Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e2033333230.roa
File: 34352e38392e3134382e302f32332d3234203d3e2033333230.roa (raw, json)
Hash identifier: q9mj9XBVWWa1hicSD9KNuhFVBHPW9AEEkNRaXy39V28=
Subject key identifier: 4B:21:8F:A2:F3:BF:C7:61:23:D0:FC:72:A4:90:BB:D6:F2:0C:F2:4F
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 68A3FEB31092B1A19D4C0B78338F431848DB9EE5
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e2033333230.roa
Signing time: Fri 31 Mar 2023 14:48:04 +0000
ROA not before: Fri 31 Mar 2023 14:43:04 +0000
ROA not after: Fri 29 Mar 2024 14:48:04 +0000
asID: 3320
IP address blocks: 45.89.148.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:a3:fe:b3:10:92:b1:a1:9d:4c:0b:78:33:8f:43:18:48:db:9e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Mar 31 14:43:04 2023 GMT
Not After : Mar 29 14:48:04 2024 GMT
Subject: CN=4B218FA2F3BFC76123D0FC72A490BBD6F20CF24F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:2a:26:03:86:e9:df:25:b1:a7:5e:a1:d0:af:
2a:56:d3:35:a5:fc:ae:4b:48:68:41:ca:93:d2:20:
53:9e:c3:39:de:b9:47:96:50:b0:21:1c:f8:cd:f0:
1d:e1:1b:44:59:23:60:cb:a5:43:31:82:34:4b:69:
ec:30:e9:20:7e:58:15:a7:f0:f4:8f:55:36:2f:d7:
3f:64:73:60:e1:d4:7f:76:ef:75:e9:dd:e1:91:9d:
31:f9:f2:af:83:0a:5c:a9:0e:4c:80:8d:71:ec:39:
75:cb:7b:1d:1d:b6:e0:bd:f3:eb:40:49:e2:f8:f1:
0d:5f:49:7c:84:e3:66:63:7e:9e:25:f4:05:68:52:
b9:54:d2:2a:da:95:cd:de:00:d3:b4:d2:c4:21:59:
25:79:c7:b5:5a:00:2e:f4:9a:60:8a:1f:3d:44:dc:
f9:86:7b:fe:12:c0:ae:95:b8:75:b5:f2:b2:73:a8:
a8:9a:85:0e:a2:1b:70:7e:20:4c:cb:0c:b1:72:e2:
9b:b6:b8:c1:d3:50:8f:32:2a:d3:ba:72:3b:62:b1:
66:3e:8b:0c:6b:59:eb:77:e7:93:8e:44:86:f1:98:
17:c3:16:37:0f:a5:38:69:f5:b2:1b:c4:87:2d:e2:
a1:e2:1d:c2:ad:05:35:7d:fb:ed:4c:3f:f7:30:93:
8d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:21:8F:A2:F3:BF:C7:61:23:D0:FC:72:A4:90:BB:D6:F2:0C:F2:4F
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32332d3234203d3e2033333230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.148.0/23
Signature Algorithm: sha256WithRSAEncryption
34:a1:c7:64:39:1f:f9:5c:87:51:38:d6:ba:6a:1b:37:17:a2:
e2:ae:a7:21:ff:aa:40:98:db:70:02:2c:fa:23:ec:6c:71:e4:
82:13:cb:d4:40:60:c0:1e:6b:11:b3:6a:d8:3f:14:66:d3:6c:
89:64:61:87:ad:7e:48:42:a6:bf:9a:77:61:7f:4d:d8:f6:83:
21:e9:d3:e9:42:11:cb:87:66:97:b9:33:c9:c2:ae:f3:aa:13:
71:ad:be:a5:15:e0:ca:f9:41:e1:70:f5:0e:f3:4b:3a:08:a7:
76:29:f1:23:b2:6d:52:07:37:ff:db:fd:8c:dc:81:9f:9f:56:
31:2b:6b:52:58:3c:ec:12:27:b6:cb:87:e8:5f:2c:d1:1e:37:
e1:cc:43:77:44:63:30:71:f1:22:a8:01:78:cf:03:32:7a:41:
6b:e9:06:27:c2:35:f4:95:f6:17:2a:fc:f2:d6:a6:59:3b:27:
39:14:49:f8:09:6e:66:b7:a9:f4:46:e0:8a:16:fd:6c:a7:24:
49:cf:2b:2d:87:2a:69:6a:93:4d:5f:6c:aa:f2:60:1f:45:ec:
65:41:02:ea:5c:20:2c:2d:5b:73:d5:b6:24:27:91:38:67:68:
8e:29:cd:f8:99:3a:f0:b4:66:ad:f6:ac:b6:f0:3f:b6:82:02:
b2:e4:4e:ea
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUaKP+sxCSsaGdTAt4M49DGEjbnuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzAzMzExNDQzMDRaFw0yNDAzMjkxNDQ4MDRaMDMxMTAvBgNV
BAMTKDRCMjE4RkEyRjNCRkM3NjEyM0QwRkM3MkE0OTBCQkQ2RjIwQ0YyNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKiYDhunfJbGnXqHQrypW0zWl
/K5LSGhBypPSIFOewzneuUeWULAhHPjN8B3hG0RZI2DLpUMxgjRLaeww6SB+WBWn
8PSPVTYv1z9kc2Dh1H9273Xp3eGRnTH58q+DClypDkyAjXHsOXXLex0dtuC98+tA
SeL48Q1fSXyE42Zjfp4l9AVoUrlU0iralc3eANO00sQhWSV5x7VaAC70mmCKHz1E
3PmGe/4SwK6VuHW18rJzqKiahQ6iG3B+IEzLDLFy4pu2uMHTUI8yKtO6cjtisWY+
iwxrWet355OORIbxmBfDFjcPpThp9bIbxIct4qHiHcKtBTV9++1MP/cwk41nAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUSyGPovO/x2Ej0PxypJC71vIM8k8wHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzgzOTJlMzEzNDM4
MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzMzMzMyMzAucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtWZQw
DQYJKoZIhvcNAQELBQADggEBADShx2Q5H/lch1E41rpqGzcXouKupyH/qkCY23AC
LPoj7Gxx5IITy9RAYMAeaxGzatg/FGbTbIlkYYetfkhCpr+ad2F/Tdj2gyHp0+lC
EcuHZpe5M8nCrvOqE3GtvqUV4Mr5QeFw9Q7zSzoIp3Yp8SOybVIHN//b/YzcgZ+f
VjEra1JYPOwSJ7bLh+hfLNEeN+HMQ3dEYzBx8SKoAXjPAzJ6QWvpBifCNfSV9hcq
/PLWplk7JzkUSfgJbma3qfRG4IoW/WynJEnPKy2HKmlqk01fbKryYB9F7GVBAupc
ICwtW3PVtiQnkThnaI4pzfiZOvC0Zq32rLbwP7aCArLkTuo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:28:00 2025 by rpki-client