Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
File: 34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: JdbATQul2wfnzXHMJHJS3CSsPvzkRIBj7SpLDaiiRRc=
Subject key identifier: 62:38:B6:11:BC:39:AD:0F:D7:4C:26:6B:A5:14:60:4A:D2:6D:02:5D
Certificate issuer: /CN=dd2a9a475e7b97e1befcfce473c72a08eb471c1a
Certificate serial: 45A54B57E85913CE013F6DE76C89EF2BBBCC12A0
Authority key identifier: DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3SqaR157l-G-_Pzkc8cqCOtHHBo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Mar 2023 08:27:45 +0000
ROA not before: Mon 27 Mar 2023 08:22:45 +0000
ROA not after: Mon 25 Mar 2024 08:27:45 +0000
asID: 203061
IP address blocks: 45.138.204.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:a5:4b:57:e8:59:13:ce:01:3f:6d:e7:6c:89:ef:2b:bb:cc:12:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd2a9a475e7b97e1befcfce473c72a08eb471c1a
Validity
Not Before: Mar 27 08:22:45 2023 GMT
Not After : Mar 25 08:27:45 2024 GMT
Subject: CN=6238B611BC39AD0FD74C266BA514604AD26D025D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:f4:5b:e9:0c:8a:96:b0:0f:e2:ef:0b:7d:
ea:16:21:cd:98:a0:de:0b:1b:36:a5:03:04:21:65:
db:d5:24:b7:a3:1b:71:1b:f0:3c:aa:b2:53:60:16:
b4:6b:43:b5:c0:8b:46:a1:95:89:0e:2e:d7:d2:6b:
e0:6e:f4:ae:46:b3:e9:25:9f:e2:06:fb:42:69:2c:
ff:19:c9:96:a2:3b:4c:11:b3:38:37:bb:47:b9:bf:
48:2b:9f:c1:03:e3:66:8f:5b:04:d9:2a:de:fa:57:
0d:ef:0c:10:e7:14:69:17:7f:8d:49:6b:9d:28:f1:
a0:bf:87:a2:c5:98:67:f2:66:b7:d9:70:62:5b:57:
3c:5c:10:9a:cf:9e:7b:17:86:75:3a:4c:71:7b:a3:
68:f2:a6:49:5d:0d:07:4c:61:bc:9f:71:13:83:3d:
7d:52:61:ca:8b:b2:85:3b:2d:55:49:be:b7:ec:9b:
4f:1e:ed:c0:a8:d7:0f:bb:27:2e:a4:57:14:9a:a7:
6f:ee:5a:98:94:1e:f8:8b:91:b9:a0:8f:a2:e2:e2:
9e:c1:6d:aa:e3:f8:4e:a7:b9:c8:a5:95:38:11:3e:
cf:9a:e7:a5:87:7e:a2:ca:4c:0a:c8:0a:aa:c5:b3:
37:75:0d:3c:4c:49:90:e7:af:06:dd:bb:c0:6b:45:
92:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:38:B6:11:BC:39:AD:0F:D7:4C:26:6B:A5:14:60:4A:D2:6D:02:5D
X509v3 Authority Key Identifier:
keyid:DD:2A:9A:47:5E:7B:97:E1:BE:FC:FC:E4:73:C7:2A:08:EB:47:1C:1A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/DD2A9A475E7B97E1BEFCFCE473C72A08EB471C1A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3SqaR157l-G-_Pzkc8cqCOtHHBo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/108/34352e3133382e3230342e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.204.0/22
Signature Algorithm: sha256WithRSAEncryption
16:e4:83:ac:d9:10:41:7c:62:f7:bb:53:d4:49:9d:a8:45:2e:
