Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
File: 34352e3133372e3139322e302f32342d3332203d3e203430303231.roa (raw, json)
Hash identifier: WYqZjqYI6V2tE3HzvRnWHM7GiX8H3yNpCRXDj6YFxmM=
Subject key identifier: 47:94:F3:67:28:85:6B:D5:91:E8:67:0C:3B:92:89:15:7F:C3:E1:DF
Certificate issuer: /CN=08fb9ba827e6f10a7af37490803dd5a076397235
Certificate serial: 6749995CEA1EF15497E4A0B60D20BD552290A303
Authority key identifier: 08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
Signing time: Mon 26 Feb 2024 08:52:55 +0000
ROA not before: Mon 26 Feb 2024 08:47:55 +0000
ROA not after: Mon 24 Feb 2025 08:52:55 +0000
asID: 40021
IP address blocks: 45.137.192.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:49:99:5c:ea:1e:f1:54:97:e4:a0:b6:0d:20:bd:55:22:90:a3:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fb9ba827e6f10a7af37490803dd5a076397235
Validity
Not Before: Feb 26 08:47:55 2024 GMT
Not After : Feb 24 08:52:55 2025 GMT
Subject: CN=4794F36728856BD591E8670C3B9289157FC3E1DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:2f:06:24:b5:d9:94:5c:d6:6f:a6:0d:7f:fc:
cd:d4:88:cc:5c:f3:52:80:8f:0e:4a:a4:df:33:ff:
94:6b:93:71:be:9c:b5:31:eb:9f:1b:c4:45:4e:5c:
9d:4c:bf:d7:59:46:0e:1f:19:1b:e4:d6:1e:26:11:
8f:76:b0:4f:a2:b1:38:79:04:f8:70:64:b7:c7:fc:
a9:d2:b6:62:e0:a0:29:50:d2:06:d1:d6:66:64:0e:
bb:d5:cf:73:e1:33:54:ef:68:46:59:41:fd:83:4d:
b9:8c:db:42:89:7a:25:5f:03:2e:76:68:f7:a0:9a:
60:a9:0a:f0:ab:5c:98:3d:8a:cf:f9:45:3e:9a:37:
e7:5a:bf:5a:f7:09:d8:5b:9b:5d:23:f9:28:48:45:
d7:ee:4e:9d:a1:ef:fe:9e:1a:7f:33:61:44:3c:ce:
4a:32:aa:7b:ea:70:78:ad:61:b9:b3:cc:62:86:6b:
6a:1f:c7:67:e3:67:db:f6:66:04:71:21:7e:73:70:
c7:65:3b:f7:50:05:8b:39:46:c9:cd:4f:7c:b2:cf:
97:dc:e1:a7:2c:13:d1:d4:e4:63:3f:f6:c8:11:a6:
18:3f:1a:47:f3:55:90:4d:8a:f1:c6:cd:b3:6b:6a:
7d:b1:05:63:80:03:5e:8d:3d:3a:4e:62:d3:e0:40:
33:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:94:F3:67:28:85:6B:D5:91:E8:67:0C:3B:92:89:15:7F:C3:E1:DF
X509v3 Authority Key Identifier:
keyid:08:FB:9B:A8:27:E6:F1:0A:7A:F3:74:90:80:3D:D5:A0:76:39:72:35
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/08FB9BA827E6F10A7AF37490803DD5A076397235.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPubqCfm8Qp683SQgD3VoHY5cjU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/2/34352e3133372e3139322e302f32342d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.192.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:63:10:5f:90:08:3b:16:ae:39:2e:4a:6f:e5:ae:1b:ff:de:
