Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
File: 34352e382e3137332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: mVq9ggeDy2n8ph97Qzd+F4dilJfjLkZZvVc6GMmaN7A=
Subject key identifier: 4B:9C:87:CF:C1:0D:D0:D1:C1:C0:54:12:A4:88:32:9C:30:CF:46:F1
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 1BEDE1AE7F51DF96F022AE4F4E1D223331FE5549
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
Signing time: Mon 10 Feb 2025 00:02:00 +0000
ROA not before: Sun 09 Feb 2025 23:57:00 +0000
ROA not after: Mon 09 Feb 2026 00:02:00 +0000
asID: 834
IP address blocks: 45.8.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:ed:e1:ae:7f:51:df:96:f0:22:ae:4f:4e:1d:22:33:31:fe:55:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Feb 9 23:57:00 2025 GMT
Not After : Feb 9 00:02:00 2026 GMT
Subject: CN=4B9C87CFC10DD0D1C1C05412A488329C30CF46F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:f5:20:1d:04:90:26:e9:35:45:51:93:4b:
f4:a3:18:33:84:8f:17:1b:7a:d0:ff:24:e0:97:2c:
bd:bb:36:d6:b0:60:00:a5:80:99:29:7c:47:e0:83:
6b:f9:f9:cd:d2:55:a5:67:02:92:72:28:e3:96:0e:
0f:fa:96:c5:69:14:be:97:cd:8b:52:cb:73:21:58:
dd:8c:e3:05:34:71:3c:51:70:14:4a:f6:5a:00:60:
59:e4:30:38:83:67:37:e7:11:a1:cf:0d:d4:01:47:
00:03:12:39:77:10:e0:61:19:7e:ca:34:19:d2:da:
38:ce:c5:6c:f9:b0:2f:33:45:00:34:77:26:fb:e7:
ca:3c:7d:c1:09:ff:8c:f2:b2:13:b6:1c:8f:83:3e:
44:95:93:aa:56:0f:a8:65:5d:e5:c5:19:c0:0b:99:
44:f0:ad:6b:3b:4a:c5:6f:cd:1d:24:ea:c2:98:ae:
e4:1f:53:0a:fb:fd:36:67:aa:6c:30:97:29:69:74:
05:a9:de:52:ad:1b:ae:73:51:87:15:bb:b5:0a:49:
e0:4d:c9:51:71:8f:fd:3b:35:1e:ac:4d:00:94:89:
b7:aa:1c:cb:07:48:d9:bc:4a:b9:85:f6:e0:37:47:
1f:01:b0:bb:9f:24:62:b0:62:a0:34:f3:f7:82:6f:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9C:87:CF:C1:0D:D0:D1:C1:C0:54:12:A4:88:32:9C:30:CF:46:F1
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/34352e382e3137332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.173.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:bd:2f:01:b1:30:4b:3d:fe:b9:c9:02:1b:c8:53:7e:20:3a:
5c:8f:8c:f8:bf:ee:2c:2c:b0:46:4b:2b:15:20:47:c1:4e:49:
29:9a:89:d4:94:29:ec:82:89:71:8f:d1:90:30:85:26:69:91:
18:81:23:93:d0:e8:bf:8b:9b:9b:14:60:eb:c4:c9:10:1b:4f:
86:cd:f6:06:47:b9:53:2c:ce:86:09:d4:84:5f:ea:a7:8f:3a:
8e:a5:b4:13:c5:fd:63:2c:01:52:56:ab:42:93:67:62:8e:60:
ed:a4:af:6d:71:dd:7f:ba:84:4b:e8:01:8f:e7:80:45:24:90:
ab:10:8e:e3:7b:ab:ea:44:1e:23:ab:41:e7:dc:cf:bf:42:1d:
4e:ea:3f:55:34:9d:3f:b5:44:43:64:29:34:81:ef:8e:27:60:
43:30:2b:bc:10:2a:11:c2:e0:48:45:b0:a6:ad:24:90:b3:52:
3e:3e:e3:1c:2f:a1:0b:97:26:5a:18:35:13:a1:83:6b:00:20:
39:8b:e5:09:cf:e6:49:c9:95:e2:d5:35:b9:11:0e:0a:39:22:
b5:88:03:73:89:56:bd:d3:8e:9f:fa:91:a7:80:0c:d2:3d:ef:
25:50:79:04:58:80:e6:28:0e:ec:ed:f8:ab:e2:ae:8e:8c:15:
02:72:6c:d7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUG+3hrn9R35bwIq5PTh0iMzH+VUkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTAyMDkyMzU3MDBaFw0yNjAyMDkwMDAyMDBaMDMxMTAvBgNV
BAMTKDRCOUM4N0NGQzEwREQwRDFDMUMwNTQxMkE0ODgzMjlDMzBDRjQ2RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsQ/UgHQSQJuk1RVGTS/SjGDOE
jxcbetD/JOCXLL27NtawYAClgJkpfEfgg2v5+c3SVaVnApJyKOOWDg/6lsVpFL6X
zYtSy3MhWN2M4wU0cTxRcBRK9loAYFnkMDiDZzfnEaHPDdQBRwADEjl3EOBhGX7K
NBnS2jjOxWz5sC8zRQA0dyb758o8fcEJ/4zyshO2HI+DPkSVk6pWD6hlXeXFGcAL
mUTwrWs7SsVvzR0k6sKYruQfUwr7/TZnqmwwlylpdAWp3lKtG65zUYcVu7UKSeBN
yVFxj/07NR6sTQCUibeqHMsHSNm8SrmF9uA3Rx8BsLufJGKwYqA08/eCb1g1AgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUS5yHz8EN0NHBwFQSpIgynDDPRvEwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzQzNTJlMzgyZTMxMzczMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0IrTANBgkq
hkiG9w0BAQsFAAOCAQEAyr0vAbEwSz3+uckCG8hTfiA6XI+M+L/uLCywRksrFSBH
wU5JKZqJ1JQp7IKJcY/RkDCFJmmRGIEjk9Dov4ubmxRg68TJEBtPhs32Bke5UyzO
hgnUhF/qp486jqW0E8X9YywBUlarQpNnYo5g7aSvbXHdf7qES+gBj+eARSSQqxCO
43ur6kQeI6tB59zPv0IdTuo/VTSdP7VEQ2QpNIHvjidgQzArvBAqEcLgSEWwpq0k
kLNSPj7jHC+hC5cmWhg1E6GDawAgOYvlCc/mScmV4tU1uREOCjkitYgDc4lWvdOO
n/qRp4AM0j3vJVB5BFiA5igO7O34q+KujowVAnJs1w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:30 2025 by rpki-client