Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134392e302f32342d3234203d3e20383334.roa
File: 34352e38392e3134392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: qKmT/dCgjcNeyQxNvrh0DmmQn+v6/CLsVcdJqJ2Rpcw=
Subject key identifier: 6A:64:99:9C:2F:A0:9A:31:6F:DE:0B:22:D9:A8:62:43:00:65:7F:14
Certificate issuer: /CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Certificate serial: 2C1EC6E6EEE2A169CA20C3C2A92492E0C1227F13
Authority key identifier: BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134392e302f32342d3234203d3e20383334.roa
Signing time: Fri 14 Jul 2023 13:30:04 +0000
ROA not before: Fri 14 Jul 2023 13:25:04 +0000
ROA not after: Fri 12 Jul 2024 13:30:04 +0000
asID: 834
IP address blocks: 45.89.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:1e:c6:e6:ee:e2:a1:69:ca:20:c3:c2:a9:24:92:e0:c1:22:7f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcd46dba34fe6620d72d9e7f576ef7a88a6c961a
Validity
Not Before: Jul 14 13:25:04 2023 GMT
Not After : Jul 12 13:30:04 2024 GMT
Subject: CN=6A64999C2FA09A316FDE0B22D9A8624300657F14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:40:1f:fb:69:91:06:28:5d:88:90:f4:fd:dc:
74:33:f6:28:9f:ce:c5:7f:f2:01:8d:e3:d1:d3:b5:
0b:64:95:22:3f:36:04:dc:8b:0d:45:40:7b:10:f7:
b3:e5:7e:09:db:20:7d:b5:97:27:a7:df:c5:fb:e1:
57:93:16:99:85:c9:4d:c0:86:01:35:2c:9c:41:13:
f5:d9:eb:0b:95:db:bf:d5:42:67:96:84:f6:3a:da:
32:84:6d:60:09:78:d9:e7:a0:75:ae:ff:00:1b:67:
c2:11:68:39:14:45:b2:45:8f:77:c6:53:38:a1:71:
fa:59:13:4d:0a:f2:00:5a:da:1b:1f:da:bc:ea:95:
4e:fd:e8:3f:eb:bb:27:0c:cb:90:56:58:72:e2:6d:
c3:3e:3f:80:66:49:62:9c:92:ce:c1:a1:de:22:ac:
f2:97:b1:94:6a:c8:f9:8a:a3:64:e5:e5:21:49:3d:
7a:59:61:16:6b:d9:ce:35:65:5a:d0:3d:25:ec:fe:
4c:5a:1a:65:07:24:10:09:8c:33:b3:48:73:e3:07:
dc:67:17:d4:eb:c1:0f:50:2a:10:06:d1:5a:8c:57:
f5:ef:53:29:49:28:be:74:9c:e7:a6:cd:a9:a3:92:
f1:50:e9:b9:9b:d2:91:65:3d:c7:a0:f3:35:9c:40:
0b:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:64:99:9C:2F:A0:9A:31:6F:DE:0B:22:D9:A8:62:43:00:65:7F:14
X509v3 Authority Key Identifier:
keyid:BC:D4:6D:BA:34:FE:66:20:D7:2D:9E:7F:57:6E:F7:A8:8A:6C:96:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/BCD46DBA34FE6620D72D9E7F576EF7A88A6C961A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vNRtujT-ZiDXLZ5_V273qIpslho.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7d6a1636-1758-4bbd-ae81-3a7107d9a845/0/34352e38392e3134392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.149.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:b7:05:48:09:72:ad:63:32:dc:06:4c:00:41:25:71:4a:a2:
e1:76:df:d5:7a:d1:69:4c:74:d1:df:25:e8:ef:33:96:85:ff:
4f:db:fc:a5:1a:2b:45:35:20:52:87:08:0c:6c:cf:7b:79:ee:
e3:3c:28:df:41:4c:31:9a:5e:aa:58:ea:dc:06:ea:4d:15:df:
5a:6f:ad:a7:b9:38:7f:21:f4:66:a3:35:81:1b:48:64:c7:c3:
ea:18:20:54:7b:7d:79:1e:20:12:cc:36:dd:c4:69:2d:f9:03:
8f:50:9e:3d:8e:26:91:ab:25:7b:21:53:0f:69:b0:84:a8:2b:
ab:a1:25:63:0d:5a:f7:75:dd:dc:db:17:14:4d:8c:9f:73:b2:
6e:8a:d4:25:eb:d7:51:b0:ae:7a:1b:e8:46:e1:d5:b0:9e:90:
12:67:82:bd:af:ed:a0:7e:51:be:79:ba:ea:88:12:38:dd:21:
02:55:b7:c2:76:ff:0a:06:43:8e:9a:73:2f:23:fa:a4:0e:a1:
53:fe:2d:61:7e:33:48:26:ac:6b:80:58:f3:9a:74:11:d7:44:
5d:e6:4c:0c:c1:0b:86:09:33:5f:5d:8d:19:9f:80:38:39:81:
81:bb:e5:19:fd:69:74:b3:a4:83:bb:93:e2:f8:24:8c:45:d7:
7a:24:8f:1f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIULB7G5u7ioWnKIMPCqSSS4MEifxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYmNkNDZkYmEzNGZlNjYyMGQ3MmQ5ZTdmNTc2ZWY3YTg4
YTZjOTYxYTAeFw0yMzA3MTQxMzI1MDRaFw0yNDA3MTIxMzMwMDRaMDMxMTAvBgNV
BAMTKDZBNjQ5OTlDMkZBMDlBMzE2RkRFMEIyMkQ5QTg2MjQzMDA2NTdGMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsQB/7aZEGKF2IkPT93HQz9iif
zsV/8gGN49HTtQtklSI/NgTciw1FQHsQ97PlfgnbIH21lyen38X74VeTFpmFyU3A
hgE1LJxBE/XZ6wuV27/VQmeWhPY62jKEbWAJeNnnoHWu/wAbZ8IRaDkURbJFj3fG
UzihcfpZE00K8gBa2hsf2rzqlU796D/ruycMy5BWWHLibcM+P4BmSWKcks7Bod4i
rPKXsZRqyPmKo2Tl5SFJPXpZYRZr2c41ZVrQPSXs/kxaGmUHJBAJjDOzSHPjB9xn
F9TrwQ9QKhAG0VqMV/XvUylJKL50nOemzamjkvFQ6bmb0pFlPceg8zWcQAv3AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUamSZnC+gmjFv3gsi2ahiQwBlfxQwHwYDVR0j
BBgwFoAUvNRtujT+ZiDXLZ5/V273qIpslhowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYtMTc1OC00YmJkLWFlODEtM2E3MTA3ZDlh
ODQ1LzAvQkNENDZEQkEzNEZFNjYyMEQ3MkQ5RTdGNTc2RUY3QTg4QTZDOTYxQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZOUnR1alQtWmlEWExaNV9WMjczcUlw
c2xoby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2Q2YTE2MzYt
MTc1OC00YmJkLWFlODEtM2E3MTA3ZDlhODQ1LzAvMzQzNTJlMzgzOTJlMzEzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVmVMA0G
CSqGSIb3DQEBCwUAA4IBAQCrtwVICXKtYzLcBkwAQSVxSqLhdt/VetFpTHTR3yXo
7zOWhf9P2/ylGitFNSBShwgMbM97ee7jPCjfQUwxml6qWOrcBupNFd9ab62nuTh/
IfRmozWBG0hkx8PqGCBUe315HiASzDbdxGkt+QOPUJ49jiaRqyV7IVMPabCEqCur
oSVjDVr3dd3c2xcUTYyfc7JuitQl69dRsK56G+hG4dWwnpASZ4K9r+2gflG+ebrq
iBI43SECVbfCdv8KBkOOmnMvI/qkDqFT/i1hfjNIJqxrgFjzmnQR10Rd5kwMwQuG
CTNfXY0Zn4A4OYGBu+UZ/Wl0s6SDu5Pi+CSMRdd6JI8f
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:09 2025 by rpki-client