Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131392e302f32342d3234203d3e20323639303730.roa
File: 34352e3135362e3131392e302f32342d3234203d3e20323639303730.roa (raw, json)
Hash identifier: UQ+TUAlAHY2PDMxpcSrAKY/wcieS39R+uD2f3HNyXIo=
Subject key identifier: 46:34:CA:6E:F2:2B:69:67:C2:0F:3E:FD:6D:46:B1:3F:55:3A:3D:E8
Certificate issuer: /CN=06da19f4285eb04d0310733f4ac00107b73337ad
Certificate serial: 3DF360AB4797856DCECFAF4C92ED0ED73E07D57F
Authority key identifier: 06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131392e302f32342d3234203d3e20323639303730.roa
Signing time: Fri 23 Feb 2024 19:00:16 +0000
ROA not before: Fri 23 Feb 2024 18:55:16 +0000
ROA not after: Fri 21 Feb 2025 19:00:16 +0000
asID: 269070
IP address blocks: 45.156.119.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:f3:60:ab:47:97:85:6d:ce:cf:af:4c:92:ed:0e:d7:3e:07:d5:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06da19f4285eb04d0310733f4ac00107b73337ad
Validity
Not Before: Feb 23 18:55:16 2024 GMT
Not After : Feb 21 19:00:16 2025 GMT
Subject: CN=4634CA6EF22B6967C20F3EFD6D46B13F553A3DE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2c:ab:00:bb:e2:51:f6:aa:7f:17:2b:66:c2:
a2:ba:6f:e0:80:7f:d1:5a:36:ae:88:20:52:c1:f4:
bc:32:9d:28:06:a8:d9:b2:dd:0d:92:b7:98:68:89:
32:2b:83:35:0a:bd:b1:58:1b:4a:07:56:a8:68:56:
b5:43:87:77:d4:ac:42:45:54:39:64:8d:6a:31:22:
b5:3b:22:22:e3:b9:08:96:a1:be:7b:ca:7d:4d:c1:
d8:55:4d:d9:71:e3:7c:0c:93:11:fb:7a:fc:c5:76:
3d:fe:0c:ec:8d:49:6d:89:35:46:14:a0:41:41:3e:
15:aa:b3:f9:10:f7:ce:bf:39:8b:87:ea:33:3b:1d:
4d:d3:f1:30:21:47:a2:99:71:23:62:c5:1c:24:ad:
96:e2:9e:27:f4:a9:16:3e:72:a6:15:32:58:86:eb:
66:37:1d:4e:a4:08:73:77:aa:b8:27:39:ff:8c:14:
69:f5:79:40:e9:a9:55:ec:60:1a:c3:ee:91:f0:71:
2e:e6:7b:73:42:cd:c9:8e:7b:f2:c2:ea:08:e5:ed:
76:45:6a:bc:9b:0c:76:21:11:02:8a:4e:92:fc:2a:
bb:d0:e7:f0:28:41:1a:01:44:67:72:46:8e:c4:db:
66:b5:9b:7d:ee:ee:53:fe:6e:24:d9:e8:ea:aa:9f:
24:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:34:CA:6E:F2:2B:69:67:C2:0F:3E:FD:6D:46:B1:3F:55:3A:3D:E8
X509v3 Authority Key Identifier:
keyid:06:DA:19:F4:28:5E:B0:4D:03:10:73:3F:4A:C0:01:07:B7:33:37:AD
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/06DA19F4285EB04D0310733F4AC00107B73337AD.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BtoZ9ChesE0DEHM_SsABB7czN60.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/370be6cd-25d2-4f8b-88a4-b5109f49462d/1/34352e3135362e3131392e302f32342d3234203d3e20323639303730.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.119.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:27:77:70:ad:de:a1:85:53:6f:8c:e2:16:55:18:38:25:9b:
