Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e382e3133342e302f32332d3234203d3e203631333137.roa
File: 34352e382e3133342e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: Xqo0UgJKb2MJxMkl+hCpT07VnokQZO4JKPc4ujGT390=
Subject key identifier: 3D:82:AB:ED:EA:DE:29:68:76:4A:5C:09:C2:5D:40:DB:3E:24:2E:A9
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 287C4FC1F9AB1A4C94367783D77BED2C8E6BACC0
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e382e3133342e302f32332d3234203d3e203631333137.roa
Signing time: Mon 27 Jan 2025 09:44:53 +0000
ROA not before: Mon 27 Jan 2025 09:39:53 +0000
ROA not after: Mon 26 Jan 2026 09:44:53 +0000
asID: 61317
IP address blocks: 45.8.134.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:7c:4f:c1:f9:ab:1a:4c:94:36:77:83:d7:7b:ed:2c:8e:6b:ac:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:53 2025 GMT
Not After : Jan 26 09:44:53 2026 GMT
Subject: CN=3D82ABEDEADE2968764A5C09C25D40DB3E242EA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1c:9a:ca:35:8c:50:61:96:07:88:a8:0f:4a:
ae:88:5a:73:29:08:0a:7f:27:2d:52:b8:a8:a5:ab:
23:7f:02:3c:86:34:a2:10:b1:4b:b7:e3:45:8f:0d:
25:78:79:c1:7f:37:c3:60:b3:8b:69:f9:a7:33:5c:
9e:46:f4:1d:9a:7a:0d:bb:f7:3b:56:29:15:4a:6c:
1e:99:41:07:d1:86:e0:28:06:1b:4e:0e:90:b5:6c:
43:a4:37:e4:96:fb:48:93:00:86:b9:db:db:44:dd:
d2:f8:4b:27:5a:4e:42:52:88:d0:6d:dd:18:12:ad:
1c:ab:75:e8:3d:9c:0d:4d:ab:bc:e9:39:ad:81:04:
0a:e4:50:a0:64:e0:17:72:9e:33:bc:58:44:d3:49:
74:55:0e:16:41:48:28:11:e8:0c:f3:78:b1:fe:03:
70:b7:3b:df:92:b0:76:50:7b:49:e1:dd:5f:dc:2e:
4a:c6:52:9e:70:30:1a:e1:9b:33:54:ed:51:b5:61:
f7:44:30:4d:99:fe:8c:0b:f3:d4:bb:24:bd:8b:c8:
f6:de:64:94:ba:4a:cf:89:5c:42:8f:c7:05:65:0b:
fd:d7:91:91:8b:df:5f:ee:fd:89:f8:70:8b:41:bd:
26:63:3c:b1:4a:d9:67:f2:97:3c:c7:8b:52:73:13:
ec:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:82:AB:ED:EA:DE:29:68:76:4A:5C:09:C2:5D:40:DB:3E:24:2E:A9
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e382e3133342e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.134.0/23
Signature Algorithm: sha256WithRSAEncryption
61:63:b8:b3:bd:f5:08:55:78:02:b9:5a:d7:cb:a4:ea:1d:95:
e2:9d:dc:83:ff:77:5d:c4:1f:84:66:1d:4a:fa:0e:1d:4b:e6:
65:12:9d:e2:a4:96:34:f0:a1:70:f0:2b:75:4a:43:1b:53:84:
ef:65:ca:5c:30:34:ef:9b:d2:ad:c5:1b:6f:45:0e:c6:f8:6f:
84:c0:1c:8b:89:93:a0:be:a7:5d:6c:18:16:05:d8:be:1d:f3:
88:27:ce:c2:d5:ce:e5:e6:dd:0b:c2:6e:ce:00:4e:2a:ef:15:
80:14:4c:2c:e5:db:29:d9:11:ca:9e:32:4d:17:12:f3:80:55:
17:79:73:88:41:39:49:77:b0:d6:82:75:16:0a:0d:ea:7e:ca:
4f:3a:9c:64:99:ae:52:b3:44:51:59:bf:87:e3:30:dd:a3:b8:
36:02:3f:30:f7:2c:a6:a8:8c:e5:28:6c:9e:8d:26:ad:37:40:
97:fc:cb:84:f6:63:50:d2:5c:17:66:be:f2:3a:8a:b5:58:09:
71:0e:87:74:c4:b1:cb:fb:9e:00:44:fc:bf:66:70:dc:dc:b8:
d1:b1:28:77:bd:4f:c2:e7:ed:50:3d:96:75:df:b2:bf:6a:f7:
aa:57:ee:f8:7d:f6:5c:27:26:84:3d:41:6c:79:fa:05:59:e1:
b3:76:e0:4b
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUKHxPwfmrGkyUNneD13vtLI5rrMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NTNaFw0yNjAxMjYwOTQ0NTNaMDMxMTAvBgNV
BAMTKDNEODJBQkVERUFERTI5Njg3NjRBNUMwOUMyNUQ0MERCM0UyNDJFQTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6HJrKNYxQYZYHiKgPSq6IWnMp
CAp/Jy1SuKilqyN/AjyGNKIQsUu340WPDSV4ecF/N8Ngs4tp+aczXJ5G9B2aeg27
9ztWKRVKbB6ZQQfRhuAoBhtODpC1bEOkN+SW+0iTAIa529tE3dL4SydaTkJSiNBt
3RgSrRyrdeg9nA1Nq7zpOa2BBArkUKBk4BdynjO8WETTSXRVDhZBSCgR6AzzeLH+
A3C3O9+SsHZQe0nh3V/cLkrGUp5wMBrhmzNU7VG1YfdEME2Z/owL89S7JL2LyPbe
ZJS6Ss+JXEKPxwVlC/3XkZGL31/u/Yn4cItBvSZjPLFK2WfylzzHi1JzE+xlAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUPYKr7ereKWh2SlwJwl1A2z4kLqkwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzgyZTMxMzMzNDJl
MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtCIYw
DQYJKoZIhvcNAQELBQADggEBAGFjuLO99QhVeAK5WtfLpOodleKd3IP/d13EH4Rm
HUr6Dh1L5mUSneKkljTwoXDwK3VKQxtThO9lylwwNO+b0q3FG29FDsb4b4TAHIuJ
k6C+p11sGBYF2L4d84gnzsLVzuXm3QvCbs4ATirvFYAUTCzl2ynZEcqeMk0XEvOA
VRd5c4hBOUl3sNaCdRYKDep+yk86nGSZrlKzRFFZv4fjMN2juDYCPzD3LKaojOUo
bJ6NJq03QJf8y4T2Y1DSXBdmvvI6irVYCXEOh3TEscv7ngBE/L9mcNzcuNGxKHe9
T8Ln7VA9lnXfsr9q96pX7vh99lwnJoQ9QWx5+gVZ4bN24Es=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:42:02 2025 by rpki-client