Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa
File: 34352e38392e3134382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: PIluxmxblKYfVE+RgznrWMUVJSp0ahiHS4l1Q8eGadM=
Subject key identifier: 11:FA:92:E1:DE:0B:93:BD:94:A3:13:C7:59:A5:74:54:23:1D:F8:A3
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 4851AA6187474906B7C97B01451D78493B9A454A
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa
Signing time: Mon 07 Aug 2023 06:00:13 +0000
ROA not before: Mon 07 Aug 2023 05:55:13 +0000
ROA not after: Mon 05 Aug 2024 06:00:13 +0000
asID: 834
IP address blocks: 45.89.148.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:51:aa:61:87:47:49:06:b7:c9:7b:01:45:1d:78:49:3b:9a:45:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Aug 7 05:55:13 2023 GMT
Not After : Aug 5 06:00:13 2024 GMT
Subject: CN=11FA92E1DE0B93BD94A313C759A57454231DF8A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:59:78:10:c4:b9:b4:de:b4:f4:33:d4:a9:bc:
b9:d8:a6:43:9f:23:bb:4e:a2:27:89:ad:1a:1e:f2:
4d:73:ba:8c:e0:3e:78:35:51:3f:ed:af:2b:f4:13:
16:13:d4:0b:7a:bd:be:cd:1e:c5:c6:6d:f5:c1:fb:
de:b2:a2:60:be:2d:87:1c:94:4d:55:de:ea:9e:bd:
bb:76:ab:ac:e9:d8:c1:b2:dd:23:c7:0e:77:3e:9f:
f7:9d:2a:92:d2:73:a7:66:b8:0f:5d:e4:17:5e:4b:
05:36:6b:68:2b:07:e2:98:a4:b7:8e:57:3f:30:5c:
24:7f:06:8e:8a:1c:93:fa:0f:49:d7:44:30:31:dc:
ea:28:ea:2b:6e:80:8d:1e:11:82:2e:b0:d6:2c:e0:
a8:67:dd:10:81:08:ef:72:69:4b:1c:33:78:a5:8c:
9a:ee:a5:ba:7d:ef:0c:07:16:27:c1:4e:e7:1d:b3:
ae:65:bf:9c:d5:ed:36:7a:39:cc:61:0c:53:c6:45:
60:9f:99:a1:b1:06:cc:e7:76:85:ef:09:cd:e5:e2:
da:26:c1:4b:69:2f:57:9a:55:a7:a5:13:ad:39:01:
7a:ad:bc:95:67:5f:a8:cf:f3:6d:eb:3f:13:7c:d0:
75:68:c7:cf:0a:75:9d:3e:fe:ca:82:78:79:53:5d:
6b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FA:92:E1:DE:0B:93:BD:94:A3:13:C7:59:A5:74:54:23:1D:F8:A3
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.148.0/24
Signature Algorithm: sha256WithRSAEncryption
86:9b:61:b9:bf:84:34:de:fa:4d:c7:8c:a6:ea:81:3c:48:9a:
4b:ec:06:19:8d:84:1b:e9:bf:ec:96:9e:0d:87:92:9d:3f:6b:
a8:ef:05:c0:df:23:d3:8e:46:9f:4b:36:67:44:ea:15:1f:b1:
85:51:42:e2:44:1d:d7:8f:fb:23:1f:e4:3f:13:b9:6d:8d:11:
6f:80:b9:79:bd:50:4c:9d:9b:e6:90:a6:bd:2a:72:31:fa:09:
05:19:13:51:c5:3c:63:7d:20:02:28:ff:53:a8:23:70:ed:85:
38:0a:99:2b:96:92:e7:e0:90:4b:93:19:33:9a:8e:13:75:e3:
32:fe:c3:7f:96:85:9f:cc:08:cd:98:20:ac:a4:f3:8a:95:ca:
38:9c:9d:5f:02:ca:25:df:c3:d8:7d:2b:38:a1:69:a9:a8:f7:
3f:05:e6:79:fc:66:aa:34:9b:02:a4:ff:09:46:8e:21:c7:e3:
b0:68:57:6c:27:0b:05:c6:2e:51:a0:46:ab:2f:c4:3e:2d:0f:
a9:e2:1f:f8:32:d0:5b:57:d8:d3:fd:37:66:cd:29:69:9c:ff:
fc:07:3f:c1:7a:8b:24:17:f0:3c:cd:d2:b0:64:f0:1b:2e:30:
b3:75:f4:74:66:d0:92:39:e5:cf:a5:9a:fd:09:72:6d:17:3e:
30:91:d8:1a
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUSFGqYYdHSQa3yXsBRR14STuaRUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzA4MDcwNTU1MTNaFw0yNDA4MDUwNjAwMTNaMDMxMTAvBgNV
BAMTKDExRkE5MkUxREUwQjkzQkQ5NEEzMTNDNzU5QTU3NDU0MjMxREY4QTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYWXgQxLm03rT0M9SpvLnYpkOf
I7tOoieJrRoe8k1zuozgPng1UT/tryv0ExYT1At6vb7NHsXGbfXB+96yomC+LYcc
lE1V3uqevbt2q6zp2MGy3SPHDnc+n/edKpLSc6dmuA9d5BdeSwU2a2grB+KYpLeO
Vz8wXCR/Bo6KHJP6D0nXRDAx3Ooo6itugI0eEYIusNYs4Khn3RCBCO9yaUscM3il
jJrupbp97wwHFifBTucds65lv5zV7TZ6OcxhDFPGRWCfmaGxBszndoXvCc3l4tom
wUtpL1eaVaelE605AXqtvJVnX6jP823rPxN80HVox88KdZ0+/sqCeHlTXWudAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUEfqS4d4Lk72UoxPHWaV0VCMd+KMwHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzgzOTJlMzEzNDM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVmUMA0G
CSqGSIb3DQEBCwUAA4IBAQCGm2G5v4Q03vpNx4ym6oE8SJpL7AYZjYQb6b/slp4N
h5KdP2uo7wXA3yPTjkafSzZnROoVH7GFUULiRB3Xj/sjH+Q/E7ltjRFvgLl5vVBM
nZvmkKa9KnIx+gkFGRNRxTxjfSACKP9TqCNw7YU4CpkrlpLn4JBLkxkzmo4TdeMy
/sN/loWfzAjNmCCspPOKlco4nJ1fAsol38PYfSs4oWmpqPc/BeZ5/GaqNJsCpP8J
Ro4hx+OwaFdsJwsFxi5RoEarL8Q+LQ+p4h/4MtBbV9jT/TdmzSlpnP/8Bz/Beosk
F/A8zdKwZPAbLjCzdfR0ZtCSOeXPpZr9CXJtFz4wkdga
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:27:29 2025 by rpki-client