Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
File: 34352e3135382e35362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: LSrmkZDznMFKP4Oa75yBgmds+Qmxl8yoRTM9vunSaNk=
Subject key identifier: D7:FD:9A:29:DD:02:E4:C1:F7:FE:B5:9A:CA:D6:E1:F5:3F:5D:B8:57
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 427AA9DABD60A7339404AFA34658FD244281FDAC
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
Signing time: Thu 30 Jan 2025 13:40:22 +0000
ROA not before: Thu 30 Jan 2025 13:35:22 +0000
ROA not after: Thu 29 Jan 2026 13:40:22 +0000
asID: 834
IP address blocks: 45.158.56.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7a:a9:da:bd:60:a7:33:94:04:af:a3:46:58:fd:24:42:81:fd:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 30 13:35:22 2025 GMT
Not After : Jan 29 13:40:22 2026 GMT
Subject: CN=D7FD9A29DD02E4C1F7FEB59ACAD6E1F53F5DB857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:69:04:b3:c5:c7:44:4e:88:54:c7:1d:44:0f:
03:08:62:65:c1:0e:e1:70:83:8b:ae:74:df:a9:ef:
5c:5f:e0:c0:6a:3d:44:de:9d:1e:c2:6b:22:8f:63:
df:ad:b1:10:c7:d7:b9:5a:6f:f8:d2:17:97:fd:2f:
56:46:16:75:23:24:08:a1:0e:92:32:5f:b3:08:3d:
d7:03:20:cc:f3:c5:2a:04:a8:5d:5b:90:c6:ba:aa:
aa:e0:62:f3:a1:1d:d3:3e:53:30:5e:84:e4:32:a1:
45:91:89:cc:d2:d6:b3:03:8b:b7:45:94:c3:b1:8e:
a4:cf:50:3e:23:01:15:77:e0:20:ad:c1:7c:13:c9:
07:54:16:df:c1:49:84:c8:40:d0:e3:a7:2a:6b:e1:
ba:5a:25:57:0c:a9:58:ab:16:12:1f:f9:98:d5:eb:
53:d5:a6:79:89:33:06:8e:63:d4:c1:73:b9:6d:8e:
e4:50:c0:d3:78:2c:2f:9e:0c:3c:76:52:e4:90:7b:
6b:9a:6e:40:ce:f5:90:d9:35:46:44:02:e4:7b:9b:
f4:f0:f5:7d:c7:7a:e8:26:64:ad:a8:4a:8f:d2:f8:
1b:4b:01:d6:2b:3a:e1:0e:84:64:7b:e9:c8:7e:40:
0b:df:7f:9e:50:41:62:51:f2:88:34:fe:39:18:df:
ed:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:FD:9A:29:DD:02:E4:C1:F7:FE:B5:9A:CA:D6:E1:F5:3F:5D:B8:57
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.56.0/24
Signature Algorithm: sha256WithRSAEncryption
26:99:f6:0d:00:e1:a0:81:13:15:05:16:48:96:fc:4b:4d:5a:
b6:bc:73:86:dd:04:d0:57:5f:37:2c:16:88:93:dd:68:c0:3e:
7c:64:82:fe:1d:fd:ef:50:9a:b1:8e:fe:6c:82:18:97:80:bd:
41:75:5d:f3:e0:5f:5f:9d:c8:20:09:fa:a9:1e:2b:d2:28:a9:
26:c5:33:f9:e9:bd:b1:ce:d5:bb:f3:d4:e9:ca:28:af:c8:11:
08:c3:40:09:2f:50:a2:f7:b8:cd:ab:b1:b2:90:7b:49:67:c6:
c0:d1:cd:1d:b5:c1:ac:82:98:ce:8f:50:d7:59:a2:02:8b:e5:
b1:3f:97:88:fc:20:b0:2b:23:61:49:0a:1d:82:89:7e:7e:c2:
a2:62:08:36:f2:72:dd:46:ef:d0:04:f8:d5:21:8b:23:52:2e:
3c:e4:34:32:f9:5b:65:b7:d2:09:d7:72:30:fd:68:37:36:98:
f6:57:23:8f:c4:39:c1:fc:a9:8a:d5:be:93:8c:b9:4c:e7:e0:
f8:bd:29:eb:7a:c3:2c:53:83:e7:36:7d:a6:51:f6:84:f9:59:
e5:19:bc:44:0e:4e:63:38:e9:d2:d6:d5:77:bc:d8:85:1c:b3:
33:d2:57:a5:2e:37:63:9c:59:05:2b:70:c8:84:60:08:cf:c7:
72:a4:84:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUQnqp2r1gpzOUBK+jRlj9JEKB/awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMzAxMzM1MjJaFw0yNjAxMjkxMzQwMjJaMDMxMTAvBgNV
BAMTKEQ3RkQ5QTI5REQwMkU0QzFGN0ZFQjU5QUNBRDZFMUY1M0Y1REI4NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoaQSzxcdETohUxx1EDwMIYmXB
DuFwg4uudN+p71xf4MBqPUTenR7CayKPY9+tsRDH17lab/jSF5f9L1ZGFnUjJAih
DpIyX7MIPdcDIMzzxSoEqF1bkMa6qqrgYvOhHdM+UzBehOQyoUWRiczS1rMDi7dF
lMOxjqTPUD4jARV34CCtwXwTyQdUFt/BSYTIQNDjpypr4bpaJVcMqVirFhIf+ZjV
61PVpnmJMwaOY9TBc7ltjuRQwNN4LC+eDDx2UuSQe2uabkDO9ZDZNUZEAuR7m/Tw
9X3HeugmZK2oSo/S+BtLAdYrOuEOhGR76ch+QAvff55QQWJR8og0/jkY3+1TAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU1/2aKd0C5MH3/rWaytbh9T9duFcwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZ44MA0G
CSqGSIb3DQEBCwUAA4IBAQAmmfYNAOGggRMVBRZIlvxLTVq2vHOG3QTQV183LBaI
k91owD58ZIL+Hf3vUJqxjv5sghiXgL1BdV3z4F9fncggCfqpHivSKKkmxTP56b2x
ztW789TpyiivyBEIw0AJL1Ci97jNq7GykHtJZ8bA0c0dtcGsgpjOj1DXWaICi+Wx
P5eI/CCwKyNhSQodgol+fsKiYgg28nLdRu/QBPjVIYsjUi485DQy+Vtlt9IJ13Iw
/Wg3Npj2VyOPxDnB/KmK1b6TjLlM5+D4vSnresMsU4PnNn2mUfaE+VnlGbxEDk5j
OOnS1tV3vNiFHLMz0lelLjdjnFkFK3DIhGAIz8dypIT4
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:45:13 2025 by rpki-client