Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
File: 34352e3133332e34302e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: C+GPROm+pEn+MqVyJMR25BdSZ/YpXFAT+WrcvlRD6AA=
Subject key identifier: 70:A6:EB:84:F2:72:BE:EE:8C:77:99:0A:3B:41:DD:19:AA:B8:24:19
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 1020A7B608862D504A728E735EDE6AD853E1DFAB
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:47 +0000
ROA not before: Mon 27 Jan 2025 09:39:47 +0000
ROA not after: Mon 26 Jan 2026 09:44:47 +0000
asID: 203061
IP address blocks: 45.133.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:20:a7:b6:08:86:2d:50:4a:72:8e:73:5e:de:6a:d8:53:e1:df:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:47 2025 GMT
Not After : Jan 26 09:44:47 2026 GMT
Subject: CN=70A6EB84F272BEEE8C77990A3B41DD19AAB82419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:dd:06:0c:f3:4c:e9:ba:2e:19:06:0a:bf:
6e:d0:9e:b5:7a:0c:bf:2e:86:f3:92:6d:08:57:c2:
c5:2d:71:5b:a0:48:15:87:67:8a:49:29:6b:fd:a3:
86:42:7a:b3:63:40:86:3e:78:ae:50:3e:af:3b:b0:
ac:e0:03:87:35:8c:ac:8f:d2:1f:ed:ae:4b:17:c8:
af:03:d9:78:5b:1f:45:58:34:ae:55:47:ee:78:20:
17:57:84:b4:2d:dd:f0:4d:f8:26:fb:b2:dd:61:91:
af:b2:e8:3f:b9:0e:63:8f:0d:4b:c7:bc:73:ee:95:
31:67:e9:e6:fb:5e:c0:a0:12:4b:b3:af:ce:1a:cd:
04:aa:f1:55:b7:fd:1b:41:9a:91:b1:68:e0:4b:39:
60:4d:9d:23:64:e2:0a:9b:92:74:46:db:9b:49:60:
25:17:b7:20:37:51:49:89:fc:ce:ac:a0:84:36:c9:
9a:b9:85:ed:fe:62:af:5c:f2:6c:1d:3b:83:24:1e:
ec:7c:f2:63:f5:9e:c6:29:f7:20:4f:25:3d:0b:e2:
ab:cd:75:6a:81:97:96:81:70:46:ba:7d:5b:ec:b5:
d9:3b:32:b6:ce:8b:8a:42:cf:e8:4d:c7:cd:7d:c7:
9a:13:da:93:13:a9:5d:fc:67:ae:63:13:21:2f:7b:
a8:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:A6:EB:84:F2:72:BE:EE:8C:77:99:0A:3B:41:DD:19:AA:B8:24:19
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:9a:a8:9e:82:8d:3d:71:cf:92:a9:9c:99:47:63:8f:94:83:
01:73:02:ac:f9:14:e7:97:71:b7:65:26:0b:6d:9d:4b:5f:cb:
6c:58:62:ed:8c:1d:7c:90:24:13:24:67:58:1d:75:8c:a6:45:
18:3a:7a:79:33:40:ae:e0:3a:b7:17:8b:0b:9f:9e:3d:d5:36:
4a:13:6f:a7:09:10:1f:1a:44:a5:d2:48:c9:8f:1e:1e:a9:31:
89:3b:3e:1b:60:c5:e6:b5:51:3e:20:2a:ad:40:03:6a:ef:3d:
f4:9f:5e:81:c3:4c:24:3f:35:f3:b2:20:10:c3:f5:58:6d:8f:
4d:22:9b:c4:9f:4a:74:55:70:b1:1c:75:cc:91:0e:a3:1d:64:
c2:64:b7:03:5f:38:2e:14:4e:40:26:08:1f:db:c1:a5:fe:19:
d7:85:7d:0c:46:de:17:bb:a9:4f:2c:58:bd:96:55:b7:b0:4d:
ba:32:ed:7b:22:7b:a9:cb:c7:81:83:88:86:96:e8:dd:fd:93:
07:d3:28:21:5d:43:1b:7e:80:c6:b4:e4:4b:7a:3b:eb:ee:a4:
51:4e:2e:4e:42:f8:26:a0:76:2f:3b:75:10:e4:91:d3:6b:a8:
69:09:1d:6b:78:3e:3e:f1:c5:5a:a3:19:91:1f:b9:94:5b:c4:
d9:cb:5a:88
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUECCntgiGLVBKco5zXt5q2FPh36swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDdaFw0yNjAxMjYwOTQ0NDdaMDMxMTAvBgNV
BAMTKDcwQTZFQjg0RjI3MkJFRUU4Qzc3OTkwQTNCNDFERDE5QUFCODI0MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvgd0GDPNM6bouGQYKv27QnrV6
DL8uhvOSbQhXwsUtcVugSBWHZ4pJKWv9o4ZCerNjQIY+eK5QPq87sKzgA4c1jKyP
0h/trksXyK8D2XhbH0VYNK5VR+54IBdXhLQt3fBN+Cb7st1hka+y6D+5DmOPDUvH
vHPulTFn6eb7XsCgEkuzr84azQSq8VW3/RtBmpGxaOBLOWBNnSNk4gqbknRG25tJ
YCUXtyA3UUmJ/M6soIQ2yZq5he3+Yq9c8mwdO4MkHux88mP1nsYp9yBPJT0L4qvN
dWqBl5aBcEa6fVvstdk7MrbOi4pCz+hNx819x5oT2pMTqV38Z65jEyEve6hlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUcKbrhPJyvu6Md5kKO0HdGaq4JBkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzMzMmUzNDMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LYUoMA0GCSqGSIb3DQEBCwUAA4IBAQA8mqiego09cc+SqZyZR2OPlIMBcwKs+RTn
l3G3ZSYLbZ1LX8tsWGLtjB18kCQTJGdYHXWMpkUYOnp5M0Cu4Dq3F4sLn5491TZK
E2+nCRAfGkSl0kjJjx4eqTGJOz4bYMXmtVE+ICqtQANq7z30n16Bw0wkPzXzsiAQ
w/VYbY9NIpvEn0p0VXCxHHXMkQ6jHWTCZLcDXzguFE5AJggf28Gl/hnXhX0MRt4X
u6lPLFi9llW3sE26Mu17Inupy8eBg4iGlujd/ZMH0yghXUMbfoDGtORLejvr7qRR
Ti5OQvgmoHYvO3UQ5JHTa6hpCR1reD4+8cVaoxmRH7mUW8TZy1qI
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:39:29 2025 by rpki-client