a8:f5:9b:7c:ac:90:70:1d:65:a3:df:d3:f7:d5:d9:22:4e:88:
0a:35:87:0a:9f:8d:77:84:3b:6d:72:0e:dd:fd:65:7a:d9:a9:
0f:3e:d9:db:12:86:16:8b:32:9a:5c:a6:73:98:3c:0e:d0:6f:
2b:9b:9b:9a:28:d1:8b:c2:79:b9:20:aa:d8:99:c2:51:4d:eb:
26:dd:4f:c3:66:fd:52:5e:65:40:49:1c:57:39:62:95:b3:5a:
73:6f:12:1e:2b:ae:a6:db:d6:72:0a:73:1e:d2:d4:f7:e3:a6:
c7:cc:94:17:14:bd:aa:00:e8:39:0a:33:84:a4:c3:ea:b2:7c:
6e:73:c0:ce:b1:6b:9c:8a:2e:fa:d6:74:bf:93:85:ff:de:80:
78:17:1b:5a:eb:9e:77:c9:37:a9:97:22:c9:5a:32:c5:6f:0e:
9c:cb:38:04:c5:ea:a6:c9:b9:0e:a6:41:04:34:8a:0a:8b:1f:
b1:1f:0a:43:75:62:0a:cb:3b:a6:51:54:d8:34:b4:17:b6:80:
3b:be:09:47:56:30:d9:6d:37:c8:7e:2b:95:c2:9a:e1:a1:06:
65:b5:5b:e1:41:7d:03:03:bf:4f:ca:a5:5c:7b:cb:79:42:8b:
d2:7e:23:f6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPfNgq0eXhW3Oz69Mku0O1z4H1X8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZkYTE5ZjQyODVlYjA0ZDAzMTA3MzNmNGFjMDAxMDdi
NzMzMzdhZDAeFw0yNDAyMjMxODU1MTZaFw0yNTAyMjExOTAwMTZaMDMxMTAvBgNV
BAMTKDQ2MzRDQTZFRjIyQjY5NjdDMjBGM0VGRDZENDZCMTNGNTUzQTNERTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLKsAu+JR9qp/FytmwqK6b+CA
f9FaNq6IIFLB9LwynSgGqNmy3Q2St5hoiTIrgzUKvbFYG0oHVqhoVrVDh3fUrEJF
VDlkjWoxIrU7IiLjuQiWob57yn1NwdhVTdlx43wMkxH7evzFdj3+DOyNSW2JNUYU
oEFBPhWqs/kQ986/OYuH6jM7HU3T8TAhR6KZcSNixRwkrZbinif0qRY+cqYVMliG
62Y3HU6kCHN3qrgnOf+MFGn1eUDpqVXsYBrD7pHwcS7me3NCzcmOe/LC6gjl7XZF
arybDHYhEQKKTpL8KrvQ5/AoQRoBRGdyRo7E22a1m33u7lP+biTZ6OqqnySFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURjTKbvIraWfCDz79bUaxP1U6PegwHwYDVR0j
BBgwFoAUBtoZ9ChesE0DEHM/SsABB7czN60wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2QtMjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0
NjJkLzEvMDZEQTE5RjQyODVFQjA0RDAzMTA3MzNGNEFDMDAxMDdCNzMzMzdBRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0J0b1o5Q2hlc0UwREVITV9Tc0FCQjdj
ek42MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMzcwYmU2Y2Qt
MjVkMi00ZjhiLTg4YTQtYjUxMDlmNDk0NjJkLzEvMzQzNTJlMzEzNTM2MmUzMTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2MzkzMDM3MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtnHcwDQYJKoZIhvcNAQELBQADggEBAMcnd3Ct3qGFU2+M4hZVGDglm6j1m3ys
kHAdZaPf0/fV2SJOiAo1hwqfjXeEO21yDt39ZXrZqQ8+2dsShhaLMppcpnOYPA7Q
byubm5oo0YvCebkgqtiZwlFN6ybdT8Nm/VJeZUBJHFc5YpWzWnNvEh4rrqbb1nIK
cx7S1PfjpsfMlBcUvaoA6DkKM4Skw+qyfG5zwM6xa5yKLvrWdL+Thf/egHgXG1rr
nnfJN6mXIslaMsVvDpzLOATF6qbJuQ6mQQQ0igqLH7EfCkN1YgrLO6ZRVNg0tBe2
gDu+CUdWMNltN8h+K5XCmuGhBmW1W+FBfQMDv0/KpVx7y3lCi9J+I/Y=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:35:32 2025 by rpki-client