Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3132382e34342e302f32322d3234203d3e20323033303631.roa
File: 34352e3132382e34342e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: QKUoAyKvFORNW0i+bmCi9n3AHnJOa+Sdu93Vd791xGw=
Subject key identifier: 69:14:7F:19:59:71:63:94:B6:62:8A:BD:5F:C6:E7:EF:FD:36:72:17
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 0C406A236D6D0074DFCA950DF3969BA3180CC015
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3132382e34342e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:50 +0000
ROA not before: Mon 27 Jan 2025 09:39:50 +0000
ROA not after: Mon 26 Jan 2026 09:44:50 +0000
asID: 203061
IP address blocks: 45.128.44.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:40:6a:23:6d:6d:00:74:df:ca:95:0d:f3:96:9b:a3:18:0c:c0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:50 2025 GMT
Not After : Jan 26 09:44:50 2026 GMT
Subject: CN=69147F1959716394B6628ABD5FC6E7EFFD367217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e6:e0:8c:18:5a:f2:9e:6c:c6:5e:e1:1d:51:
33:94:ee:25:ed:6f:78:d6:46:f8:2b:2f:58:41:42:
0d:78:94:de:21:2d:84:dd:36:b7:7d:64:43:06:b5:
b2:f3:44:89:5f:7b:a6:24:7e:99:f1:87:90:1e:8b:
27:51:75:89:25:99:0d:6a:05:7c:b9:68:12:f6:16:
24:4f:5f:97:3a:f4:12:11:54:70:de:72:b5:76:95:
0f:ef:ff:8f:37:78:d5:d0:37:de:ad:00:2a:5b:b8:
a4:b5:ca:3e:54:07:0e:72:2a:e6:3b:64:15:fc:d8:
35:49:ba:b8:27:38:c8:25:6e:16:aa:ff:2a:d9:c2:
f3:e1:04:71:6a:8c:00:e9:df:8a:33:9c:34:88:a1:
3b:f0:3e:0f:66:3d:7b:fc:a5:a1:ae:f4:56:3a:ae:
69:4b:25:f4:70:25:29:f9:89:5e:37:51:d5:8a:99:
0b:f8:86:3f:ad:3d:c8:54:58:66:3f:15:be:42:83:
6b:8c:36:e3:7b:bd:03:fe:33:8d:49:e3:3c:a9:30:
85:6f:21:ce:78:84:98:5d:4a:05:90:b2:b7:18:8c:
b2:e1:1a:8c:a7:34:4b:f0:c5:06:e8:1f:50:df:01:
c1:9c:f2:10:7f:95:ce:b4:0a:b5:40:09:44:a5:5c:
4b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:14:7F:19:59:71:63:94:B6:62:8A:BD:5F:C6:E7:EF:FD:36:72:17
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3132382e34342e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.44.0/22
Signature Algorithm: sha256WithRSAEncryption
10:af:e9:4f:2b:17:21:9d:81:b3:d1:87:2f:6d:f1:a7:5a:ae:
fe:3f:97:91:f5:cd:b5:fb:47:da:fd:75:68:27:dc:3b:7f:03:
96:3e:77:26:20:27:8a:a9:2a:99:31:43:8b:92:f3:92:62:18:
16:9b:90:e1:79:73:12:d4:36:87:46:81:e8:59:06:fb:1e:08:
4e:17:3e:26:a6:d0:cd:cb:e1:51:0c:2a:15:c6:71:8a:10:70:
59:25:1c:18:fd:db:49:dc:87:f4:43:03:c1:87:17:0d:60:01:
e3:a7:31:8e:43:4f:c3:16:58:01:a7:be:3a:62:1b:41:90:b1:
3e:23:ff:99:70:34:61:e5:0b:55:71:53:ee:f7:27:a4:fa:db:
d4:c8:c0:48:79:ee:3e:96:32:b1:56:78:05:07:29:4a:4a:c9:
c5:59:84:a3:b0:34:26:db:76:bf:18:80:7a:e1:bf:cb:c3:a7:
08:ad:06:68:05:d9:75:ab:55:3e:dc:eb:79:49:5d:52:d0:4b:
2b:59:b1:42:9e:dd:35:86:0d:a6:92:57:bd:e8:19:88:75:16:
48:aa:7e:51:c3:2f:80:75:f9:45:4b:01:4d:52:82:d9:c3:8c:
cd:6d:9f:4a:ee:3f:51:cc:71:df:b2:c8:ae:28:1c:95:1c:67:
5e:6b:ee:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDEBqI21tAHTfypUN85aboxgMwBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTBaFw0yNjAxMjYwOTQ0NTBaMDMxMTAvBgNV
BAMTKDY5MTQ3RjE5NTk3MTYzOTRCNjYyOEFCRDVGQzZFN0VGRkQzNjcyMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW5uCMGFrynmzGXuEdUTOU7iXt
b3jWRvgrL1hBQg14lN4hLYTdNrd9ZEMGtbLzRIlfe6Ykfpnxh5AeiydRdYklmQ1q
BXy5aBL2FiRPX5c69BIRVHDecrV2lQ/v/483eNXQN96tACpbuKS1yj5UBw5yKuY7
ZBX82DVJurgnOMglbhaq/yrZwvPhBHFqjADp34oznDSIoTvwPg9mPXv8paGu9FY6
rmlLJfRwJSn5iV43UdWKmQv4hj+tPchUWGY/Fb5Cg2uMNuN7vQP+M41J4zypMIVv
Ic54hJhdSgWQsrcYjLLhGoynNEvwxQboH1DfAcGc8hB/lc60CrVACUSlXEs7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaRR/GVlxY5S2Yoq9X8bn7/02chcwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMjM4MmUzNDM0
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LYAsMA0GCSqGSIb3DQEBCwUAA4IBAQAQr+lPKxchnYGz0YcvbfGnWq7+P5eR9c21
+0fa/XVoJ9w7fwOWPncmICeKqSqZMUOLkvOSYhgWm5DheXMS1DaHRoHoWQb7HghO
Fz4mptDNy+FRDCoVxnGKEHBZJRwY/dtJ3If0QwPBhxcNYAHjpzGOQ0/DFlgBp746
YhtBkLE+I/+ZcDRh5QtVcVPu9yek+tvUyMBIee4+ljKxVngFBylKSsnFWYSjsDQm
23a/GIB64b/Lw6cIrQZoBdl1q1U+3Ot5SV1S0EsrWbFCnt01hg2mkle96BmIdRZI
qn5Rwy+AdflFSwFNUoLZw4zNbZ9K7j9RzHHfssiuKByVHGdea+5f
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:32 2025 by rpki-client