Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
File: 34352e3133322e39392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: EreT1pVpU0pfcBegsiVb8KuMM6Ewg4ChvHixrPpsQI8=
Subject key identifier: 9D:DC:28:09:52:38:72:2C:CE:5C:05:7F:24:16:CA:90:5D:11:DF:D9
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 236905FDA793ADA57CF25C0C93EF9B78F62965E4
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
Signing time: Sun 02 Feb 2025 00:01:18 +0000
ROA not before: Sat 01 Feb 2025 23:56:18 +0000
ROA not after: Sun 01 Feb 2026 00:01:18 +0000
asID: 834
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:69:05:fd:a7:93:ad:a5:7c:f2:5c:0c:93:ef:9b:78:f6:29:65:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Feb 1 23:56:18 2025 GMT
Not After : Feb 1 00:01:18 2026 GMT
Subject: CN=9DDC28095238722CCE5C057F2416CA905D11DFD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:55:23:93:00:6a:b8:0f:5b:e0:f6:0a:f9:89:
15:9b:72:02:a5:5e:73:f6:25:90:f3:09:d5:86:c9:
1c:e2:5a:42:33:85:c2:2f:a1:9e:45:de:a8:ce:7a:
a0:9b:18:f5:03:25:62:75:bc:3d:0c:b8:97:d6:08:
79:46:e8:8f:8d:66:c2:61:09:f7:98:31:46:3a:00:
26:d9:87:c8:d0:2a:33:b0:34:24:94:99:35:40:a3:
45:db:2e:3b:2a:3a:82:ef:91:ad:ca:ee:29:06:21:
2a:7b:06:49:fc:89:b2:90:32:96:78:fe:b7:f2:0c:
b0:54:cd:34:8c:5a:9c:f6:e9:2e:a6:13:a6:6a:15:
99:82:1c:c9:e6:12:e2:b2:af:76:07:e3:de:de:5d:
a0:fa:e2:dc:62:f7:c5:ce:9c:50:df:09:18:9c:40:
5b:03:95:2d:b3:49:86:60:4b:01:04:5e:59:f3:a6:
57:25:bb:e1:5d:79:34:85:76:b7:91:ca:3a:be:dc:
1f:99:cb:13:41:05:e3:e7:b3:b4:b2:a4:98:07:60:
23:ff:1e:1a:54:04:28:e3:8a:62:28:16:c2:30:92:
99:73:2a:18:a0:2d:dc:62:47:59:21:3d:23:e6:e6:
a4:50:21:bb:98:da:dd:5a:dc:07:e5:6e:d9:19:29:
bb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DC:28:09:52:38:72:2C:CE:5C:05:7F:24:16:CA:90:5D:11:DF:D9
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:a2:c5:c0:04:c1:04:15:6a:99:0d:40:f4:b9:bc:cd:ba:bd:
9a:d7:72:1e:55:79:9d:90:7b:04:12:5a:8d:e3:6b:6f:2b:e6:
f9:f6:d5:67:0b:2b:07:82:3d:69:3f:b3:16:90:70:37:c7:04:
d3:0a:8d:68:9a:ea:d4:75:dd:8b:b9:9f:82:07:bf:13:48:9d:
f7:e2:1e:80:d0:6f:7e:30:31:9a:99:18:a3:82:ef:c7:4a:8c:
d2:5d:9d:e3:dc:dd:ea:8d:97:90:d0:da:57:82:4d:ba:27:d5:
10:22:05:f4:28:b8:62:e9:ce:67:dd:16:5f:53:8c:e3:ed:ae:
d8:30:3f:37:f4:ed:71:65:7c:9b:f3:9e:94:99:77:db:46:d2:
e6:dc:30:14:2f:88:3d:d2:b7:78:70:ae:db:7a:44:5c:ad:2c:
4b:1d:ff:12:fe:ce:a9:cb:c5:b7:87:c6:66:98:fa:42:93:9f:
5f:de:33:ba:80:77:e5:9b:d2:2a:3c:e2:50:09:21:8f:f1:cf:
8a:19:92:0a:2e:1c:e2:88:ad:f4:2f:9a:3a:19:55:40:a4:2c:
c8:6d:ea:95:11:c4:0a:c7:92:6f:20:9d:1e:94:f6:af:47:91:
80:11:10:ac:7e:5e:2c:f9:93:7e:2e:44:91:ab:66:05:06:86:
4c:c2:7d:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUI2kF/aeTraV88lwMk++bePYpZeQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAyMDEyMzU2MThaFw0yNjAyMDEwMDAxMThaMDMxMTAvBgNV
BAMTKDlEREMyODA5NTIzODcyMkNDRTVDMDU3RjI0MTZDQTkwNUQxMURGRDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6VSOTAGq4D1vg9gr5iRWbcgKl
XnP2JZDzCdWGyRziWkIzhcIvoZ5F3qjOeqCbGPUDJWJ1vD0MuJfWCHlG6I+NZsJh
CfeYMUY6ACbZh8jQKjOwNCSUmTVAo0XbLjsqOoLvka3K7ikGISp7Bkn8ibKQMpZ4
/rfyDLBUzTSMWpz26S6mE6ZqFZmCHMnmEuKyr3YH497eXaD64txi98XOnFDfCRic
QFsDlS2zSYZgSwEEXlnzplclu+FdeTSFdreRyjq+3B+ZyxNBBePns7SypJgHYCP/
HhpUBCjjimIoFsIwkplzKhigLdxiR1khPSPm5qRQIbuY2t1a3AflbtkZKbuXAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUndwoCVI4cizOXAV/JBbKkF0R39kwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRjMA0G
CSqGSIb3DQEBCwUAA4IBAQClosXABMEEFWqZDUD0ubzNur2a13IeVXmdkHsEElqN
42tvK+b59tVnCysHgj1pP7MWkHA3xwTTCo1omurUdd2LuZ+CB78TSJ334h6A0G9+
MDGamRijgu/HSozSXZ3j3N3qjZeQ0NpXgk26J9UQIgX0KLhi6c5n3RZfU4zj7a7Y
MD839O1xZXyb856UmXfbRtLm3DAUL4g90rd4cK7bekRcrSxLHf8S/s6py8W3h8Zm
mPpCk59f3jO6gHflm9IqPOJQCSGP8c+KGZIKLhziiK30L5o6GVVApCzIbeqVEcQK
x5JvIJ0elPavR5GAERCsfl4s+ZN+LkSRq2YFBoZMwn0/
-----END CERTIFICATE-----
Generated at Wed Apr 9 15:54:44 2025 by rpki-client