Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
File: 34352e38302e372e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 8mi788twFjgJ0TWWd72rYD+5N5INSXxTrbQc0AT4uDU=
Subject key identifier: 0E:81:1E:CD:6E:79:99:51:66:2E:6A:E3:3F:BC:E1:C1:02:AD:7B:58
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 345AA84B84D3834227BCE881D5B245B8AFB3B2E5
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
Signing time: Sat 22 Mar 2025 21:53:58 +0000
ROA not before: Sat 22 Mar 2025 21:48:58 +0000
ROA not after: Sat 21 Mar 2026 21:53:58 +0000
asID: 61317
IP address blocks: 45.80.7.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:5a:a8:4b:84:d3:83:42:27:bc:e8:81:d5:b2:45:b8:af:b3:b2:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Mar 22 21:48:58 2025 GMT
Not After : Mar 21 21:53:58 2026 GMT
Subject: CN=0E811ECD6E799951662E6AE33FBCE1C102AD7B58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8d:1f:a4:af:d2:df:16:55:76:a5:a5:53:14:
cb:98:6f:13:d2:85:7b:5e:1c:2d:d6:56:48:d5:ab:
8e:38:bc:6f:b8:8c:49:f2:02:c5:77:01:8e:33:72:
b7:92:f5:94:f0:d7:25:14:68:c3:97:18:1d:58:1c:
da:6c:84:45:09:01:9f:12:46:5f:b4:a8:0c:48:9e:
11:00:07:8c:59:54:15:7e:9b:25:79:f0:a6:33:42:
81:60:ff:d8:ff:d2:48:8d:0c:25:8f:64:5b:54:f7:
65:cb:89:d4:cd:7c:f4:b4:d5:ff:37:bb:3c:30:06:
29:07:18:17:6f:2d:83:38:80:6d:74:12:02:11:65:
7c:43:9d:6e:2d:f4:46:91:12:3f:38:02:31:e6:79:
25:de:4c:00:c8:99:6f:57:83:b5:89:8f:ab:12:90:
19:50:38:0b:1e:15:06:03:33:02:41:1a:ee:54:82:
63:61:a6:71:cd:f5:ad:c4:fa:e1:d6:ce:d8:9e:86:
6b:8d:ea:74:96:20:d0:3c:50:ed:7c:c6:e7:bf:52:
9f:b0:ab:b1:af:d0:f5:44:f2:95:6b:7d:18:52:82:
dd:04:2a:c8:4c:f3:98:65:dd:04:99:da:36:34:46:
c9:f0:08:98:b3:74:39:53:56:13:d2:9f:5a:f9:2c:
71:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:81:1E:CD:6E:79:99:51:66:2E:6A:E3:3F:BC:E1:C1:02:AD:7B:58
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e38302e372e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.7.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:ff:33:37:21:f1:d9:0b:d9:1a:d2:ef:a3:e8:d8:0f:1b:9c:
16:0c:f3:68:d8:ad:7f:6c:4d:53:54:e0:4d:bb:a6:57:d9:5e:
40:f3:8d:1f:6a:d8:41:2a:35:0d:f7:52:b8:63:f0:95:95:c6:
47:45:22:87:e7:49:3e:e4:3a:ef:2d:94:2d:e2:1d:c5:5c:9f:
38:4d:d5:11:33:ac:22:8b:44:e1:aa:0f:30:14:12:0d:52:4b:
fa:88:0e:c0:e5:07:e8:ce:fd:15:b4:92:61:d9:28:17:7a:06:
a4:7f:73:fb:80:07:3a:49:1a:1f:b8:98:2b:a4:0a:fa:94:27:
08:0b:be:c5:4b:84:80:3d:47:dd:49:2b:6e:96:f5:ea:72:13:
73:ca:3b:54:25:9b:6d:25:41:ee:5a:1e:83:a3:06:85:af:7c:
96:ae:ac:93:0e:ec:f7:07:52:d1:0f:7d:48:bc:ff:6b:06:58:
24:72:88:b0:01:0b:93:a1:03:b0:f4:01:7d:84:9a:3c:55:48:
8b:4e:11:12:2d:3c:50:e8:10:61:da:dd:0b:6a:a1:dc:3c:63:
4b:d9:13:64:f6:c5:15:7c:cc:ed:d8:6d:7c:6d:21:98:6d:af:
2c:c2:f8:df:2f:41:ae:00:44:9d:9d:6a:3b:f7:24:66:9f:d5:
64:df:ed:95
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUNFqoS4TTg0InvOiB1bJFuK+zsuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAzMjIyMTQ4NThaFw0yNjAzMjEyMTUzNThaMDMxMTAvBgNV
BAMTKDBFODExRUNENkU3OTk5NTE2NjJFNkFFMzNGQkNFMUMxMDJBRDdCNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYjR+kr9LfFlV2paVTFMuYbxPS
hXteHC3WVkjVq444vG+4jEnyAsV3AY4zcreS9ZTw1yUUaMOXGB1YHNpshEUJAZ8S
Rl+0qAxInhEAB4xZVBV+myV58KYzQoFg/9j/0kiNDCWPZFtU92XLidTNfPS01f83
uzwwBikHGBdvLYM4gG10EgIRZXxDnW4t9EaREj84AjHmeSXeTADImW9Xg7WJj6sS
kBlQOAseFQYDMwJBGu5UgmNhpnHN9a3E+uHWztiehmuN6nSWINA8UO18xue/Up+w
q7Gv0PVE8pVrfRhSgt0EKshM85hl3QSZ2jY0RsnwCJizdDlTVhPSn1r5LHHhAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUDoEezW55mVFmLmrjP7zhwQKte1gwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzgzMDJlMzcyZTMw
MmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVAHMA0G
CSqGSIb3DQEBCwUAA4IBAQDE/zM3IfHZC9ka0u+j6NgPG5wWDPNo2K1/bE1TVOBN
u6ZX2V5A840fathBKjUN91K4Y/CVlcZHRSKH50k+5DrvLZQt4h3FXJ84TdURM6wi
i0Thqg8wFBINUkv6iA7A5Qfozv0VtJJh2SgXegakf3P7gAc6SRofuJgrpAr6lCcI
C77FS4SAPUfdSStulvXqchNzyjtUJZttJUHuWh6DowaFr3yWrqyTDuz3B1LRD31I
vP9rBlgkcoiwAQuToQOw9AF9hJo8VUiLThESLTxQ6BBh2t0LaqHcPGNL2RNk9sUV
fMzt2G18bSGYba8swvjfL0GuAESdnWo79yRmn9Vk3+2V
-----END CERTIFICATE-----
Generated at Fri Apr 4 19:29:43 2025 by rpki-client