Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e20383334.roa
File: 34352e3132382e31342e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: C5vun/GYkRWZAloXtLPlSblORIWHASg2QCnJJM4GAkw=
Subject key identifier: 02:36:F9:1B:A3:3B:B8:BD:9A:C3:8B:01:D7:24:78:A9:69:14:2B:17
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 35824C598717AC297A5F6E81B98D4BFF9AE8AD33
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e20383334.roa
Signing time: Wed 31 May 2023 00:00:12 +0000
ROA not before: Tue 30 May 2023 23:55:12 +0000
ROA not after: Wed 29 May 2024 00:00:12 +0000
asID: 834
IP address blocks: 45.128.14.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:82:4c:59:87:17:ac:29:7a:5f:6e:81:b9:8d:4b:ff:9a:e8:ad:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: May 30 23:55:12 2023 GMT
Not After : May 29 00:00:12 2024 GMT
Subject: CN=0236F91BA33BB8BD9AC38B01D72478A969142B17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:70:23:62:cf:53:7e:5f:6c:aa:fc:6a:a3:48:
d0:42:fb:62:85:04:d1:b3:b4:64:d9:82:a9:4c:aa:
16:b0:8a:be:98:f9:b1:00:c7:12:df:f4:bb:15:46:
94:d8:68:20:1b:36:c9:f9:e7:b4:7a:b5:47:8d:cd:
2b:ba:2b:b5:52:84:69:5f:80:67:d6:0a:06:e3:4d:
b5:63:6e:14:a6:c7:bf:ab:6c:06:55:cd:d8:e8:68:
14:61:bc:19:54:eb:0f:57:98:93:0a:c2:0e:61:c6:
e9:39:85:40:cd:d1:34:f5:bc:fe:8c:bc:29:19:e6:
bc:ab:df:bd:d5:ba:d9:79:f2:15:6c:02:85:53:ee:
4f:05:3c:4d:4f:df:b1:71:a9:3f:d3:d9:d3:74:b0:
55:2a:7f:93:04:eb:07:78:f3:56:87:75:fe:16:04:
4a:8d:67:fe:e5:29:a9:aa:34:ce:d6:68:27:6c:32:
ed:1c:17:fe:29:40:90:44:f6:29:12:9d:7c:33:65:
de:b8:65:5b:c9:58:8d:7d:3b:77:2a:f8:0f:ee:06:
d3:cf:32:ab:a5:ff:8b:28:ae:3c:7e:6d:c1:46:04:
b4:e1:ba:b7:fa:30:f0:2d:d0:d8:3f:08:a9:06:be:
ab:a0:0e:9c:ed:d1:97:0b:87:e2:37:50:3d:db:49:
fe:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:36:F9:1B:A3:3B:B8:BD:9A:C3:8B:01:D7:24:78:A9:69:14:2B:17
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e3132382e31342e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.14.0/23
Signature Algorithm: sha256WithRSAEncryption
90:80:d3:43:a6:0a:5c:d6:11:44:b1:bf:8a:ff:57:6b:05:90:
a6:0f:30:64:e6:da:70:49:5f:06:5b:a7:b5:5a:ab:8f:63:ee:
6e:a1:94:e1:56:df:c5:82:06:7e:07:fc:67:ee:a2:23:fb:17:
32:3f:b9:76:31:66:f9:81:45:24:ee:92:ee:1a:59:bf:c1:7b:
08:f7:a7:ee:07:49:34:aa:79:2e:ed:9a:04:10:4b:c3:f1:a3:
d3:63:14:a9:30:5a:68:f7:63:24:bb:b6:5a:14:09:01:5b:2c:
d2:1d:1d:79:ec:f7:6d:82:32:62:b4:fa:f7:a4:1c:e1:e2:9b:
83:b2:b6:da:91:b3:26:e2:13:65:22:db:63:62:80:fd:55:5e:
74:52:d2:1d:bb:eb:53:cc:0a:4a:11:c5:a8:ca:50:3f:0b:0d:
66:65:e0:da:fe:91:b0:01:a6:22:ff:e7:04:23:d6:36:f1:56:
b7:66:b1:61:bc:70:32:4f:11:4b:1a:43:08:a1:be:74:4b:8d:
96:5b:4d:3e:b9:06:cc:d4:2f:58:7e:57:c3:0a:1a:eb:e8:77:
9b:81:10:ce:27:17:ac:a1:12:1d:08:a1:32:c7:65:d0:d1:dc:
44:13:60:a7:3b:14:69:9c:ff:fd:b3:23:ce:9a:6a:54:ef:ee:
c8:e6:0f:87
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNYJMWYcXrCl6X26BuY1L/5rorTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzA1MzAyMzU1MTJaFw0yNDA1MjkwMDAwMTJaMDMxMTAvBgNV
BAMTKDAyMzZGOTFCQTMzQkI4QkQ5QUMzOEIwMUQ3MjQ3OEE5NjkxNDJCMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcCNiz1N+X2yq/GqjSNBC+2KF
BNGztGTZgqlMqhawir6Y+bEAxxLf9LsVRpTYaCAbNsn557R6tUeNzSu6K7VShGlf
gGfWCgbjTbVjbhSmx7+rbAZVzdjoaBRhvBlU6w9XmJMKwg5hxuk5hUDN0TT1vP6M
vCkZ5ryr373Vutl58hVsAoVT7k8FPE1P37FxqT/T2dN0sFUqf5ME6wd481aHdf4W
BEqNZ/7lKamqNM7WaCdsMu0cF/4pQJBE9ikSnXwzZd64ZVvJWI19O3cq+A/uBtPP
Mqul/4sorjx+bcFGBLThurf6MPAt0Ng/CKkGvqugDpzt0ZcLh+I3UD3bSf6ZAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUAjb5G6M7uL2aw4sB1yR4qWkUKxcwHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzEzMjM4MmUzMTM0
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLYAOMA0G
CSqGSIb3DQEBCwUAA4IBAQCQgNNDpgpc1hFEsb+K/1drBZCmDzBk5tpwSV8GW6e1
WquPY+5uoZThVt/FggZ+B/xn7qIj+xcyP7l2MWb5gUUk7pLuGlm/wXsI96fuB0k0
qnku7ZoEEEvD8aPTYxSpMFpo92Mku7ZaFAkBWyzSHR157PdtgjJitPr3pBzh4puD
srbakbMm4hNlIttjYoD9VV50UtIdu+tTzApKEcWoylA/Cw1mZeDa/pGwAaYi/+cE
I9Y28Va3ZrFhvHAyTxFLGkMIob50S42WW00+uQbM1C9YflfDChrr6HebgRDOJxes
oRIdCKEyx2XQ0dxEE2CnOxRpnP/9syPOmmpU7+7I5g+H
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:25:47 2025 by rpki-client