Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e382e302f32342d3234203d3e20383334.roa
File: 34352e38382e382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: bDmcmmv8y5edq2s9HUZxz2hrBoq1HktsSh10RqcMe30=
Subject key identifier: F8:66:B7:B1:7B:C1:D9:3B:7B:BB:DD:28:A1:33:C2:68:49:71:F5:BB
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 590742CB4C4817F65CD97D24203EFE17941DC8E7
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e382e302f32342d3234203d3e20383334.roa
Signing time: Sun 23 Feb 2025 11:11:43 +0000
ROA not before: Sun 23 Feb 2025 11:06:43 +0000
ROA not after: Sun 22 Feb 2026 11:11:43 +0000
asID: 834
IP address blocks: 45.88.8.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:07:42:cb:4c:48:17:f6:5c:d9:7d:24:20:3e:fe:17:94:1d:c8:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Feb 23 11:06:43 2025 GMT
Not After : Feb 22 11:11:43 2026 GMT
Subject: CN=F866B7B17BC1D93B7BBBDD28A133C2684971F5BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:29:cb:12:06:89:28:3c:a3:6c:80:ff:87:32:
b9:06:1a:50:df:bb:3c:44:b8:bd:9a:67:9a:8f:12:
2e:0b:79:72:22:8a:62:de:82:af:c4:75:c0:d6:42:
55:7c:2e:b5:63:aa:e6:53:22:df:3d:5f:71:5f:c2:
63:73:91:5c:e6:ed:a7:da:4d:40:a1:47:59:ba:9b:
02:2b:9d:3a:70:78:27:3b:4f:da:33:f8:6f:25:48:
c4:9d:d8:58:f6:02:4d:f7:58:45:bf:04:b7:eb:ee:
9b:de:f4:66:ed:82:a1:f0:23:3f:48:a5:db:a9:89:
ec:ab:20:26:46:8f:7e:de:96:fb:71:f6:4e:fa:d5:
f7:a7:85:91:e5:02:33:20:4e:bd:04:e5:f9:b8:11:
84:3c:0f:0e:b5:7f:33:ae:f0:4e:5d:31:61:de:4c:
7c:db:32:a1:e2:8d:eb:a0:88:1e:d6:18:cd:41:e7:
48:f2:d0:a3:5c:fd:2b:99:d6:2c:a1:b6:c4:8e:d7:
14:70:92:ad:95:a5:7d:e3:ea:72:f1:8f:47:09:7b:
30:e5:d6:ea:b2:8d:3f:bf:9a:9f:fd:04:a9:22:7c:
e2:e1:38:17:49:44:22:24:f2:65:c2:d3:ec:55:26:
f8:34:5d:cc:91:e7:72:44:f2:c2:dd:c8:c8:13:51:
4b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:66:B7:B1:7B:C1:D9:3B:7B:BB:DD:28:A1:33:C2:68:49:71:F5:BB
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e38382e382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.8.0/24
Signature Algorithm: sha256WithRSAEncryption
82:98:1d:b8:4b:50:bc:87:8e:0f:30:0a:d8:43:9d:04:19:3c:
04:b7:3f:3d:4c:f0:b9:55:0c:28:80:72:2d:a8:24:bb:90:c1:
db:a8:66:e9:ff:3f:0b:a5:8a:7a:e4:e7:35:7f:bd:7c:70:d2:
ba:04:4d:8a:d1:ff:62:73:cb:47:70:3a:6a:69:71:22:fc:d5:
16:71:03:f2:0b:53:f0:ea:28:05:b6:01:cd:ec:bc:04:32:40:
8c:16:e8:af:07:3a:0d:d3:6e:66:02:93:f3:f5:8d:09:82:13:
44:51:9e:42:d1:4e:a8:bd:01:e2:9a:89:68:f5:52:e7:00:17:
7e:95:f1:ae:7c:25:02:04:a5:46:9e:bb:12:46:ac:f2:89:fc:
b8:76:77:97:8f:79:7e:a7:a7:9c:8c:b3:27:80:0c:de:2b:61:
94:5b:94:28:d4:19:99:2c:e3:3b:4f:50:7d:c6:0b:cd:43:5b:
83:7c:2e:f4:f1:d4:29:7c:46:5e:44:8e:c8:3a:7d:f9:b5:0a:
7e:1d:d4:ab:f5:3d:b1:7c:27:61:55:4d:18:2c:a9:b8:c0:a3:
72:40:b7:7f:00:d8:96:9e:da:61:8d:b5:83:ca:40:d8:c0:b2:
66:bc:a8:ee:74:5f:50:3b:aa:cd:1d:14:2b:03:0c:89:7d:67:
d8:6c:67:12
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUWQdCy0xIF/Zc2X0kID7+F5QdyOcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTAyMjMxMTA2NDNaFw0yNjAyMjIxMTExNDNaMDMxMTAvBgNV
BAMTKEY4NjZCN0IxN0JDMUQ5M0I3QkJCREQyOEExMzNDMjY4NDk3MUY1QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4KcsSBokoPKNsgP+HMrkGGlDf
uzxEuL2aZ5qPEi4LeXIiimLegq/EdcDWQlV8LrVjquZTIt89X3FfwmNzkVzm7afa
TUChR1m6mwIrnTpweCc7T9oz+G8lSMSd2Fj2Ak33WEW/BLfr7pve9GbtgqHwIz9I
pdupieyrICZGj37elvtx9k761fenhZHlAjMgTr0E5fm4EYQ8Dw61fzOu8E5dMWHe
THzbMqHijeugiB7WGM1B50jy0KNc/SuZ1iyhtsSO1xRwkq2VpX3j6nLxj0cJezDl
1uqyjT+/mp/9BKkifOLhOBdJRCIk8mXC0+xVJvg0XcyR53JE8sLdyMgTUUt1AgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQU+Ga3sXvB2Tt7u90ooTPCaElx9bswHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzgzODJlMzgyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtWAgwDQYJKoZI
hvcNAQELBQADggEBAIKYHbhLULyHjg8wCthDnQQZPAS3Pz1M8LlVDCiAci2oJLuQ
wduoZun/Pwulinrk5zV/vXxw0roETYrR/2Jzy0dwOmppcSL81RZxA/ILU/DqKAW2
Ac3svAQyQIwW6K8HOg3TbmYCk/P1jQmCE0RRnkLRTqi9AeKaiWj1UucAF36V8a58
JQIEpUaeuxJGrPKJ/Lh2d5ePeX6np5yMsyeADN4rYZRblCjUGZks4ztPUH3GC81D
W4N8LvTx1Cl8Rl5Ejsg6ffm1Cn4d1Kv1PbF8J2FVTRgsqbjAo3JAt38A2Jae2mGN
tYPKQNjAsma8qO50X1A7qs0dFCsDDIl9Z9hsZxI=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:41:10 2025 by rpki-client