Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e352e302f32342d3234203d3e20323039303433.roa
File: 34352e38302e352e302f32342d3234203d3e20323039303433.roa (raw, json)
Hash identifier: o6enGTC5V+kKAcp8sqb+UwVYgbVDuHe6XfnpsX3I21c=
Subject key identifier: DD:14:0B:C2:F1:69:88:B5:7B:04:C5:7C:3C:D9:38:BF:B1:BD:31:76
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 5EED946C4D00D92E95406FC94A527DA84B8E4CCA
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e352e302f32342d3234203d3e20323039303433.roa
Signing time: Thu 06 Mar 2025 11:53:55 +0000
ROA not before: Thu 06 Mar 2025 11:48:55 +0000
ROA not after: Thu 05 Mar 2026 11:53:55 +0000
asID: 209043
IP address blocks: 45.80.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ed:94:6c:4d:00:d9:2e:95:40:6f:c9:4a:52:7d:a8:4b:8e:4c:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 6 11:48:55 2025 GMT
Not After : Mar 5 11:53:55 2026 GMT
Subject: CN=DD140BC2F16988B57B04C57C3CD938BFB1BD3176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4e:d3:9d:81:05:1f:67:89:45:97:4f:d1:38:
ae:2a:a1:37:98:9a:f2:da:02:36:90:a8:b0:a8:bc:
fa:a1:da:93:97:35:15:c5:3d:89:28:c6:78:92:87:
dc:43:12:16:bf:d4:bb:c0:ca:de:99:53:5c:71:8d:
84:7a:21:9a:23:1d:a7:22:af:7c:7c:ce:21:2f:a6:
18:5b:d1:37:74:29:44:ae:cc:15:1b:69:8f:ac:77:
01:42:ec:ab:91:60:63:bd:55:1d:05:7a:b0:ef:9f:
14:f8:28:b0:70:35:f5:ff:e3:b8:cb:73:00:a7:33:
60:2c:70:31:c4:60:10:16:37:37:9c:09:94:b7:87:
99:ba:f4:2a:6e:fe:ba:aa:91:14:7d:d0:b1:b9:21:
01:5a:3b:ca:39:0c:11:67:fb:07:bc:00:0c:ab:cb:
b4:c8:9a:88:dc:77:6f:73:ae:a4:2c:45:c3:b0:0a:
c2:30:fb:6c:0b:68:df:1e:e7:0e:39:ea:ad:cc:8b:
9f:1f:16:55:77:71:20:70:63:eb:21:05:5a:20:a4:
fb:45:96:3b:b6:47:d5:25:2e:61:28:3d:f7:8b:cb:
70:8f:3d:a0:22:22:bc:2d:44:98:41:0b:50:2e:05:
0e:94:c7:78:fc:83:19:49:19:5b:db:20:47:8f:22:
88:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:14:0B:C2:F1:69:88:B5:7B:04:C5:7C:3C:D9:38:BF:B1:BD:31:76
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e352e302f32342d3234203d3e20323039303433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.5.0/24
Signature Algorithm: sha256WithRSAEncryption
91:a0:12:ef:b7:6f:93:69:49:ca:f6:e3:8a:20:1f:56:bc:c6:
ea:b7:00:6f:1c:4a:50:f5:60:87:87:0b:9b:b0:e4:f9:66:3a:
3c:d0:33:ff:fa:7d:e5:cf:01:6c:93:55:fc:fc:5b:2c:87:49:
fd:1c:60:db:88:f7:6a:e2:10:b0:e4:fd:77:14:eb:c0:7c:66:
41:e4:8e:0e:a1:d1:0e:3c:72:83:3d:50:66:50:28:45:d0:56:
2b:8d:9e:fa:54:46:fc:8b:46:79:33:e4:ac:82:be:5a:d8:7a:
55:8f:2c:17:5a:20:5a:fd:fa:e9:02:74:bc:f1:9c:0e:64:0b:
40:e1:5d:a8:85:b2:d2:35:93:d0:ff:23:c0:11:21:f4:3f:68:
f9:c1:9a:6b:b4:b6:7a:24:8a:8d:81:cb:34:64:48:bc:70:fd:
71:b3:65:7d:08:5c:92:7f:e3:69:9b:26:6d:1d:a6:3d:78:1f:
34:5f:70:55:73:96:76:68:4d:36:91:d6:62:81:af:41:c2:3b:
26:a4:b8:76:d5:ed:65:2b:1f:ce:14:ba:78:d4:8c:5e:77:b1:
bb:c0:d4:80:c4:b5:c5:c1:c0:8b:c1:88:36:9d:b8:9e:d9:26:
9a:ea:80:ce:19:f7:79:5c:70:68:af:0c:5a:50:9d:a4:83:3d:
40:56:e9:ed
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUXu2UbE0A2S6VQG/JSlJ9qEuOTMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMDYxMTQ4NTVaFw0yNjAzMDUxMTUzNTVaMDMxMTAvBgNV
BAMTKEREMTQwQkMyRjE2OTg4QjU3QjA0QzU3QzNDRDkzOEJGQjFCRDMxNzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1TtOdgQUfZ4lFl0/ROK4qoTeY
mvLaAjaQqLCovPqh2pOXNRXFPYkoxniSh9xDEha/1LvAyt6ZU1xxjYR6IZojHaci
r3x8ziEvphhb0Td0KUSuzBUbaY+sdwFC7KuRYGO9VR0FerDvnxT4KLBwNfX/47jL
cwCnM2AscDHEYBAWNzecCZS3h5m69Cpu/rqqkRR90LG5IQFaO8o5DBFn+we8AAyr
y7TImojcd29zrqQsRcOwCsIw+2wLaN8e5w456q3Mi58fFlV3cSBwY+shBVogpPtF
lju2R9UlLmEoPfeLy3CPPaAiIrwtRJhBC1AuBQ6Ux3j8gxlJGVvbIEePIohfAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU3RQLwvFpiLV7BMV8PNk4v7G9MXYwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzgzMDJlMzUyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMDM0MzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtUAUw
DQYJKoZIhvcNAQELBQADggEBAJGgEu+3b5NpScr244ogH1a8xuq3AG8cSlD1YIeH
C5uw5PlmOjzQM//6feXPAWyTVfz8WyyHSf0cYNuI92riELDk/XcU68B8ZkHkjg6h
0Q48coM9UGZQKEXQViuNnvpURvyLRnkz5KyCvlrYelWPLBdaIFr9+ukCdLzxnA5k
C0DhXaiFstI1k9D/I8ARIfQ/aPnBmmu0tnokio2ByzRkSLxw/XGzZX0IXJJ/42mb
Jm0dpj14HzRfcFVzlnZoTTaR1mKBr0HCOyakuHbV7WUrH84UunjUjF53sbvA1IDE
tcXBwIvBiDaduJ7ZJprqgM4Z93lccGivDFpQnaSDPUBW6e0=
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:02:13 2025 by rpki-client