Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/34352e3133322e39382e302f32342d3234203d3e20383334.roa
File: 34352e3133322e39382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: CenI51RY/KvkbPsPPUDh5ULiDHaEBHs5G43FtZ29HaI=
Subject key identifier: D0:56:74:AB:88:73:2B:A5:99:35:DD:F8:0B:01:82:65:91:D0:DA:73
Certificate issuer: /CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Certificate serial: 135996A3059F218BCF078FAFF7C89083E98F4C44
Authority key identifier: DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/34352e3133322e39382e302f32342d3234203d3e20383334.roa
Signing time: Sun 30 Apr 2023 11:09:47 +0000
ROA not before: Sun 30 Apr 2023 11:04:47 +0000
ROA not after: Sun 28 Apr 2024 11:09:47 +0000
asID: 834
IP address blocks: 45.132.98.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:59:96:a3:05:9f:21:8b:cf:07:8f:af:f7:c8:90:83:e9:8f:4c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df6f1af9e919a9653268327b98814cafeb5c0a13
Validity
Not Before: Apr 30 11:04:47 2023 GMT
Not After : Apr 28 11:09:47 2024 GMT
Subject: CN=D05674AB88732BA59935DDF80B01826591D0DA73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:87:93:4b:e6:ff:b5:a4:64:0c:d8:11:8d:f3:
2f:8e:04:a7:45:c6:53:bb:47:f1:f5:77:0f:8a:4a:
f4:e9:cc:03:9b:0a:4f:05:bc:bb:aa:33:fb:63:1d:
ff:fc:15:b7:5a:5f:38:bd:ee:42:bd:b2:26:82:cb:
7d:74:84:10:59:6e:0a:92:65:1f:67:75:a1:48:0d:
cb:4e:95:c6:3c:00:ff:5e:e7:af:37:5c:a6:72:7b:
48:db:4c:4a:da:7a:a8:9a:a4:e7:ca:94:28:88:3a:
52:85:bd:37:c5:9f:fe:84:29:4e:a2:0a:9c:b1:c2:
9e:58:fa:dd:f5:84:08:1c:a0:66:5f:1f:e2:47:ee:
9d:b7:7b:ac:32:00:45:16:a2:fa:8d:a8:8c:83:2e:
3a:5d:b9:78:2d:99:f6:15:b2:3c:29:41:53:7c:da:
56:57:84:85:16:f5:87:ee:5e:b3:23:fd:35:8a:61:
6a:ae:8f:5e:84:7f:f4:3c:5c:6b:f1:51:8b:da:f9:
49:86:7c:53:d9:72:0d:52:98:e0:e0:71:7c:ea:7a:
44:b5:f7:1e:40:6a:0d:e3:c0:72:01:08:6c:3a:36:
63:3f:19:3d:3f:74:3a:d1:31:91:5c:d8:ef:ea:36:
8f:bb:28:58:e3:44:5a:2f:5f:5a:3c:83:ec:b2:fb:
55:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:56:74:AB:88:73:2B:A5:99:35:DD:F8:0B:01:82:65:91:D0:DA:73
X509v3 Authority Key Identifier:
keyid:DF:6F:1A:F9:E9:19:A9:65:32:68:32:7B:98:81:4C:AF:EB:5C:0A:13
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/DF6F1AF9E919A9653268327B98814CAFEB5C0A13.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/328a-ekZqWUyaDJ7mIFMr-tcChM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/0/34352e3133322e39382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.98.0/24