15:99:e4:76:97:ae:f5:52:02:f4:d0:30:f4:03:78:5f:bc:db:
43:03:5d:70:a9:15:8b:d1:04:ef:1f:c6:4e:c6:d8:57:6c:80:
e7:4c:d4:45:18:e5:bc:d0:a9:f2:b8:da:2f:db:c4:43:60:f4:
84:29:33:e7:2a:cd:0d:70:12:c2:c0:9b:36:9d:27:28:d3:cf:
19:10:7c:56:ce:95:3c:3f:a1:ad:9d:22:a8:0e:ff:5c:86:c4:
c1:36:6a:92:2d:94:e3:91:ca:6b:0c:70:1c:8a:68:49:ba:ba:
24:de:ac:e3:56:13:8d:41:9a:fc:36:99:6f:a3:c1:15:b8:2b:
a0:f6:c6:e9:7b:43:60:e6:7b:ea:69:6c:13:bf:d5:47:17:9c:
99:fe:fa:a5:c2:6d:0e:f5:c7:ab:ac:c2:73:0e:4f:2f:25:6f:
5a:cf:67:64:29:7f:4b:c9:55:ee:a5:eb:88:54:27:8d:7f:60:
f3:03:33:b3:16:41:3d:a8:bc:13:71:d3:eb:76:25:6c:e9:ed:
d4:42:cf:2e:49:51:09:1b:8e:c2:d6:07:5f:bf:05:46:bd:b5:
8b:99:fe:81:58:d7:89:44:96:47:44:ca:4e:2b:8c:b0:2c:a8:
88:8b:5b:95
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIURaVLV+hZE84BP23nbInvK7vMEqAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGQyYTlhNDc1ZTdiOTdlMWJlZmNmY2U0NzNjNzJhMDhl
YjQ3MWMxYTAeFw0yMzAzMjcwODIyNDVaFw0yNDAzMjUwODI3NDVaMDMxMTAvBgNV
BAMTKDYyMzhCNjExQkMzOUFEMEZENzRDMjY2QkE1MTQ2MDRBRDI2RDAyNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEIvRb6QyKlrAP4u8LfeoWIc2Y
oN4LGzalAwQhZdvVJLejG3Eb8DyqslNgFrRrQ7XAi0ahlYkOLtfSa+Bu9K5Gs+kl
n+IG+0JpLP8ZyZaiO0wRszg3u0e5v0grn8ED42aPWwTZKt76Vw3vDBDnFGkXf41J
a50o8aC/h6LFmGfyZrfZcGJbVzxcEJrPnnsXhnU6THF7o2jypkldDQdMYbyfcROD
PX1SYcqLsoU7LVVJvrfsm08e7cCo1w+7Jy6kVxSap2/uWpiUHviLkbmgj6Li4p7B
barj+E6nucillTgRPs+a56WHfqLKTArICqrFszd1DTxMSZDnrwbdu8BrRZJLAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUYji2Ebw5rQ/XTCZrpRRgStJtAl0wHwYDVR0j
BBgwFoAU3SqaR157l+G+/Pzkc8cqCOtHHBowDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xMDgvREQyQTlBNDc1RTdCOTdFMUJFRkNGQ0U0NzNDNzJBMDhFQjQ3MUMx
QS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNTcWFSMTU3bC1HLV9QemtjOGNx
Q090SEhCby5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzEwOC8zNDM1MmUzMTMzMzgy
ZTMyMzAzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzMzMwMzYzMS5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAi2KzDANBgkqhkiG9w0BAQsFAAOCAQEAFuSDrNkQQXxi97tT1EmdqEUu
FZnkdpeu9VIC9NAw9AN4X7zbQwNdcKkVi9EE7x/GTsbYV2yA50zURRjlvNCp8rja
L9vEQ2D0hCkz5yrNDXASwsCbNp0nKNPPGRB8Vs6VPD+hrZ0iqA7/XIbEwTZqki2U
45HKawxwHIpoSbq6JN6s41YTjUGa/DaZb6PBFbgroPbG6XtDYOZ76mlsE7/VRxec
mf76pcJtDvXHq6zCcw5PLyVvWs9nZCl/S8lV7qXriFQnjX9g8wMzsxZBPai8E3HT
63YlbOnt1ELPLklRCRuOwtYHX78FRr21i5n+gVjXiUSWR0TKTiuMsCyoiItblQ==
-----END CERTIFICATE-----
Generated at Wed Sep 27 12:48:16 2023 by rpki-client on console-ams.rpki-client.org