Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
File: 34352e31322e38322e302f32342d3234203d3e20313532363732.roa (raw, json)
Hash identifier: LkIz0tw9hPCOiH6jVi78LReaO+Z7t0aA1ZVqbMgsms8=
Subject key identifier: 3A:53:B5:ED:96:36:07:B3:DD:69:F3:CD:6A:92:2F:3A:50:6A:20:5B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 36D1D257E9CE6B7DD42E4A21EE24B394A83B2140
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
Signing time: Wed 12 Mar 2025 11:53:58 +0000
ROA not before: Wed 12 Mar 2025 11:48:58 +0000
ROA not after: Wed 11 Mar 2026 11:53:58 +0000
asID: 152672
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:d1:d2:57:e9:ce:6b:7d:d4:2e:4a:21:ee:24:b3:94:a8:3b:21:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 12 11:48:58 2025 GMT
Not After : Mar 11 11:53:58 2026 GMT
Subject: CN=3A53B5ED963607B3DD69F3CD6A922F3A506A205B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:b2:4d:fe:1f:66:4b:9c:50:f8:43:d8:87:4d:
38:ce:ae:30:b1:b6:1f:90:70:bc:92:30:1b:73:37:
09:54:eb:c6:1d:95:f2:28:16:89:a5:4e:80:90:2a:
ae:59:09:ee:2b:bc:94:09:e3:a4:89:fb:c5:a9:14:
6c:2f:be:3a:66:30:bc:e1:c3:48:3e:ba:2c:5a:b0:
90:0f:4d:50:af:4d:30:97:50:b5:4a:cc:69:e5:85:
10:23:fb:d6:04:fa:f3:1b:9c:79:82:67:38:70:de:
e4:cd:6c:50:a3:a7:b1:34:2f:24:1d:1d:81:f5:47:
6e:de:b6:ab:9c:6d:3c:02:e1:12:52:a2:25:e5:39:
18:a6:a4:87:1b:75:f5:a9:56:87:a2:57:bb:94:5a:
14:18:48:9e:24:3d:97:55:6f:c5:c3:12:66:4e:37:
de:85:97:54:db:e7:52:e4:fd:3b:af:1f:34:4e:7d:
7b:c5:c2:66:81:13:b5:ca:97:39:1f:de:22:66:20:
48:c8:3a:a7:33:23:25:45:47:c7:67:00:a0:d8:de:
0a:cf:49:94:a2:b4:fa:23:49:4d:4d:5a:68:f8:0e:
10:cb:05:7b:6d:c7:66:88:27:04:8c:52:d3:3b:62:
af:96:e7:ad:8a:de:81:d0:d3:23:7a:ac:34:50:b4:
e2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:53:B5:ED:96:36:07:B3:DD:69:F3:CD:6A:92:2F:3A:50:6A:20:5B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e20313532363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
07:5a:8f:6d:b1:a4:48:19:14:4a:87:21:a6:8c:4f:12:e8:ed:
7b:40:cc:df:0c:9b:0e:90:73:05:95:22:2a:7c:d2:f1:cc:99:
ff:5a:05:9b:ac:83:6c:39:64:87:c6:28:3c:08:9a:ed:e6:ef:
b4:b0:c3:0d:4d:c9:1a:cf:98:bb:2f:be:28:07:58:5c:ae:90:
43:cd:d4:e8:65:02:69:c8:07:e1:c4:e0:83:33:23:01:56:0f:
16:27:2a:f3:e8:d7:2c:e0:4e:90:ba:44:6f:55:df:bf:6d:e4:
9f:73:20:de:1d:93:e8:8b:83:80:55:1e:27:ae:7d:bf:15:e4:
47:0a:84:03:46:33:11:90:09:96:d2:8d:f0:a5:d5:95:75:91:
cc:0c:a0:84:63:9b:f1:0e:82:17:ae:aa:ab:b8:0c:65:63:2d:
b1:03:dd:8d:73:ca:71:e2:7d:da:df:35:bf:70:af:78:5a:96:
ea:2f:17:fb:0d:70:a4:ca:61:02:f8:69:bd:27:84:b9:a1:c2:
65:f0:f9:97:09:22:a1:2a:65:b3:8e:26:73:f5:c1:47:4b:4f:
fb:b8:cb:07:d1:18:aa:bd:7b:78:2d:2d:83:60:d3:5b:62:e5:
5e:1a:a1:41:e3:aa:f0:28:dc:28:84:7d:e3:f2:72:29:92:09:
26:0a:1c:03
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNtHSV+nOa33ULkoh7iSzlKg7IUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMTIxMTQ4NThaFw0yNjAzMTExMTUzNThaMDMxMTAvBgNV
BAMTKDNBNTNCNUVEOTYzNjA3QjNERDY5RjNDRDZBOTIyRjNBNTA2QTIwNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfsk3+H2ZLnFD4Q9iHTTjOrjCx
th+QcLySMBtzNwlU68YdlfIoFomlToCQKq5ZCe4rvJQJ46SJ+8WpFGwvvjpmMLzh
w0g+uixasJAPTVCvTTCXULVKzGnlhRAj+9YE+vMbnHmCZzhw3uTNbFCjp7E0LyQd
HYH1R27etqucbTwC4RJSoiXlORimpIcbdfWpVoeiV7uUWhQYSJ4kPZdVb8XDEmZO
N96Fl1Tb51Lk/TuvHzROfXvFwmaBE7XKlzkf3iJmIEjIOqczIyVFR8dnAKDY3grP
SZSitPojSU1NWmj4DhDLBXttx2aIJwSMUtM7Yq+W562K3oHQ0yN6rDRQtOJpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUOlO17ZY2B7PdafPNapIvOlBqIFswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzUzMjM2MzczMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0M
UjANBgkqhkiG9w0BAQsFAAOCAQEAB1qPbbGkSBkUSochpoxPEujte0DM3wybDpBz
BZUiKnzS8cyZ/1oFm6yDbDlkh8YoPAia7ebvtLDDDU3JGs+Yuy++KAdYXK6QQ83U
6GUCacgH4cTggzMjAVYPFicq8+jXLOBOkLpEb1Xfv23kn3Mg3h2T6IuDgFUeJ659
vxXkRwqEA0YzEZAJltKN8KXVlXWRzAyghGOb8Q6CF66qq7gMZWMtsQPdjXPKceJ9
2t81v3CveFqW6i8X+w1wpMphAvhpvSeEuaHCZfD5lwkioSpls44mc/XBR0tP+7jL
B9EYqr17eC0tg2DTW2LlXhqhQeOq8CjcKIR94/JyKZIJJgocAw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:49:59 2025 by rpki-client