Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
File: 34352e3135382e35392e302f32342d3234203d3e20323135363732.roa (raw, json)
Hash identifier: A3yXp/vMoFsTCjQsu0eInYHE9DLsSZz1LNghcCO6pm4=
Subject key identifier: 1E:21:54:23:D7:E8:4B:37:AE:A4:BF:3D:E3:A6:49:3B:D9:30:22:4B
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 5F88176D0C31868FF1189E1CF6446757601AE350
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
Signing time: Mon 17 Feb 2025 06:53:55 +0000
ROA not before: Mon 17 Feb 2025 06:48:55 +0000
ROA not after: Mon 16 Feb 2026 06:53:55 +0000
asID: 215672
IP address blocks: 45.158.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:88:17:6d:0c:31:86:8f:f1:18:9e:1c:f6:44:67:57:60:1a:e3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Feb 17 06:48:55 2025 GMT
Not After : Feb 16 06:53:55 2026 GMT
Subject: CN=1E215423D7E84B37AEA4BF3DE3A6493BD930224B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ba:ab:7d:cb:6c:05:25:cd:60:f7:ea:70:b2:
23:47:aa:7e:09:51:5c:ee:46:c6:d7:c5:ed:a9:c6:
a3:d2:ef:8a:39:9d:fc:0e:59:6e:0e:cf:ef:c1:98:
ec:5c:36:a2:f8:bd:48:08:40:8a:d5:ef:f8:15:96:
e0:00:cb:51:75:2c:7f:99:9a:30:41:d7:09:0b:53:
39:64:04:67:d8:05:00:7c:8b:1e:e7:7d:e5:2d:9e:
fa:f1:5c:f7:ee:3b:51:d8:92:25:c3:51:e0:b4:97:
4e:93:1a:a8:57:e7:2b:61:55:7c:28:61:29:8a:d6:
1d:78:a5:7a:38:f4:a8:cc:c2:3c:ca:bd:f7:d6:b1:
2f:9a:14:9c:ba:ba:3d:3e:0c:39:58:ea:4c:b9:e1:
a9:91:0c:7d:62:52:b3:45:3a:91:23:72:fe:e9:a7:
fc:5f:f1:de:b6:9f:8b:49:61:c2:50:3b:6f:19:fb:
e5:9d:d9:bc:40:c8:31:d9:19:43:07:ca:bd:ff:ff:
c5:08:41:a1:85:9f:fc:d3:4c:14:9e:88:bf:d0:21:
ab:b6:d6:5a:af:e9:cc:0b:6e:3a:b9:0e:c0:11:08:
e9:6b:df:1b:dd:c2:48:a0:d9:cd:3f:a6:57:3d:53:
c4:b9:38:0a:8d:6d:73:25:20:c8:9e:49:d3:6f:7e:
6a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:21:54:23:D7:E8:4B:37:AE:A4:BF:3D:E3:A6:49:3B:D9:30:22:4B
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35392e302f32342d3234203d3e20323135363732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.59.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:da:4b:67:90:a7:8c:44:5e:4f:bd:11:17:4c:6c:78:79:7b:
7b:b8:6a:c4:b3:f2:14:93:34:0d:7b:8c:d4:df:17:4d:15:85:
25:1a:e8:12:04:b4:e2:90:c3:0e:b7:07:7c:20:b7:c6:5b:2a:
96:ac:a5:18:d0:72:2f:53:13:27:70:2f:da:51:4a:ca:f5:4c:
25:88:84:16:69:b2:0f:63:77:30:57:50:0f:f7:00:34:09:72:
94:19:b7:ae:f9:39:f1:72:0f:71:f8:94:db:c1:0c:44:3a:3d:
41:99:7e:d7:a8:f5:3e:17:57:6a:95:f9:a4:2e:2e:fb:55:af:
04:28:33:ba:e1:3a:9b:94:f1:75:99:a4:9c:68:bc:7c:90:8f:
60:5f:5c:ef:7a:4a:17:cf:9b:10:5e:24:b8:a2:15:07:b9:87:
27:9c:4a:9c:73:cf:14:e6:ae:5b:54:89:56:37:95:3c:3b:11:
f2:42:55:82:a2:78:50:f7:d6:bf:be:e1:a1:4e:44:a6:9e:d3:
23:66:08:dc:30:c4:ef:a4:a2:4b:21:01:bb:eb:8c:31:05:c1:
c0:86:59:7a:7c:5b:98:8a:ca:6b:ff:d5:80:1e:3e:92:55:fe:
a0:7c:f0:67:3e:a4:83:03:84:a3:e7:6e:42:15:97:76:01:af:
b4:92:1c:23
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUX4gXbQwxho/xGJ4c9kRnV2Aa41AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAyMTcwNjQ4NTVaFw0yNjAyMTYwNjUzNTVaMDMxMTAvBgNV
BAMTKDFFMjE1NDIzRDdFODRCMzdBRUE0QkYzREUzQTY0OTNCRDkzMDIyNEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/uqt9y2wFJc1g9+pwsiNHqn4J
UVzuRsbXxe2pxqPS74o5nfwOWW4Oz+/BmOxcNqL4vUgIQIrV7/gVluAAy1F1LH+Z
mjBB1wkLUzlkBGfYBQB8ix7nfeUtnvrxXPfuO1HYkiXDUeC0l06TGqhX5ythVXwo
YSmK1h14pXo49KjMwjzKvffWsS+aFJy6uj0+DDlY6ky54amRDH1iUrNFOpEjcv7p
p/xf8d62n4tJYcJQO28Z++Wd2bxAyDHZGUMHyr3//8UIQaGFn/zTTBSeiL/QIau2
1lqv6cwLbjq5DsARCOlr3xvdwkig2c0/plc9U8S5OAqNbXMlIMieSdNvfmoDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHiFUI9foSzeupL8946ZJO9kwIkswHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM1MzYzNzMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LZ47MA0GCSqGSIb3DQEBCwUAA4IBAQDJ2ktnkKeMRF5PvREXTGx4eXt7uGrEs/IU
kzQNe4zU3xdNFYUlGugSBLTikMMOtwd8ILfGWyqWrKUY0HIvUxMncC/aUUrK9Uwl
iIQWabIPY3cwV1AP9wA0CXKUGbeu+Tnxcg9x+JTbwQxEOj1BmX7XqPU+F1dqlfmk
Li77Va8EKDO64TqblPF1maScaLx8kI9gX1zvekoXz5sQXiS4ohUHuYcnnEqcc88U
5q5bVIlWN5U8OxHyQlWConhQ99a/vuGhTkSmntMjZgjcMMTvpKJLIQG764wxBcHA
hll6fFuYispr/9WAHj6SVf6gfPBnPqSDA4Sj525CFZd2Aa+0khwj
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:56:34 2025 by rpki-client