Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e38342e3136302e302f32322d3234203d3e20323033303631.roa
File: 34352e38342e3136302e302f32322d3234203d3e20323033303631.roa (raw, json)
Hash identifier: drtL2waTEx8KnkkJ2UDNINAvBYdvo2eR6Q2dQv9u9yA=
Subject key identifier: 6F:30:13:06:2E:58:EB:92:33:75:48:95:0F:B9:D3:84:E9:E6:CA:1E
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 6D350C6DA76EFDB2AFBC5FE1811CEC2F1FA617C4
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e38342e3136302e302f32322d3234203d3e20323033303631.roa
Signing time: Mon 27 Jan 2025 09:44:49 +0000
ROA not before: Mon 27 Jan 2025 09:39:49 +0000
ROA not after: Mon 26 Jan 2026 09:44:49 +0000
asID: 203061
IP address blocks: 45.84.160.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:35:0c:6d:a7:6e:fd:b2:af:bc:5f:e1:81:1c:ec:2f:1f:a6:17:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jan 27 09:39:49 2025 GMT
Not After : Jan 26 09:44:49 2026 GMT
Subject: CN=6F3013062E58EB92337548950FB9D384E9E6CA1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:e9:1e:b8:c9:39:42:6d:bf:8c:9d:b2:0b:
e9:b9:37:f5:ac:f4:a1:1d:60:90:88:56:56:21:fd:
77:a6:3a:15:e1:38:68:4b:ae:04:aa:44:55:87:ab:
39:17:a8:ce:f8:e8:0e:de:61:06:6c:d8:46:77:cb:
ec:76:81:3d:09:6f:60:0b:7a:6c:06:1a:1e:0d:42:
aa:3b:44:ec:2a:8f:b2:b0:5f:b0:d3:ea:af:e0:49:
d2:e1:eb:87:e4:d7:8f:17:ef:39:0d:ca:6f:e4:7f:
84:06:4e:7b:35:7d:d0:71:8a:b8:ea:56:fc:e2:95:
58:30:63:da:26:ec:d5:f6:a8:90:d3:35:8c:6e:ad:
97:2c:7b:55:fc:55:f4:74:48:13:be:c6:e0:fa:f4:
d2:8b:d2:29:1d:fe:a7:4e:42:08:99:21:e0:a7:d5:
18:c0:83:a8:43:dc:e5:17:7b:80:c2:df:65:63:9d:
b2:80:da:2e:ff:45:4d:c7:fa:f6:bc:fc:ea:e4:2f:
a8:cf:f0:5b:ed:b4:8f:04:ce:0b:ed:2d:33:17:3d:
79:27:22:47:22:e7:ad:92:de:49:9b:cc:2b:16:bc:
5d:cb:3d:5a:2b:b6:8b:a2:f7:a8:d2:cf:b5:a4:a4:
a8:5f:79:12:19:e7:65:93:96:ab:6c:56:dc:b1:2e:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:30:13:06:2E:58:EB:92:33:75:48:95:0F:B9:D3:84:E9:E6:CA:1E
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e38342e3136302e302f32322d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.160.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:ad:32:72:67:8b:d3:f4:a8:17:53:fe:d0:cb:a9:91:1d:c1:
d9:ff:4e:3c:47:35:3c:16:c8:54:49:96:dd:e2:93:1e:ef:70:
e4:ab:da:cc:b7:08:37:53:7d:b2:74:2d:2f:dd:53:f0:60:36:
d0:39:32:c4:86:fe:8f:8e:fc:77:16:69:32:23:a6:73:6e:8c:
81:68:f7:81:9e:ea:1b:85:4a:c5:ef:51:ac:ab:63:ba:28:3d:
4f:2f:b9:6d:db:e6:1f:da:89:3e:63:35:46:aa:0e:77:be:b5:
c8:ba:84:72:5a:45:9a:fc:dc:11:cf:35:4d:1a:a3:bb:a1:0c:
8b:c2:36:1c:ac:20:71:7a:d2:d3:13:15:4f:73:f1:0b:ae:8d:
b8:de:a5:2b:8f:f4:6a:bc:e6:f4:a5:46:75:21:e1:d8:5d:c3:
6b:5b:60:52:a5:59:ee:5c:6d:80:9b:d5:23:c9:be:44:f3:ac:
0c:8d:05:24:3b:e3:fe:ec:ef:e8:ac:5b:c6:8c:47:ec:3a:73:
8c:a9:b0:2f:ad:48:b1:25:00:21:ad:8c:1d:59:60:a6:c0:52:
92:ab:9e:e6:c1:74:7a:71:b6:ee:c1:1f:5a:ae:2b:4f:9a:6e:
7e:79:6d:fb:3b:09:b2:73:38:e1:0c:43:37:14:09:cd:e7:2f:
87:65:a5:7f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbTUMbadu/bKvvF/hgRzsLx+mF8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTAxMjcwOTM5NDlaFw0yNjAxMjYwOTQ0NDlaMDMxMTAvBgNV
BAMTKDZGMzAxMzA2MkU1OEVCOTIzMzc1NDg5NTBGQjlEMzg0RTlFNkNBMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxFukeuMk5Qm2/jJ2yC+m5N/Ws
9KEdYJCIVlYh/XemOhXhOGhLrgSqRFWHqzkXqM746A7eYQZs2EZ3y+x2gT0Jb2AL
emwGGh4NQqo7ROwqj7KwX7DT6q/gSdLh64fk148X7zkNym/kf4QGTns1fdBxirjq
VvzilVgwY9om7NX2qJDTNYxurZcse1X8VfR0SBO+xuD69NKL0ikd/qdOQgiZIeCn
1RjAg6hD3OUXe4DC32VjnbKA2i7/RU3H+va8/OrkL6jP8FvttI8EzgvtLTMXPXkn
Ikci562S3kmbzCsWvF3LPVortoui96jSz7WkpKhfeRIZ52WTlqtsVtyxLi7rAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUbzATBi5Y65IzdUiVD7nThOnmyh4wHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzgzNDJlMzEzNjMw
MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
LVSgMA0GCSqGSIb3DQEBCwUAA4IBAQArrTJyZ4vT9KgXU/7Qy6mRHcHZ/048RzU8
FshUSZbd4pMe73Dkq9rMtwg3U32ydC0v3VPwYDbQOTLEhv6Pjvx3FmkyI6ZzboyB
aPeBnuobhUrF71Gsq2O6KD1PL7lt2+Yf2ok+YzVGqg53vrXIuoRyWkWa/NwRzzVN
GqO7oQyLwjYcrCBxetLTExVPc/ELro243qUrj/RqvOb0pUZ1IeHYXcNrW2BSpVnu
XG2Am9Ujyb5E86wMjQUkO+P+7O/orFvGjEfsOnOMqbAvrUixJQAhrYwdWWCmwFKS
q57mwXR6cbbuwR9aritPmm5+eW37OwmyczjhDEM3FAnN5y+HZaV/
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:23 2025 by rpki-client