Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
File: 34352e3134372e37322e302f32322d3232203d3e20323033303230.roa (raw, json)
Hash identifier: fUqFzDcK6HbH1vkVuy53LOrPvJAVT2g3+3dEjCxeamE=
Subject key identifier: 86:8A:D1:E5:CE:37:6F:81:51:B1:F8:33:CE:46:A7:FA:4F:B0:45:9B
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 0BDD8ED924D5C4532E15FB471FD2BE2ED54B82DB
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
Signing time: Fri 20 Dec 2024 15:23:31 +0000
ROA not before: Fri 20 Dec 2024 15:18:31 +0000
ROA not after: Fri 19 Dec 2025 15:23:31 +0000
asID: 203020
IP address blocks: 45.147.72.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:dd:8e:d9:24:d5:c4:53:2e:15:fb:47:1f:d2:be:2e:d5:4b:82:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Dec 20 15:18:31 2024 GMT
Not After : Dec 19 15:23:31 2025 GMT
Subject: CN=868AD1E5CE376F8151B1F833CE46A7FA4FB0459B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dd:7e:1c:6e:61:30:0a:c8:27:dc:f5:f2:cd:
35:d8:9d:74:17:1b:eb:a6:db:43:6b:ee:b6:88:f5:
93:b1:9a:ab:98:3d:b4:68:7b:23:c8:e0:3d:ae:41:
8a:a9:3c:7e:8a:59:ba:8d:42:22:4b:d8:ae:31:73:
65:9a:b4:25:35:1c:c7:fa:87:93:6d:10:86:fe:bc:
8a:dc:66:16:e6:a3:54:92:7d:54:28:b2:07:b1:38:
7e:1f:1c:a5:30:f6:92:0b:45:26:a9:53:20:46:fd:
62:85:cf:41:89:fe:70:cd:9f:e8:11:61:00:e9:02:
70:41:5b:67:6d:61:00:f8:9b:3f:ff:f0:d0:2a:6a:
38:22:af:b5:84:cb:1c:2f:aa:e5:fb:63:ad:01:88:
e5:06:e2:c1:fe:3d:90:61:3c:0c:23:56:63:f3:e2:
62:eb:68:43:1f:c3:c6:c2:a5:21:9c:0b:c6:87:52:
4a:d7:2e:9c:d9:eb:e1:d1:8c:a9:ce:c2:da:91:7d:
a7:27:da:77:7a:bc:24:a3:7d:0e:4c:be:db:64:80:
27:3b:5d:06:6b:75:5f:d7:88:1f:da:61:97:74:3b:
cc:72:e3:d4:62:11:24:19:b0:9c:03:96:4a:ae:ab:
41:68:2d:f1:65:b8:46:c8:f6:cd:bd:a1:18:db:4f:
de:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8A:D1:E5:CE:37:6F:81:51:B1:F8:33:CE:46:A7:FA:4F:B0:45:9B
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e3134372e37322e302f32322d3232203d3e20323033303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.72.0/22
Signature Algorithm: sha256WithRSAEncryption
31:46:3e:fc:3c:61:04:da:6c:c1:eb:66:72:dd:2b:66:59:28:
72:df:99:fc:c5:f6:ad:dd:65:93:b6:b3:cd:1d:48:28:eb:16:
94:7c:75:34:fd:ea:20:c9:9e:67:a8:4b:79:dd:f1:49:8f:00:
02:2b:99:b6:ff:fd:ba:73:27:e7:68:a8:fc:0d:1e:cb:90:35:
6b:fe:8e:48:27:82:71:53:0a:15:75:6a:dd:0a:6b:ab:27:48:
f3:da:76:83:38:c3:be:55:f0:b0:13:03:0e:03:c8:0b:f3:3a:
c4:f3:a4:b3:09:a1:95:2a:7c:10:6e:5d:59:b6:ae:17:ad:a1:
47:28:48:68:ba:60:6c:cb:17:36:e3:2c:a4:d8:47:00:d6:ef:
98:23:69:86:eb:80:be:ed:ef:dc:d5:4b:b6:9a:50:55:4a:da:
ef:15:71:50:90:12:f0:ed:e8:da:31:a3:3a:14:76:ba:ce:09:
02:a4:32:dd:7a:8a:1d:67:3a:e0:d5:66:b7:25:62:d4:30:25:
ac:a7:f0:77:a3:5f:0a:b7:7e:03:a1:d6:ca:c7:d9:5b:2f:fb:
17:44:77:51:68:58:55:5c:04:f6:b1:6f:7c:d3:35:54:a8:b6:
16:37:84:29:cd:6f:94:16:31:d8:87:8b:b2:29:f7:51:56:a4:
96:52:4c:93
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUC92O2STVxFMuFftHH9K+LtVLgtswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNDEyMjAxNTE4MzFaFw0yNTEyMTkxNTIzMzFaMDMxMTAvBgNV
BAMTKDg2OEFEMUU1Q0UzNzZGODE1MUIxRjgzM0NFNDZBN0ZBNEZCMDQ1OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb3X4cbmEwCsgn3PXyzTXYnXQX
G+um20Nr7raI9ZOxmquYPbRoeyPI4D2uQYqpPH6KWbqNQiJL2K4xc2WatCU1HMf6
h5NtEIb+vIrcZhbmo1SSfVQosgexOH4fHKUw9pILRSapUyBG/WKFz0GJ/nDNn+gR
YQDpAnBBW2dtYQD4mz//8NAqajgir7WEyxwvquX7Y60BiOUG4sH+PZBhPAwjVmPz
4mLraEMfw8bCpSGcC8aHUkrXLpzZ6+HRjKnOwtqRfacn2nd6vCSjfQ5MvttkgCc7
XQZrdV/XiB/aYZd0O8xy49RiESQZsJwDlkquq0FoLfFluEbI9s29oRjbT94lAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUhorR5c43b4FRsfgzzkan+k+wRZswHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTM0Mzcy
ZTM3MzIyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDMyMzAucm9hMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAItk0gwDQYJKoZIhvcNAQELBQADggEBADFGPvw8YQTabMHrZnLdK2ZZKHLf
mfzF9q3dZZO2s80dSCjrFpR8dTT96iDJnmeoS3nd8UmPAAIrmbb//bpzJ+doqPwN
HsuQNWv+jkgngnFTChV1at0Ka6snSPPadoM4w75V8LATAw4DyAvzOsTzpLMJoZUq
fBBuXVm2rhetoUcoSGi6YGzLFzbjLKTYRwDW75gjaYbrgL7t79zVS7aaUFVK2u8V
cVCQEvDt6NoxozoUdrrOCQKkMt16ih1nOuDVZrclYtQwJayn8HejXwq3fgOh1srH
2Vsv+xdEd1FoWFVcBPaxb3zTNVSothY3hCnNb5QWMdiHi7Ip91FWpJZSTJM=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:40:58 2025 by rpki-client