Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20383334.roa
File: 34352e39312e3133372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: dL9i1MJ2nyAEKqVVG//vM4Taa9T74c0oTkqmD/DUYVc=
Subject key identifier: F2:19:92:A3:BA:E7:77:90:14:02:BC:58:C4:55:D2:2F:D7:89:BA:69
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 32094F6F77B55A02483639FCA1B0C08D4B63C1E4
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20383334.roa
Signing time: Mon 24 Mar 2025 00:03:55 +0000
ROA not before: Sun 23 Mar 2025 23:58:55 +0000
ROA not after: Mon 23 Mar 2026 00:03:55 +0000
asID: 834
IP address blocks: 45.91.137.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:09:4f:6f:77:b5:5a:02:48:36:39:fc:a1:b0:c0:8d:4b:63:c1:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Mar 23 23:58:55 2025 GMT
Not After : Mar 23 00:03:55 2026 GMT
Subject: CN=F21992A3BAE777901402BC58C455D22FD789BA69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:f3:e1:44:e5:7d:28:31:bd:82:07:10:7f:
65:9e:17:a9:21:92:e9:9a:53:6f:1a:00:2c:64:98:
e9:39:e7:51:b3:f8:99:fc:b8:8f:17:fc:8e:f6:60:
be:74:36:51:20:50:2b:84:f2:12:df:85:78:2b:c7:
46:44:f0:8a:9d:67:20:05:9d:f4:f8:86:89:0d:95:
00:8e:17:92:e5:77:93:47:13:85:59:ab:43:f8:a4:
cb:8e:03:c6:37:c3:ab:43:99:02:e1:da:54:c6:a6:
66:25:9b:e4:4f:4b:62:c6:8c:63:4a:01:1c:b8:28:
d2:6a:18:cc:10:28:fc:84:3c:2c:2c:e5:37:fc:6f:
3f:68:b9:d6:3b:64:6f:7f:79:59:89:4e:a2:ea:ff:
fe:48:69:d8:09:aa:9b:00:83:ac:99:38:51:cc:18:
20:90:63:07:46:df:07:2d:be:ac:8e:b7:b4:a0:53:
25:20:14:e9:10:0f:b4:7f:c2:68:da:dd:a1:40:83:
29:a6:7c:dc:2c:0d:97:13:07:6f:71:04:a1:ae:27:
13:e8:26:c8:32:1c:a9:40:db:54:3f:8f:b3:ff:79:
b6:2c:8b:87:94:3f:b5:ad:44:a6:c1:4c:6b:8a:1a:
96:ae:51:6e:40:2b:6d:3d:85:fd:38:30:90:6d:62:
dc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:19:92:A3:BA:E7:77:90:14:02:BC:58:C4:55:D2:2F:D7:89:BA:69
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e39312e3133372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.137.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:39:67:55:66:54:3d:3c:3e:d5:7b:87:18:a9:d5:11:93:a1:
4c:c6:8e:0b:1b:c8:7f:e8:c2:43:b8:b1:92:61:80:f8:ea:29:
59:50:30:1c:c3:e6:a0:4c:4a:0a:06:6c:d7:1e:fe:b3:6f:f6:
b7:91:9e:90:b6:8e:4d:d8:78:dd:8a:15:77:91:a8:58:8c:3e:
55:20:81:09:4d:93:fd:95:9d:bd:8b:6f:ec:8b:83:99:d8:ff:
4e:76:6b:24:26:c1:3e:a2:97:b6:21:93:82:86:a4:ab:47:3f:
62:3f:78:c6:7a:84:90:5f:7b:a6:ce:95:6d:26:5d:d5:df:7f:
0b:2a:6c:70:99:12:ea:50:a8:e1:04:4b:28:a6:b9:2f:8f:0a:
18:25:c0:e7:91:1b:5d:8b:b5:44:36:3a:8d:81:0f:38:e4:ab:
02:b8:7a:7e:3c:79:80:e5:bc:24:e6:09:26:c5:7c:a9:1a:77:
67:15:57:68:27:92:36:82:8e:50:05:e4:de:5f:e0:12:9c:f3:
38:31:72:bf:ff:d7:e2:d0:80:55:9c:94:82:34:27:07:63:e4:
13:e8:1e:51:2f:cf:e3:e8:8e:fb:9c:d5:d5:06:54:84:bf:96:
4a:d0:13:92:aa:e7:71:0a:cb:24:09:32:c1:be:62:e0:7c:92:
1d:52:43:93
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUMglPb3e1WgJINjn8obDAjUtjweQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNTAzMjMyMzU4NTVaFw0yNjAzMjMwMDAzNTVaMDMxMTAvBgNV
BAMTKEYyMTk5MkEzQkFFNzc3OTAxNDAyQkM1OEM0NTVEMjJGRDc4OUJBNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrLPPhROV9KDG9ggcQf2WeF6kh
kumaU28aACxkmOk551Gz+Jn8uI8X/I72YL50NlEgUCuE8hLfhXgrx0ZE8IqdZyAF
nfT4hokNlQCOF5Lld5NHE4VZq0P4pMuOA8Y3w6tDmQLh2lTGpmYlm+RPS2LGjGNK
ARy4KNJqGMwQKPyEPCws5Tf8bz9oudY7ZG9/eVmJTqLq//5IadgJqpsAg6yZOFHM
GCCQYwdG3wctvqyOt7SgUyUgFOkQD7R/wmja3aFAgymmfNwsDZcTB29xBKGuJxPo
JsgyHKlA21Q/j7P/ebYsi4eUP7WtRKbBTGuKGpauUW5AK209hf04MJBtYtyRAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU8hmSo7rnd5AUArxYxFXSL9eJumkwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzkzMTJlMzEzMzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVuJMA0G
CSqGSIb3DQEBCwUAA4IBAQDIOWdVZlQ9PD7Ve4cYqdURk6FMxo4LG8h/6MJDuLGS
YYD46ilZUDAcw+agTEoKBmzXHv6zb/a3kZ6Qto5N2HjdihV3kahYjD5VIIEJTZP9
lZ29i2/si4OZ2P9OdmskJsE+ope2IZOChqSrRz9iP3jGeoSQX3umzpVtJl3V338L
KmxwmRLqUKjhBEsoprkvjwoYJcDnkRtdi7VENjqNgQ845KsCuHp+PHmA5bwk5gkm
xXypGndnFVdoJ5I2go5QBeTeX+ASnPM4MXK//9fi0IBVnJSCNCcHY+QT6B5RL8/j
6I77nNXVBlSEv5ZK0BOSqudxCsskCTLBvmLgfJIdUkOT
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:42:40 2025 by rpki-client