Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa
File: 34352e3135382e35382e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: dQuSJEjpSlHLU5kTNq6GC52eHdqz+M8/Zw/TpgW8Ms4=
Subject key identifier: 21:3E:66:37:AB:84:11:55:E0:DD:75:2A:F9:38:1A:DB:03:39:01:EE
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 794231DD67D77441487641832054564AE5CE9592
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa
Signing time: Wed 22 Jan 2025 19:53:51 +0000
ROA not before: Wed 22 Jan 2025 19:48:51 +0000
ROA not after: Wed 21 Jan 2026 19:53:51 +0000
asID: 400039
IP address blocks: 45.158.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:42:31:dd:67:d7:74:41:48:76:41:83:20:54:56:4a:e5:ce:95:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jan 22 19:48:51 2025 GMT
Not After : Jan 21 19:53:51 2026 GMT
Subject: CN=213E6637AB841155E0DD752AF9381ADB033901EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d3:77:f9:fc:01:ef:0d:4b:dc:67:44:71:90:
f4:cc:d4:19:56:1d:3d:41:a6:5a:b8:1c:da:29:ec:
a8:10:12:a9:75:84:16:13:59:f4:42:74:90:db:b3:
1d:ce:b8:06:83:0e:10:4b:1d:eb:95:cd:28:ef:38:
47:23:87:95:9d:8d:2b:bc:e3:b2:b1:fc:53:48:a6:
53:29:d6:34:f4:24:6e:8c:ca:02:69:ac:9f:09:7d:
25:91:ec:50:c5:1b:e9:5c:63:ee:7d:0c:c3:66:7a:
9f:90:44:30:cb:2f:9a:1c:6a:b6:6c:2b:7d:b9:37:
6e:c7:43:84:c0:f2:af:00:9b:ce:a7:60:43:ca:21:
cd:f0:8d:6f:87:9a:ad:f3:4a:08:17:f6:f5:43:a5:
b7:60:31:f4:19:b5:35:90:78:13:9b:37:b1:c9:85:
57:90:89:37:bd:d7:73:17:42:6e:10:32:a3:f3:12:
bb:34:3b:47:6b:aa:94:5e:5b:68:03:74:90:23:f9:
34:31:3e:c4:2c:31:30:6a:6c:a9:a4:12:9a:3f:b8:
ae:31:5d:d3:83:13:71:0a:28:92:c4:2d:0a:d2:b8:
3a:3a:dd:55:fc:c5:62:6e:b0:15:4a:e1:69:db:73:
68:ab:1b:ea:75:ef:0b:78:24:c8:1c:fb:c8:52:0f:
92:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3E:66:37:AB:84:11:55:E0:DD:75:2A:F9:38:1A:DB:03:39:01:EE
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.58.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:de:2d:1f:3a:f4:71:b0:9c:1f:d9:8e:8b:fd:a5:72:e3:8f:
55:77:47:97:70:64:03:59:1c:c0:1e:e7:98:a6:85:5b:fc:4a:
66:de:16:d0:25:6c:24:82:98:97:5e:22:c3:f9:05:7b:b1:48:
f5:71:30:63:f3:df:48:c2:8f:8e:07:ba:cc:d7:a8:ba:87:5d:
73:6b:4a:c5:6d:18:7e:6b:20:af:ab:22:c4:33:d6:70:e6:f8:
c0:45:a8:be:44:a6:fb:cb:60:cb:5f:52:ba:db:15:65:38:b3:
44:f4:33:01:9a:45:9c:44:bd:ec:e2:9c:6b:c6:6f:3b:d5:18:
38:b1:e2:62:86:f1:11:1a:72:8d:81:b7:30:88:23:77:40:12:
c2:91:2a:95:48:5a:f1:c9:79:9a:90:84:92:10:d2:54:52:b8:
8c:4a:d1:e2:85:85:c2:df:99:34:c0:93:40:db:20:de:14:ed:
fa:f5:bc:b1:87:12:c4:0e:0d:e4:9e:ca:1d:fc:00:e9:12:64:
49:14:28:ba:8e:a7:45:88:8e:e4:58:18:f6:d4:ca:7a:29:6f:
6d:1f:9d:8d:ee:85:81:ff:63:7c:6f:a3:d3:f8:7b:fa:b0:7c:
fb:ac:98:b9:0c:21:71:cb:81:b4:53:44:ca:5c:0f:ee:c2:de:
53:6e:76:86
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUeUIx3WfXdEFIdkGDIFRWSuXOlZIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAxMjIxOTQ4NTFaFw0yNjAxMjExOTUzNTFaMDMxMTAvBgNV
BAMTKDIxM0U2NjM3QUI4NDExNTVFMERENzUyQUY5MzgxQURCMDMzOTAxRUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ03f5/AHvDUvcZ0RxkPTM1BlW
HT1Bplq4HNop7KgQEql1hBYTWfRCdJDbsx3OuAaDDhBLHeuVzSjvOEcjh5WdjSu8
47Kx/FNIplMp1jT0JG6MygJprJ8JfSWR7FDFG+lcY+59DMNmep+QRDDLL5ocarZs
K325N27HQ4TA8q8Am86nYEPKIc3wjW+Hmq3zSggX9vVDpbdgMfQZtTWQeBObN7HJ
hVeQiTe913MXQm4QMqPzErs0O0drqpReW2gDdJAj+TQxPsQsMTBqbKmkEpo/uK4x
XdODE3EKKJLELQrSuDo63VX8xWJusBVK4Wnbc2irG+p17wt4JMgc+8hSD5KDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIT5mN6uEEVXg3XUq+Tga2wM5Ae4wHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ46MA0GCSqGSIb3DQEBCwUAA4IBAQDO3i0fOvRxsJwf2Y6L/aVy449Vd0eXcGQD
WRzAHueYpoVb/Epm3hbQJWwkgpiXXiLD+QV7sUj1cTBj899Iwo+OB7rM16i6h11z
a0rFbRh+ayCvqyLEM9Zw5vjARai+RKb7y2DLX1K62xVlOLNE9DMBmkWcRL3s4pxr
xm871Rg4seJihvERGnKNgbcwiCN3QBLCkSqVSFrxyXmakISSENJUUriMStHihYXC
35k0wJNA2yDeFO369byxhxLEDg3knsod/ADpEmRJFCi6jqdFiI7kWBj21Mp6KW9t
H52N7oWB/2N8b6PT+Hv6sHz7rJi5DCFxy4G0U0TKXA/uwt5TbnaG
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:54:54 2025 by rpki-client