Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e2033333230.roa
File: 34352e3132382e31342e302f32332d3234203d3e2033333230.roa (raw, json)
Hash identifier: ooNU723CrAk+Gb599bbA9d2K6aYJXJhSSD1sl+G5TR4=
Subject key identifier: C4:22:18:E5:21:75:FF:FB:97:E7:8A:81:BA:FA:44:2A:8A:01:F7:6F
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 1368604F0103A7BE5EEE04594BA3716DEBE69FEA
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e2033333230.roa
Signing time: Fri 01 Sep 2023 20:57:22 +0000
ROA not before: Fri 01 Sep 2023 20:52:22 +0000
ROA not after: Fri 30 Aug 2024 20:57:22 +0000
asID: 3320
IP address blocks: 45.128.14.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:68:60:4f:01:03:a7:be:5e:ee:04:59:4b:a3:71:6d:eb:e6:9f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Sep 1 20:52:22 2023 GMT
Not After : Aug 30 20:57:22 2024 GMT
Subject: CN=C42218E52175FFFB97E78A81BAFA442A8A01F76F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c5:92:fd:b6:83:ca:e9:31:22:1d:2e:b8:97:
e9:6f:39:58:4a:2a:75:0b:e9:cb:4e:4c:3a:0b:2b:
c7:d0:7f:07:67:95:b4:21:d7:0c:49:42:68:9c:d0:
50:e9:5a:80:22:81:fd:a7:86:f0:44:d4:2a:3d:2c:
7e:c8:a2:70:96:2f:67:83:fb:65:28:1a:5d:e0:f5:
c6:a3:e6:0e:76:c1:54:2d:21:11:6a:08:3d:f9:8c:
66:e3:23:8b:ba:a5:a9:46:e9:14:0f:f5:67:e4:13:
5e:03:5c:94:c7:ae:7f:c7:f4:e3:a6:4a:a5:fd:96:
ea:c4:ce:28:94:25:66:70:6e:15:80:7f:aa:13:f4:
db:af:03:50:41:10:78:df:a3:df:0c:8a:b9:5e:35:
a5:24:5a:62:f0:b9:37:21:f9:29:a7:c2:2e:89:29:
27:16:65:ad:f0:b4:be:52:50:3f:88:cd:d4:7d:6b:
c3:6b:64:b0:bc:63:21:f0:2c:d2:f7:7c:39:2a:ed:
af:a7:e8:a7:6a:41:14:2a:77:62:94:2e:ca:67:e3:
66:a7:50:07:2b:f1:10:2e:b5:ba:bd:e5:c4:db:3e:
a3:4c:64:db:25:ba:ed:4e:ba:ee:d6:8d:0e:0b:b1:
30:f7:65:45:ed:b6:1c:26:60:94:51:05:d5:5f:ff:
87:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:22:18:E5:21:75:FF:FB:97:E7:8A:81:BA:FA:44:2A:8A:01:F7:6F
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.14.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:43:fe:f8:6c:c9:c7:15:fc:5a:e1:34:a9:f5:31:48:01:dd:
56:41:d9:37:18:f7:fe:90:4a:28:89:13:bc:02:97:1c:7b:c6:
73:3b:37:2f:43:99:66:bf:ed:8f:35:17:3c:7d:6b:cf:c3:9e:
e1:95:94:e8:17:7a:5d:72:89:9c:fb:15:52:c9:47:a3:20:24:
75:4a:e0:95:ec:39:63:e2:06:45:d4:ad:05:90:f4:fd:e8:5b:
f9:b2:7b:12:2d:b1:e7:68:31:30:16:b1:6f:e9:69:b0:c7:19:
45:45:a5:dd:b4:32:ce:b2:dd:2a:5a:d6:0d:02:b5:ac:42:ea:
98:1f:40:8f:05:94:5e:3e:13:c8:44:d4:3e:62:0f:59:7f:b4:
07:fe:f1:34:f0:c6:e0:fa:93:f8:71:cc:8f:80:fc:71:c7:a0:
bb:66:b6:1f:28:8b:7f:77:64:89:d1:ee:21:dd:3c:a4:71:90:
d0:cd:5a:51:83:5a:11:05:91:36:4a:df:7c:c6:11:de:b0:9b:
0c:37:8d:f5:65:18:b5:21:dd:f9:5b:17:e9:e5:e6:b8:d8:fa:
e9:c8:98:ce:4b:18:51:74:2b:7e:05:c5:55:cd:4a:59:ec:87:
70:50:9e:a5:86:06:b4:60:ef:aa:70:ed:32:7a:71:47:3b:91:
a6:3b:03:e9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUE2hgTwEDp75e7gRZS6Nxbevmn+owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzA5MDEyMDUyMjJaFw0yNDA4MzAyMDU3MjJaMDMxMTAvBgNV
BAMTKEM0MjIxOEU1MjE3NUZGRkI5N0U3OEE4MUJBRkE0NDJBOEEwMUY3NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2xZL9toPK6TEiHS64l+lvOVhK
KnUL6ctOTDoLK8fQfwdnlbQh1wxJQmic0FDpWoAigf2nhvBE1Co9LH7IonCWL2eD
+2UoGl3g9caj5g52wVQtIRFqCD35jGbjI4u6palG6RQP9WfkE14DXJTHrn/H9OOm
SqX9lurEziiUJWZwbhWAf6oT9NuvA1BBEHjfo98MirleNaUkWmLwuTch+Smnwi6J
KScWZa3wtL5SUD+IzdR9a8NrZLC8YyHwLNL3fDkq7a+n6KdqQRQqd2KULspn42an
UAcr8RAutbq95cTbPqNMZNsluu1Ouu7WjQ4LsTD3ZUXtthwmYJRRBdVf/4d3AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUxCIY5SF1//uX54qBuvpEKooB928wHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzEzMjM4MmUzMTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzMzMyMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtgA4w
DQYJKoZIhvcNAQELBQADggEBAFxD/vhsyccV/FrhNKn1MUgB3VZB2TcY9/6QSiiJ
E7wClxx7xnM7Ny9DmWa/7Y81Fzx9a8/DnuGVlOgXel1yiZz7FVLJR6MgJHVK4JXs
OWPiBkXUrQWQ9P3oW/myexItsedoMTAWsW/pabDHGUVFpd20Ms6y3Spa1g0CtaxC
6pgfQI8FlF4+E8hE1D5iD1l/tAf+8TTwxuD6k/hxzI+A/HHHoLtmth8oi393ZInR
7iHdPKRxkNDNWlGDWhEFkTZK33zGEd6wmww3jfVlGLUh3flbF+nl5rjY+unImM5L
GFF0K34FxVXNSlnsh3BQnqWGBrRg76pw7TJ6cUc7kaY7A+k=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:35:28 2025 by rpki-client