Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
File: 34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: s79HfX4aoKI3s4FYYSfKzGcE5D7Ac3JiaCA4u87NafU=
Subject key identifier: 1B:AF:00:3B:B0:2A:5C:AE:7F:8E:7D:9C:E6:01:10:C3:9A:03:11:B7
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 77A79293B4874A6DA5DC4BEC29EB085125E6AE57
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 209043
IP address blocks: 45.146.104.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:a7:92:93:b4:87:4a:6d:a5:dc:4b:ec:29:eb:08:51:25:e6:ae:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=1BAF003BB02A5CAE7F8E7D9CE60110C39A0311B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8b:6b:bf:a2:e8:2a:56:ee:e5:ef:59:38:26:
be:66:e2:fc:5f:0b:f0:47:91:03:aa:96:54:b0:3b:
5d:2c:5e:01:68:a3:b8:96:91:68:fc:bd:4b:73:6a:
1a:8e:6a:f2:23:03:b4:f8:47:88:21:b5:d5:6d:02:
b3:d0:47:f7:8e:69:7b:92:28:e9:40:5e:c4:9c:64:
27:69:23:16:1d:36:74:fc:fa:ed:68:31:97:e9:a2:
fc:2f:86:fd:7e:f7:66:1b:31:02:6b:40:ac:93:8a:
3e:e2:26:3e:88:f8:38:cc:53:9f:21:57:8f:13:bb:
1a:d4:69:4e:51:89:bd:d2:41:bb:36:76:86:21:14:
b9:ac:41:fd:08:2a:0e:fa:b0:78:11:83:71:da:ca:
61:88:c9:f3:a6:f3:b6:30:60:36:64:96:99:ea:69:
59:29:68:f3:96:26:18:ce:18:3c:08:9a:51:36:53:
0e:20:e2:01:76:ef:be:60:58:65:db:30:68:cc:7b:
e1:ad:1c:90:4f:d6:29:34:d6:5e:99:23:b0:a0:1d:
b1:27:73:83:db:9c:38:17:40:58:06:93:ed:ea:56:
ab:cb:93:0e:f3:33:a7:3c:ac:75:e1:c4:2e:11:15:
7a:96:69:72:27:c5:2f:3c:de:91:14:5c:17:62:55:
73:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:AF:00:3B:B0:2A:5C:AE:7F:8E:7D:9C:E6:01:10:C3:9A:03:11:B7
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3134362e3130342e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.104.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:28:e5:7b:cd:f2:9c:9e:4d:f8:a3:c0:68:32:98:e6:5f:60:
43:99:09:c2:64:80:cf:51:5e:73:39:fd:32:d8:80:e8:40:dd:
2a:e9:f3:38:b4:19:7e:99:0a:af:08:f9:c3:54:7a:3d:26:e0:
e4:e3:3d:ef:95:1b:e0:1d:12:83:90:6d:9e:dd:66:ca:9a:b4:
25:81:6c:bf:dd:0d:d7:87:0a:34:09:48:e6:9d:76:97:89:84:
98:d4:08:63:4d:9e:12:dd:1c:30:15:88:7c:cb:e0:30:56:29:
42:70:c0:55:30:91:01:3e:b8:b3:52:48:cf:59:ac:34:5d:03:
44:21:d4:b9:b5:16:47:c7:b8:6f:13:13:d9:3a:5b:0e:81:fb:
a4:5e:06:f5:cd:03:a0:51:b5:da:1e:8e:1c:7e:ad:53:2c:e2:
eb:de:d0:a8:46:01:6a:4c:83:98:2c:46:04:9c:12:4e:ad:de:
3a:d5:9a:66:a4:0c:b3:2a:1b:56:d2:79:85:e8:dd:01:b3:a4:
42:dd:7a:56:fb:03:a0:f1:cb:bb:28:da:0a:f8:94:8f:a4:d4:
56:37:6d:ae:f8:42:0c:fe:4c:7a:d6:c2:6d:bd:6f:69:84:a5:
4a:bc:4a:c7:af:0e:be:74:32:c6:cb:87:10:87:66:98:37:51:
bc:a2:14:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd6eSk7SHSm2l3EvsKesIUSXmrlcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKDFCQUYwMDNCQjAyQTVDQUU3RjhFN0Q5Q0U2MDExMEMzOUEwMzExQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsi2u/ougqVu7l71k4Jr5m4vxf
C/BHkQOqllSwO10sXgFoo7iWkWj8vUtzahqOavIjA7T4R4ghtdVtArPQR/eOaXuS
KOlAXsScZCdpIxYdNnT8+u1oMZfpovwvhv1+92YbMQJrQKyTij7iJj6I+DjMU58h
V48TuxrUaU5Rib3SQbs2doYhFLmsQf0IKg76sHgRg3HaymGIyfOm87YwYDZklpnq
aVkpaPOWJhjOGDwImlE2Uw4g4gF2775gWGXbMGjMe+GtHJBP1ik01l6ZI7CgHbEn
c4PbnDgXQFgGk+3qVqvLkw7zM6c8rHXhxC4RFXqWaXInxS883pEUXBdiVXNXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUG68AO7AqXK5/jn2c5gEQw5oDEbcwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzNDM2MmUzMTMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMDM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtkmgwDQYJKoZIhvcNAQELBQADggEBAHoo5XvN8pyeTfijwGgymOZfYEOZCcJk
gM9RXnM5/TLYgOhA3Srp8zi0GX6ZCq8I+cNUej0m4OTjPe+VG+AdEoOQbZ7dZsqa
tCWBbL/dDdeHCjQJSOaddpeJhJjUCGNNnhLdHDAViHzL4DBWKUJwwFUwkQE+uLNS
SM9ZrDRdA0Qh1Lm1FkfHuG8TE9k6Ww6B+6ReBvXNA6BRtdoejhx+rVMs4uve0KhG
AWpMg5gsRgScEk6t3jrVmmakDLMqG1bSeYXo3QGzpELdelb7A6Dxy7so2gr4lI+k
1FY3ba74Qgz+THrWwm29b2mEpUq8SsevDr50MsbLhxCHZpg3UbyiFBg=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:13:18 2025 by rpki-client