBEEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNTAxMDYwNzQ4NTFaFw0yNjAxMDUwNzUzNTFaMDMxMTAvBgNV
BAMTKERBMTYwMDE4QkZFOTk5NjJBQzM2RDU2OTY3ODg0MTlFRjdGMDMzM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqPXyX6I6qktElFnZ+6QHhx0xj
rZYezHiwVI1RMu5WCDcREA2rmL1q0yc0/WwJ8itfWXrnx0X7xy3HPBQyzFSxOW+/
VSPm5QoVpOioxhdyzDhNj9dU3EW4ITdEahVvDB6hPUEHYpSH0ca4NZlmp7r0bHQI
koEiMreUwkl1cQxDmNe2Eo0FA9S5P67Vt6R6PbjrtnohFrK+6u4rjmOK33bg+nb9
wqy+AC80dbKGz32pFaZNJXuxnyXyjyEYw0YBEbicxCMgIrUoyBL73wQ7b75Hbhpy
gozqp0/8gBTMSh0QRNcDq2KJevZ6f6cNrmvPzoRvhr2lcDTEEJdx2AOIGUgnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU2hYAGL/pmWKsNtVpZ4hBnvfwMzowHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM5MzQzMzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZx0MA0GCSqGSIb3DQEBCwUAA4IBAQCIGMpru1VL+qF5wJGPGmJoop5k1u8VSsof
5XmrZn4b/TxR16IwAHLaipEtND0HbiAW/OR0h+9Rw1QgtjPoFqP34TxKxRD0Qsm6
O4NLK4pC/ofwCSn31oGMzDiOs7Ldor2cl9/iL2t9olyYyq1ATJPyLE+bhFG25yEs
pU4jtbxvakAYTsDzpBb22vTJdDLfko8NrYTzda+WPGt4+bv1qQEGxNkS4Cbnae4X
26HdFboPegIZGs9PrssWb7DK6twCTds/zu4omTMWgUy7OHZ0yr2vHvt3WZxk55Fe
eAmagMH/tDDUv/hKpMbS/eesHObFVWiHnmCKGVTrRp+h/QoWYjUm
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:05 2025 by rpki-client