Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
File: 34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: hHGCBA1tOZs5r/LHzLYp1cM3KvOlPVKhRGg4d1uZggw=
Subject key identifier: 26:B6:AB:85:2E:FD:61:22:D3:74:A8:8A:E5:CD:3B:BE:4A:29:D7:48
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 7C4282BC833E87CAC6D1895C5ABD4052F785C677
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 05 Mar 2025 19:45:49 +0000
ROA not before: Wed 05 Mar 2025 19:40:49 +0000
ROA not after: Wed 04 Mar 2026 19:45:49 +0000
asID: 136787
IP address blocks: 45.141.123.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:42:82:bc:83:3e:87:ca:c6:d1:89:5c:5a:bd:40:52:f7:85:c6:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Mar 5 19:40:49 2025 GMT
Not After : Mar 4 19:45:49 2026 GMT
Subject: CN=26B6AB852EFD6122D374A88AE5CD3BBE4A29D748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8d:3f:d0:ad:0c:e8:d6:71:58:12:ad:1f:95:
c1:83:32:f5:aa:9d:8a:08:76:98:af:e1:12:ed:47:
0f:7e:53:4d:7a:d0:43:18:dd:88:3f:93:63:41:12:
73:c8:03:a8:3a:2c:46:36:b2:44:ff:55:0e:b0:c2:
91:30:2c:11:32:d8:19:41:21:a5:0d:86:a1:f8:62:
1f:f2:26:5d:ed:75:77:42:1d:82:29:ec:47:17:6e:
d1:9a:4f:a5:72:1e:00:7e:f8:b7:24:1c:7b:1c:92:
28:8d:8e:ba:67:2c:ec:75:be:db:07:8f:92:a9:0c:
2c:1e:b2:9d:67:6d:77:e7:ab:88:90:15:a4:64:5f:
1e:96:a4:d4:28:7a:ee:b4:16:2d:a0:77:3f:97:cb:
97:14:ed:8e:10:99:16:ca:b1:bd:7a:8e:b3:18:e6:
f7:59:ce:d8:eb:b0:12:e9:e4:3e:76:c5:36:ed:bf:
7c:bb:6b:1f:80:97:92:3e:9b:d5:ea:bc:fc:67:61:
ca:81:f7:7e:66:fb:31:b8:0e:56:ec:05:7c:44:a0:
87:b9:be:63:e9:fc:ec:f5:33:9d:dc:ea:28:6a:74:
83:2f:30:af:2b:b2:c8:9c:be:91:a5:ef:5e:38:f2:
9d:9d:16:73:b1:50:2f:13:bc:e9:a2:34:7b:0b:09:
da:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:B6:AB:85:2E:FD:61:22:D3:74:A8:8A:E5:CD:3B:BE:4A:29:D7:48
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.123.0/24
Signature Algorithm: sha256WithRSAEncryption
63:96:35:8d:8c:e5:f3:fe:09:0b:8e:6d:49:c3:4d:b1:a4:3f:
94:b8:50:ff:f4:d1:04:34:76:ca:95:50:d0:95:14:2b:8a:ff:
cf:a7:64:47:6a:10:68:a6:e3:60:10:34:cc:b7:e4:27:3c:7b:
95:a6:af:e6:8d:49:f9:7e:c5:b6:4e:69:2c:eb:a4:ee:c5:a1:
a2:7d:bc:cc:62:4f:bd:8f:1d:3a:87:a8:a7:3e:ce:5f:7c:f2:
37:56:26:a8:2d:03:c0:27:74:de:78:39:b8:da:e3:c6:2e:fb:
3e:61:f8:f5:7c:46:95:85:51:78:94:7e:fa:66:36:1b:c7:e9:
be:ed:06:cd:5e:fc:33:8e:b2:6d:07:e3:76:21:a5:2d:8c:f1:
08:91:dc:d0:3d:79:18:d7:59:f2:84:3d:84:07:2c:63:ba:2b:
fc:9a:84:f9:d8:9f:c4:31:2d:94:78:7d:f6:86:76:c4:c6:82:
5e:b1:9f:22:b7:57:d4:c4:bb:a0:1e:63:2b:d4:18:ce:bd:58:
a8:5e:bc:f7:eb:8c:89:7e:ea:2d:81:84:c7:be:f3:e5:44:ec:
bb:cf:6e:4f:8e:ee:8c:20:c2:cd:18:03:f9:0a:a6:1c:84:5d:
64:5b:75:a6:2d:c0:4a:04:1d:fa:c9:26:1f:2a:12:5b:d4:fa:
f6:64:7b:d0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfEKCvIM+h8rG0YlcWr1AUveFxncwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAzMDUxOTQwNDlaFw0yNjAzMDQxOTQ1NDlaMDMxMTAvBgNV
BAMTKDI2QjZBQjg1MkVGRDYxMjJEMzc0QTg4QUU1Q0QzQkJFNEEyOUQ3NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUjT/QrQzo1nFYEq0flcGDMvWq
nYoIdpiv4RLtRw9+U0160EMY3Yg/k2NBEnPIA6g6LEY2skT/VQ6wwpEwLBEy2BlB
IaUNhqH4Yh/yJl3tdXdCHYIp7EcXbtGaT6VyHgB++LckHHsckiiNjrpnLOx1vtsH
j5KpDCwesp1nbXfnq4iQFaRkXx6WpNQoeu60Fi2gdz+Xy5cU7Y4QmRbKsb16jrMY
5vdZztjrsBLp5D52xTbtv3y7ax+Al5I+m9XqvPxnYcqB935m+zG4DlbsBXxEoIe5
vmPp/Oz1M53c6ihqdIMvMK8rssicvpGl71448p2dFnOxUC8TvOmiNHsLCdr7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJrarhS79YSLTdKiK5c07vkop10gwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAAtjXswDQYJKoZIhvcNAQELBQADggEBAGOWNY2M5fP+CQuObUnDTbGkP5S4UP/0
0QQ0dsqVUNCVFCuK/8+nZEdqEGim42AQNMy35Cc8e5Wmr+aNSfl+xbZOaSzrpO7F
oaJ9vMxiT72PHTqHqKc+zl988jdWJqgtA8AndN54Obja48Yu+z5h+PV8RpWFUXiU
fvpmNhvH6b7tBs1e/DOOsm0H43YhpS2M8QiR3NA9eRjXWfKEPYQHLGO6K/yahPnY
n8QxLZR4ffaGdsTGgl6xnyK3V9TEu6AeYyvUGM69WKhevPfrjIl+6i2BhMe+8+VE
7LvPbk+O7owgws0YA/kKphyEXWRbdaYtwEoEHfrJJh8qElvU+vZke9A=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:03 2025 by rpki-client