Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32332d3234203d3e20383334.roa
File: 34352e3135362e3131382e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: PFPhaClHjzdcOwYTOgWaoMB9IX2XluAUiU/epPSsH+I=
Subject key identifier: 29:E2:82:DC:27:74:DB:93:FC:6D:6D:C9:1A:4F:F9:2F:41:B4:17:DE
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 63D0DCAB8530C5E1E0CAECB01DAD23B29BDDD2EE
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32332d3234203d3e20383334.roa
Signing time: Fri 14 Feb 2025 00:01:44 +0000
ROA not before: Thu 13 Feb 2025 23:56:44 +0000
ROA not after: Fri 13 Feb 2026 00:01:44 +0000
asID: 834
IP address blocks: 45.156.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:d0:dc:ab:85:30:c5:e1:e0:ca:ec:b0:1d:ad:23:b2:9b:dd:d2:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Feb 13 23:56:44 2025 GMT
Not After : Feb 13 00:01:44 2026 GMT
Subject: CN=29E282DC2774DB93FC6D6DC91A4FF92F41B417DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:48:75:14:c0:2b:4b:c0:ed:07:ee:fb:ea:08:
f1:16:ce:ed:28:fe:97:d2:97:ac:9d:cd:32:7b:85:
5a:16:06:0c:29:91:3d:99:9e:55:54:a8:1c:46:b3:
01:36:5b:07:76:b9:a1:fb:49:bc:33:d2:f5:bb:69:
b4:53:c0:fc:33:64:1b:c5:31:13:35:71:4e:a9:78:
a0:91:b9:a9:54:0d:37:e8:7d:6f:3f:1e:71:cf:9b:
cb:42:3f:20:f8:db:e8:cb:9e:7a:b8:c0:0f:72:6f:
7a:e2:52:5f:81:9c:68:2c:e1:ef:f2:aa:70:55:92:
d3:b5:b8:bc:ef:c0:42:d1:e7:86:38:20:d3:fc:f5:
c9:9b:20:37:42:18:9d:d4:7d:8e:40:51:3c:a8:62:
8c:9b:76:ee:66:4b:84:5b:a4:35:ab:e5:46:b5:2b:
5a:c8:ee:6f:17:16:2d:f5:3e:18:fd:20:89:f8:a9:
37:75:81:37:0f:7b:77:ce:dc:9a:b0:c2:b0:e3:2b:
ba:6b:b1:05:c5:2b:93:f8:e0:58:07:ca:f5:96:ca:
dc:53:71:db:df:51:ab:3d:2d:26:0c:cd:df:50:10:
fa:a8:60:ed:a0:0f:40:5e:9e:1e:ba:e1:51:f4:bb:
9c:04:65:87:b3:48:8f:7f:ee:94:4e:16:04:d0:ec:
a5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:E2:82:DC:27:74:DB:93:FC:6D:6D:C9:1A:4F:F9:2F:41:B4:17:DE
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.118.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:47:2a:02:b8:c0:af:d1:e7:3e:bd:21:90:3a:ce:5e:85:59:
c8:e3:b6:42:2c:2c:aa:f3:e8:bc:20:76:3b:f0:5f:4f:87:08:
da:b5:72:f9:93:11:27:09:e5:fd:a2:4f:de:52:c1:1c:c7:96:
08:d1:7a:18:e2:07:e2:38:ff:f8:ec:60:01:1e:6c:bb:25:27:
a8:e5:e8:40:ed:de:05:67:cc:bc:3f:fe:f3:9d:79:59:d1:47:
c1:93:fa:99:e9:e5:e1:4f:22:df:c5:ed:b1:0f:07:23:5f:6f:
f7:38:19:d7:7c:d4:08:3d:b9:fa:41:73:99:e7:74:11:37:32:
14:0b:2d:2e:ae:83:a4:71:e8:f7:5e:da:00:61:cd:28:39:be:
f5:d1:4b:a3:00:4d:76:2f:e1:49:87:0a:21:09:30:6b:76:37:
4b:6d:4a:be:ed:ed:90:97:1f:d7:00:05:7d:72:20:4f:f0:04:
26:f4:6c:72:07:73:db:04:cd:76:61:00:43:c8:7f:00:d4:11:
f2:c3:c2:a0:ca:2f:d7:3e:98:86:7a:b5:38:9b:89:ee:3e:61:
bc:94:8f:c1:6b:15:09:a9:be:eb:ae:c4:59:5e:a3:c6:6c:b4:
2d:37:0b:91:4b:48:ce:25:07:85:45:31:3b:4d:7f:2e:90:48:
95:8e:9b:52
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUY9Dcq4UwxeHgyuywHa0jspvd0u4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNTAyMTMyMzU2NDRaFw0yNjAyMTMwMDAxNDRaMDMxMTAvBgNV
BAMTKDI5RTI4MkRDMjc3NERCOTNGQzZENkRDOTFBNEZGOTJGNDFCNDE3REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKSHUUwCtLwO0H7vvqCPEWzu0o
/pfSl6ydzTJ7hVoWBgwpkT2ZnlVUqBxGswE2Wwd2uaH7Sbwz0vW7abRTwPwzZBvF
MRM1cU6peKCRualUDTfofW8/HnHPm8tCPyD42+jLnnq4wA9yb3riUl+BnGgs4e/y
qnBVktO1uLzvwELR54Y4INP89cmbIDdCGJ3UfY5AUTyoYoybdu5mS4RbpDWr5Ua1
K1rI7m8XFi31Phj9IIn4qTd1gTcPe3fO3JqwwrDjK7prsQXFK5P44FgHyvWWytxT
cdvfUas9LSYMzd9QEPqoYO2gD0Benh664VH0u5wEZYezSI9/7pROFgTQ7KUbAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUKeKC3Cd025P8bW3JGk/5L0G0F94wHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtnHYw
DQYJKoZIhvcNAQELBQADggEBAHpHKgK4wK/R5z69IZA6zl6FWcjjtkIsLKrz6Lwg
djvwX0+HCNq1cvmTEScJ5f2iT95SwRzHlgjRehjiB+I4//jsYAEebLslJ6jl6EDt
3gVnzLw//vOdeVnRR8GT+pnp5eFPIt/F7bEPByNfb/c4Gdd81Ag9ufpBc5nndBE3
MhQLLS6ug6Rx6Pde2gBhzSg5vvXRS6MATXYv4UmHCiEJMGt2N0ttSr7t7ZCXH9cA
BX1yIE/wBCb0bHIHc9sEzXZhAEPIfwDUEfLDwqDKL9c+mIZ6tTibie4+YbyUj8Fr
FQmpvuuuxFleo8ZstC03C5FLSM4lB4VFMTtNfy6QSJWOm1I=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:41 2025 by rpki-client