eb:18:97:7d:72:cc:6c:24:2b:0f:18:6b:3f:84:3f:db:d2:67:
ec:e5:08:88:3b:2c:de:92:0b:f1:6f:da:40:c6:30:37:16:d1:
29:d5:d7:62:45:98:b5:90:4b:e8:44:7c:ff:5e:37:b7:77:cc:
7e:cf:a2:ac:3d:b6:ee:fb:c4:1b:33:78:2f:11:c6:91:28:36:
9e:a7:1c:f3:d3:18:ab:a5:7c:f1:c2:9c:f4:48:ff:67:14:44:
a5:97:d7:60:e7:de:eb:3e:60:ec:f0:7f:1b:ce:e0:5d:9c:e8:
68:fa:a2:4f:b0:b2:aa:3b:20:1b:17:97:ef:78:fe:70:a5:34:
4f:e4:03:57:96:6e:69:fe:7c:19:53:63:88:d1:42:f2:af:20:
ba:f2:ce:29:e8:d7:a1:41:e4:5f:c9:5a:9c:31:b3:7f:61:87:
e1:45:83:e8:e1:fd:f4:75:13:02:4d:32:d6:4c:10:72:d3:30:
96:3b:a0:d1:71:c9:5d:49:9c:fe:b6:50:5a:ec:b4:1f:cc:29:
e9:6a:b4:56:af:55:46:12:08:b6:f6:8e:2b:2d:88:f2:a4:1a:
ad:d9:57:80:5c:5f:7b:6b:5f:c6:64:18:9e:72:ac:46:59:11:
95:07:9a:19
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZ0mZXOoe8VSX5KC2DSC9VSKQowMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhmYjliYTgyN2U2ZjEwYTdhZjM3NDkwODAzZGQ1YTA3
NjM5NzIzNTAeFw0yNDAyMjYwODQ3NTVaFw0yNTAyMjQwODUyNTVaMDMxMTAvBgNV
BAMTKDQ3OTRGMzY3Mjg4NTZCRDU5MUU4NjcwQzNCOTI4OTE1N0ZDM0UxREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsLwYktdmUXNZvpg1//M3UiMxc
81KAjw5KpN8z/5Rrk3G+nLUx658bxEVOXJ1Mv9dZRg4fGRvk1h4mEY92sE+isTh5
BPhwZLfH/KnStmLgoClQ0gbR1mZkDrvVz3PhM1TvaEZZQf2DTbmM20KJeiVfAy52
aPegmmCpCvCrXJg9is/5RT6aN+dav1r3Cdhbm10j+ShIRdfuTp2h7/6eGn8zYUQ8
zkoyqnvqcHitYbmzzGKGa2ofx2fjZ9v2ZgRxIX5zcMdlO/dQBYs5RsnNT3yyz5fc
4acsE9HU5GM/9sgRphg/GkfzVZBNivHGzbNran2xBWOAA16NPTpOYtPgQDNnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUR5TzZyiFa9WR6GcMO5KJFX/D4d8wHwYDVR0j
BBgwFoAUCPubqCfm8Qp683SQgD3VoHY5cjUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzIvMDhGQjlCQTgyN0U2RjEwQTdBRjM3NDkwODAzREQ1QTA3NjM5NzIzNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NQdWJxQ2ZtOFFwNjgzU1FnRDNWb0hZ
NWNqVS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzIvMzQzNTJlMzEzMzM3MmUzMTM5
MzIyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LYnAMA0GCSqGSIb3DQEBCwUAA4IBAQBrYxBfkAg7Fq45Lkpv5a4b/97rGJd9csxs
JCsPGGs/hD/b0mfs5QiIOyzekgvxb9pAxjA3FtEp1ddiRZi1kEvoRHz/Xje3d8x+
z6KsPbbu+8QbM3gvEcaRKDaepxzz0xirpXzxwpz0SP9nFESll9dg597rPmDs8H8b
zuBdnOho+qJPsLKqOyAbF5fveP5wpTRP5ANXlm5p/nwZU2OI0ULyryC68s4p6Neh
QeRfyVqcMbN/YYfhRYPo4f30dRMCTTLWTBBy0zCWO6DRccldSZz+tlBa7LQfzCnp
arRWr1VGEgi29o4rLYjypBqt2VeAXF97a1/GZBiecqxGWRGVB5oZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:48:27 2025 by rpki-client