Signature Algorithm: sha256WithRSAEncryption
29:fd:ac:63:38:5e:0e:f5:00:79:0b:13:33:98:50:2e:fa:a4:
80:66:df:d7:e8:0b:f6:7b:8b:00:79:a4:ab:0c:f2:c8:8a:d7:
85:98:6c:cb:7a:3e:02:21:04:9f:db:76:a5:f4:43:93:2d:ba:
55:0e:ef:3b:00:ca:4d:d5:8c:d2:14:6a:88:58:16:a9:23:db:
25:e6:37:1a:6d:fd:55:a6:b4:3e:f4:9d:9e:c7:16:82:4a:84:
e5:48:33:f8:a7:2c:58:b7:d5:b7:e3:b1:61:78:c6:60:a1:8c:
66:74:46:76:31:52:ca:18:e2:ab:8e:40:56:c8:a5:98:fa:17:
11:c8:db:7b:e0:21:cb:d1:a7:7a:14:13:f2:3f:0b:4b:d1:ab:
f0:a1:68:cd:10:be:15:10:9e:bd:37:3a:1b:d4:85:d0:7f:2d:
38:aa:58:cb:b0:7f:3f:17:a5:63:3f:a6:1f:6a:ed:b8:bc:56:
c1:25:5d:5f:b3:6b:77:d9:be:75:5c:61:dc:b7:c5:cd:9e:e9:
18:04:b2:fd:3e:bb:20:7b:19:cb:ef:7e:f8:d1:bc:39:55:b8:
7d:3f:f2:02:01:44:7a:9f:a5:46:5e:58:3f:68:61:c6:58:61:
67:3a:b0:9e:74:8e:30:9e:a7:82:14:c4:41:42:2b:5e:47:10:
cd:23:4c:39
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUE1mWowWfIYvPB4+v98iQg+mPTEQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGY2ZjFhZjllOTE5YTk2NTMyNjgzMjdiOTg4MTRjYWZl
YjVjMGExMzAeFw0yMzA0MzAxMTA0NDdaFw0yNDA0MjgxMTA5NDdaMDMxMTAvBgNV
BAMTKEQwNTY3NEFCODg3MzJCQTU5OTM1RERGODBCMDE4MjY1OTFEMERBNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVh5NL5v+1pGQM2BGN8y+OBKdF
xlO7R/H1dw+KSvTpzAObCk8FvLuqM/tjHf/8FbdaXzi97kK9siaCy310hBBZbgqS
ZR9ndaFIDctOlcY8AP9e5683XKZye0jbTEraeqiapOfKlCiIOlKFvTfFn/6EKU6i
Cpyxwp5Y+t31hAgcoGZfH+JH7p23e6wyAEUWovqNqIyDLjpduXgtmfYVsjwpQVN8
2lZXhIUW9YfuXrMj/TWKYWquj16Ef/Q8XGvxUYva+UmGfFPZcg1SmODgcXzqekS1
9x5Aag3jwHIBCGw6NmM/GT0/dDrRMZFc2O/qNo+7KFjjRFovX1o8g+yy+1WfAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU0FZ0q4hzK6WZNd34CwGCZZHQ2nMwHwYDVR0j
BBgwFoAU328a+ekZqWUyaDJ7mIFMr+tcChMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzAvREY2RjFBRjlFOTE5QTk2NTMyNjgzMjdCOTg4MTRDQUZFQjVDMEExMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzMyOGEtZWtacVdVeWFESjdtSUZNci10
Y0NoTS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzAvMzQzNTJlMzEzMzMyMmUzOTM4
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRiMA0G
CSqGSIb3DQEBCwUAA4IBAQAp/axjOF4O9QB5CxMzmFAu+qSAZt/X6Av2e4sAeaSr
DPLIiteFmGzLej4CIQSf23al9EOTLbpVDu87AMpN1YzSFGqIWBapI9sl5jcabf1V
prQ+9J2exxaCSoTlSDP4pyxYt9W347FheMZgoYxmdEZ2MVLKGOKrjkBWyKWY+hcR
yNt74CHL0ad6FBPyPwtL0avwoWjNEL4VEJ69Nzob1IXQfy04qljLsH8/F6VjP6Yf
au24vFbBJV1fs2t32b51XGHct8XNnukYBLL9PrsgexnL73740bw5Vbh9P/ICAUR6
n6VGXlg/aGHGWGFnOrCedI4wnqeCFMRBQiteRxDNI0w5
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:50 2025 by rpki-client