Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
File: 34352e31322e38322e302f32342d3234203d3e203633303233.roa (raw, json)
Hash identifier: zGBbCQAzTUv9mLY510Vd30P2blVf+YeEAbZ/H+k+zso=
Subject key identifier: 97:23:B0:DE:2F:16:10:42:B8:C0:E8:33:E5:D4:94:AC:CB:07:77:D6
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 21FE1BF62601A2BED16FFA5A7B43421D92F28FE9
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 63023
IP address blocks: 45.12.82.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:fe:1b:f6:26:01:a2:be:d1:6f:fa:5a:7b:43:42:1d:92:f2:8f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=9723B0DE2F161042B8C0E833E5D494ACCB0777D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:85:6c:18:c6:fc:51:7e:c5:46:ae:80:9c:
96:24:8d:74:7d:39:95:9e:49:b3:ec:ad:a2:e2:4a:
a8:fc:ec:88:cd:cb:b5:6b:e1:74:c4:a2:59:f8:34:
df:28:ca:c5:2a:3a:dd:15:1f:4e:f9:23:31:f6:48:
0d:8f:1f:4d:23:db:59:c8:be:f0:6c:c5:4e:be:8a:
71:ef:fd:9b:41:47:92:5b:21:5b:89:4a:1c:b4:63:
ec:3b:a0:8f:6c:02:d0:e6:3b:44:57:c8:0d:6e:71:
4c:64:fe:0d:3c:33:61:f4:77:8e:b0:ba:58:34:f0:
ff:55:fa:68:7a:56:b0:db:da:84:9b:3f:40:c7:bf:
16:d7:0b:1d:50:11:15:d7:f1:7e:4c:6f:25:ce:b7:
e0:fe:f7:ee:41:3b:74:a5:a9:a2:b5:e6:7f:1d:ce:
7b:9f:74:bd:2c:18:f5:90:6b:5e:ee:75:4e:3c:73:
ce:39:d6:b3:0d:3b:9c:d6:f8:9b:7d:e5:98:14:ad:
fd:1c:ff:37:d2:1d:78:33:e5:7e:64:a6:70:04:a7:
7b:58:b7:7c:f7:45:ce:15:3f:61:b1:51:d3:ec:13:
ed:68:6a:3d:6d:d3:4c:18:58:9f:f6:54:c9:e3:49:
4e:72:d6:29:a3:dc:5d:d3:d5:8d:1f:ea:d8:eb:00:
e4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:23:B0:DE:2F:16:10:42:B8:C0:E8:33:E5:D4:94:AC:CB:07:77:D6
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38322e302f32342d3234203d3e203633303233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.82.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:3a:54:ab:a2:26:ee:7c:a7:aa:50:a1:8e:72:85:4b:aa:6e:
b1:66:bf:3c:a1:cd:c0:c5:54:e0:fb:09:88:e2:7f:0a:76:bf:
00:66:ef:02:b0:ed:5c:9b:60:ad:66:ec:22:b2:7f:dc:79:4d:
8b:91:5e:75:de:7d:b6:8b:56:c9:a6:a1:6c:ed:66:5b:76:af:
ae:34:e5:35:37:a5:61:e2:6f:3c:47:af:d5:ef:c3:56:53:17:
16:bc:b7:7a:56:fc:76:7f:21:ad:b4:fc:0a:16:05:a5:23:2c:
b2:75:7a:ee:21:1c:b2:fd:c3:5d:e2:99:55:6c:53:46:c5:27:
88:4a:77:10:9b:42:09:80:f9:b4:4f:c6:c2:e6:d8:a9:2e:17:
c6:5a:80:93:db:0a:50:ee:0f:da:a1:cc:80:b2:42:09:93:80:
cc:a4:e5:0f:a2:e4:1a:a0:f0:a3:99:8c:6c:8f:95:9f:7c:a4:
fa:40:70:60:bf:2c:89:ed:8a:db:46:b5:c1:91:bb:52:f9:95:
c8:99:37:83:bc:da:dc:2c:41:f4:45:cc:eb:f8:9e:8e:fd:e9:
f7:86:8b:a1:fe:5f:39:09:90:58:6f:c0:d7:2f:48:8e:5b:38:
3c:66:ea:8e:16:5e:7b:a6:d3:6c:d9:6a:45:04:4c:23:c4:9f:
3a:86:e1:41
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUIf4b9iYBor7Rb/pae0NCHZLyj+kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKDk3MjNCMERFMkYxNjEwNDJCOEMwRTgzM0U1RDQ5NEFDQ0IwNzc3RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb3YVsGMb8UX7FRq6AnJYkjXR9
OZWeSbPsraLiSqj87IjNy7Vr4XTEoln4NN8oysUqOt0VH075IzH2SA2PH00j21nI
vvBsxU6+inHv/ZtBR5JbIVuJShy0Y+w7oI9sAtDmO0RXyA1ucUxk/g08M2H0d46w
ulg08P9V+mh6VrDb2oSbP0DHvxbXCx1QERXX8X5MbyXOt+D+9+5BO3SlqaK15n8d
znufdL0sGPWQa17udU48c8451rMNO5zW+Jt95ZgUrf0c/zfSHXgz5X5kpnAEp3tY
t3z3Rc4VP2GxUdPsE+1oaj1t00wYWJ/2VMnjSU5y1imj3F3T1Y0f6tjrAOQlAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUlyOw3i8WEEK4wOgz5dSUrMsHd9YwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzMDMyMzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtDFIw
DQYJKoZIhvcNAQELBQADggEBAD86VKuiJu58p6pQoY5yhUuqbrFmvzyhzcDFVOD7
CYjifwp2vwBm7wKw7VybYK1m7CKyf9x5TYuRXnXefbaLVsmmoWztZlt2r6405TU3
pWHibzxHr9Xvw1ZTFxa8t3pW/HZ/Ia20/AoWBaUjLLJ1eu4hHLL9w13imVVsU0bF
J4hKdxCbQgmA+bRPxsLm2KkuF8ZagJPbClDuD9qhzICyQgmTgMyk5Q+i5Bqg8KOZ
jGyPlZ98pPpAcGC/LIntittGtcGRu1L5lciZN4O82twsQfRFzOv4no796feGi6H+
XzkJkFhvwNcvSI5bODxm6o4WXnum02zZakUETCPEnzqG4UE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 19:42:37 2025 by rpki-client