Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32342d3234203d3e203631333137.roa
File: 34352e3135362e3131382e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: stJxAsu5tdJZf+dUAropZMdqU+5cLX4evtUNPkcsF/8=
Subject key identifier: 7D:39:9F:56:A1:6B:23:C7:3A:97:3F:29:09:11:16:8A:4F:9A:BC:D6
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 0CD7F4E1777FAC2D7A30474B22029EDE6ACD77B5
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32342d3234203d3e203631333137.roa
Signing time: Mon 06 Jan 2025 07:53:51 +0000
ROA not before: Mon 06 Jan 2025 07:48:51 +0000
ROA not after: Mon 05 Jan 2026 07:53:51 +0000
asID: 61317
IP address blocks: 45.156.118.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:d7:f4:e1:77:7f:ac:2d:7a:30:47:4b:22:02:9e:de:6a:cd:77:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Jan 6 07:48:51 2025 GMT
Not After : Jan 5 07:53:51 2026 GMT
Subject: CN=7D399F56A16B23C73A973F290911168A4F9ABCD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:17:1d:8b:d1:87:0c:c3:98:c4:4b:9e:28:c9:
09:c1:03:3e:c6:c9:a4:98:4f:14:fb:e0:7f:f8:f3:
81:35:c6:a9:0f:9a:45:ab:e0:25:9c:76:41:6a:d7:
14:4f:39:df:34:c5:2a:b5:5a:d2:55:26:c5:b2:c0:
6a:ed:bf:5c:5d:63:57:0d:34:11:e3:f2:ec:2e:f7:
0c:c6:03:d9:90:df:f3:7b:7a:4f:08:5d:28:b9:fb:
86:92:d5:a9:ec:5a:85:f6:80:39:a7:9c:cb:22:8f:
d9:9d:f8:f0:97:70:1b:00:2f:58:b4:a9:29:90:43:
fc:8b:47:3d:6d:0b:60:47:80:b2:eb:22:62:a9:4a:
57:14:a7:4d:8a:52:37:f4:64:ee:78:49:85:6f:d9:
aa:f8:f2:f6:7b:5a:0f:91:39:a6:f9:b7:87:47:78:
19:96:cc:6e:6b:89:c0:25:9c:63:32:3e:a6:7f:1d:
84:bc:35:74:e9:a3:a1:ba:d6:06:a4:87:1b:bf:18:
9c:f1:60:2f:ce:30:7e:19:d4:c1:5f:90:45:5e:ec:
95:82:25:5e:b4:0c:c7:df:b1:65:43:c0:18:19:89:
7c:ed:35:d9:9c:91:b5:43:4a:76:4a:f6:e6:9d:40:
fc:83:6b:a7:fa:ca:f4:3b:a8:40:c6:0e:80:9f:fe:
aa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:39:9F:56:A1:6B:23:C7:3A:97:3F:29:09:11:16:8A:4F:9A:BC:D6
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131382e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.118.0/24
Signature Algorithm: sha256WithRSAEncryption
23:70:e0:5b:ff:42:41:98:d1:24:1b:3d:58:98:3b:5e:fc:42:
62:2c:83:69:64:a5:eb:47:2f:46:bf:29:b5:7e:5c:de:b0:f5:
45:41:9c:4f:a1:5c:fd:08:b5:65:5c:f0:7d:f0:b9:6c:56:4b:
5f:15:85:8e:3a:cf:fa:7f:5a:78:74:af:8e:17:a8:1f:4e:98:
62:a1:80:86:cb:e7:ac:5d:01:6f:0e:8a:8e:c1:db:d8:31:03:
d9:83:d0:1a:16:fb:cd:4d:5f:33:ff:0f:ba:0a:6a:20:b4:32:
0b:e1:67:ec:4c:ef:85:5b:5d:32:77:ec:33:40:e1:7a:07:36:
8b:f1:ef:90:65:1a:d5:84:95:58:62:fd:d8:26:db:65:d8:80:
3c:29:9f:74:9d:91:90:a4:89:0d:df:d2:27:ed:e7:7b:31:a1:
46:31:bb:92:d9:6b:0c:96:97:b2:ea:b1:34:47:2f:19:fb:f5:
0c:9c:75:7a:e3:2a:52:25:01:4c:22:28:8f:b3:a8:50:a9:b1:
8f:df:bf:2b:db:d9:af:e5:fc:e7:5c:19:f4:64:c3:d8:16:21:
a6:a5:ba:3d:7b:8e:61:21:71:9d:89:03:3e:69:e5:56:1e:06:
fd:48:fa:89:ac:4f:49:3e:1a:ef:d9:31:a6:00:c2:d5:78:90:
ba:e9:56:69
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDNf04Xd/rC16MEdLIgKe3mrNd7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNTAxMDYwNzQ4NTFaFw0yNjAxMDUwNzUzNTFaMDMxMTAvBgNV
BAMTKDdEMzk5RjU2QTE2QjIzQzczQTk3M0YyOTA5MTExNjhBNEY5QUJDRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiFx2L0YcMw5jES54oyQnBAz7G
yaSYTxT74H/484E1xqkPmkWr4CWcdkFq1xRPOd80xSq1WtJVJsWywGrtv1xdY1cN
NBHj8uwu9wzGA9mQ3/N7ek8IXSi5+4aS1ansWoX2gDmnnMsij9md+PCXcBsAL1i0
qSmQQ/yLRz1tC2BHgLLrImKpSlcUp02KUjf0ZO54SYVv2ar48vZ7Wg+ROab5t4dH
eBmWzG5ricAlnGMyPqZ/HYS8NXTpo6G61gakhxu/GJzxYC/OMH4Z1MFfkEVe7JWC
JV60DMffsWVDwBgZiXztNdmckbVDSnZK9uadQPyDa6f6yvQ7qEDGDoCf/qoPAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfTmfVqFrI8c6lz8pCREWik+avNYwHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZx2MA0GCSqGSIb3DQEBCwUAA4IBAQAjcOBb/0JBmNEkGz1YmDte/EJiLINpZKXr
Ry9Gvym1flzesPVFQZxPoVz9CLVlXPB98LlsVktfFYWOOs/6f1p4dK+OF6gfTphi
oYCGy+esXQFvDoqOwdvYMQPZg9AaFvvNTV8z/w+6CmogtDIL4WfsTO+FW10yd+wz
QOF6BzaL8e+QZRrVhJVYYv3YJttl2IA8KZ90nZGQpIkN39In7ed7MaFGMbuS2WsM
lpey6rE0Ry8Z+/UMnHV64ypSJQFMIiiPs6hQqbGP378r29mv5fznXBn0ZMPYFiGm
pbo9e45hIXGdiQM+aeVWHgb9SPqJrE9JPhrv2TGmAMLVeJC66VZp
-----END CERTIFICATE-----
Generated at Sat Apr 12 09:29:57 2025 by rpki-client