Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20383334.roa
File: 34352e31322e38332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: smEsJZSmPvSelxyhtcCR+QeBe/+71hub03DEojKUht8=
Subject key identifier: 38:17:8C:D9:FA:C4:33:78:A8:F4:12:23:1F:2D:1C:E4:73:43:37:91
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7A0A30C7B31E497A8324FE0AC102CD6B61A4CB2F
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20383334.roa
Signing time: Mon 24 Mar 2025 00:00:51 +0000
ROA not before: Sun 23 Mar 2025 23:55:51 +0000
ROA not after: Mon 23 Mar 2026 00:00:51 +0000
asID: 834
IP address blocks: 45.12.83.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:0a:30:c7:b3:1e:49:7a:83:24:fe:0a:c1:02:cd:6b:61:a4:cb:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 23 23:55:51 2025 GMT
Not After : Mar 23 00:00:51 2026 GMT
Subject: CN=38178CD9FAC43378A8F412231F2D1CE473433791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:de:2e:cf:fd:40:de:60:13:b1:23:19:90:08:
ab:0a:83:01:aa:89:0d:d8:9e:c7:44:9d:a2:4d:3d:
72:0e:49:20:6a:ee:4e:bb:4c:e5:48:80:0f:4f:f2:
be:93:6a:31:2d:25:5e:2e:27:d8:d4:a2:79:5d:3d:
e2:46:ec:8e:19:d1:cf:54:e3:8c:01:07:f0:b0:85:
32:ed:38:60:5d:ce:41:d2:9f:a0:8c:8a:16:9d:b2:
3a:58:82:42:39:13:74:b5:f9:15:f6:05:9a:18:52:
4d:e8:b1:a7:1e:26:f4:82:33:90:82:f0:cd:c2:2e:
98:4e:09:91:a9:b2:b4:03:aa:3c:c2:e1:fa:a7:e3:
be:1c:04:19:db:b7:8d:04:50:7a:ff:5a:56:d0:fb:
20:39:1c:bd:78:18:a5:92:99:96:fa:91:a0:73:4b:
de:17:9b:99:b2:2c:b3:6c:2d:c5:df:f1:e5:f4:a9:
f4:46:63:a8:8e:71:3c:de:65:46:92:c2:fa:f5:e8:
58:86:a9:2a:3b:40:b6:22:c5:10:c5:e8:69:94:a1:
c6:e7:5a:ed:d3:16:51:a2:7d:1a:c5:aa:1a:11:fa:
ec:2e:47:87:a8:a2:2c:88:94:fc:c3:9d:bc:db:4d:
6b:81:54:e2:90:da:9a:90:69:4d:a5:9e:c2:d1:19:
97:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:17:8C:D9:FA:C4:33:78:A8:F4:12:23:1F:2D:1C:E4:73:43:37:91
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e31322e38332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.83.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:3d:ff:3f:79:84:c7:16:71:57:16:96:88:56:fb:0e:7d:5a:
4b:58:2c:92:27:2a:63:3d:33:48:d0:68:af:d8:99:6f:1f:6f:
a7:a1:8e:2e:76:29:79:63:36:04:d6:91:38:78:fe:5c:7d:0d:
44:b3:cd:20:ba:2e:c8:54:65:b5:1f:31:b7:9f:5e:0a:e0:89:
82:00:26:b1:aa:10:5e:c8:f3:f0:4a:23:83:54:79:0f:04:50:
7f:57:66:79:03:58:cc:ba:be:40:d9:9e:b8:e3:b9:8a:cf:7d:
57:7f:d6:15:65:fc:81:89:b2:b2:3d:90:ca:a1:49:58:f5:94:
64:d4:cc:0b:bf:28:fe:08:55:90:ca:44:09:27:7e:e3:e9:6b:
de:a7:21:71:37:4e:60:fa:6e:eb:e4:bd:f6:54:03:fc:e1:b7:
f2:53:55:3e:b4:dc:91:a2:3d:46:24:0e:ef:0c:31:e0:3d:ab:
15:71:6f:47:e0:eb:b1:6c:16:f9:24:dd:78:05:c5:1a:ea:26:
58:3a:1f:cf:fa:51:c5:6b:74:13:9f:fc:a2:40:21:55:17:fc:
6f:73:49:7c:41:51:1c:e6:c8:39:48:0f:f5:ae:64:df:f6:32:
e2:21:49:ed:7c:ad:f0:8d:f6:51:db:83:df:13:83:4b:ff:9b:
7e:13:95:86
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUegowx7MeSXqDJP4KwQLNa2Gkyy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMjMyMzU1NTFaFw0yNjAzMjMwMDAwNTFaMDMxMTAvBgNV
BAMTKDM4MTc4Q0Q5RkFDNDMzNzhBOEY0MTIyMzFGMkQxQ0U0NzM0MzM3OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa3i7P/UDeYBOxIxmQCKsKgwGq
iQ3YnsdEnaJNPXIOSSBq7k67TOVIgA9P8r6TajEtJV4uJ9jUonldPeJG7I4Z0c9U
44wBB/CwhTLtOGBdzkHSn6CMihadsjpYgkI5E3S1+RX2BZoYUk3osaceJvSCM5CC
8M3CLphOCZGpsrQDqjzC4fqn474cBBnbt40EUHr/WlbQ+yA5HL14GKWSmZb6kaBz
S94Xm5myLLNsLcXf8eX0qfRGY6iOcTzeZUaSwvr16FiGqSo7QLYixRDF6GmUocbn
Wu3TFlGifRrFqhoR+uwuR4eooiyIlPzDnbzbTWuBVOKQ2pqQaU2lnsLRGZdbAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUOBeM2frEM3io9BIjHy0c5HNDN5EwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMjJlMzgzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0MUzANBgkq
hkiG9w0BAQsFAAOCAQEAvz3/P3mExxZxVxaWiFb7Dn1aS1gskicqYz0zSNBor9iZ
bx9vp6GOLnYpeWM2BNaROHj+XH0NRLPNILouyFRltR8xt59eCuCJggAmsaoQXsjz
8Eojg1R5DwRQf1dmeQNYzLq+QNmeuOO5is99V3/WFWX8gYmysj2QyqFJWPWUZNTM
C78o/ghVkMpECSd+4+lr3qchcTdOYPpu6+S99lQD/OG38lNVPrTckaI9RiQO7wwx
4D2rFXFvR+DrsWwW+STdeAXFGuomWDofz/pRxWt0E5/8okAhVRf8b3NJfEFRHObI
OUgP9a5k3/Yy4iFJ7Xyt8I32UduD3xODS/+bfhOVhg==
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:43:16 2025 by rpki-client