Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133302e3130362e302f32342d3234203d3e20383334.roa
File: 34352e3133302e3130362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: FNCOrp8Pa/QKZuHbiPC/fSTVEpWp9grSe04n4jTbLdI=
Subject key identifier: FD:20:42:11:94:AB:56:3F:D8:E5:E4:FA:6D:E9:E1:2B:D2:2A:7F:03
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 66D170BC3FD78692C29F8B308D27178BCEE11DF4
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133302e3130362e302f32342d3234203d3e20383334.roa
Signing time: Sat 20 Jul 2024 06:04:17 +0000
ROA not before: Sat 20 Jul 2024 05:59:17 +0000
ROA not after: Sat 19 Jul 2025 06:04:17 +0000
asID: 834
IP address blocks: 45.130.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d1:70:bc:3f:d7:86:92:c2:9f:8b:30:8d:27:17:8b:ce:e1:1d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Jul 20 05:59:17 2024 GMT
Not After : Jul 19 06:04:17 2025 GMT
Subject: CN=FD20421194AB563FD8E5E4FA6DE9E12BD22A7F03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:51:8f:d3:59:f2:04:73:b4:01:85:b3:7c:9d:
79:56:79:75:d5:63:a2:1f:8e:a6:d8:f4:d6:59:2a:
74:d3:a0:f2:6a:dd:75:67:23:3a:b8:8f:4c:e2:62:
10:50:8e:8d:18:ce:f1:98:80:e0:8a:f7:cf:31:a9:
6d:99:60:6c:92:30:67:5a:2e:bb:bd:8a:b5:0f:9d:
6e:bb:78:85:d8:33:21:41:08:39:cf:a1:eb:ca:30:
8d:26:40:77:47:8b:4a:f1:f2:7e:02:dd:fe:bc:28:
ec:80:cc:fb:37:26:1f:f1:4f:99:9f:e9:1a:8b:a9:
9a:34:61:d0:bf:11:15:de:69:ee:6e:66:03:25:da:
a0:9a:a9:7d:61:6e:9d:b1:96:44:9a:b7:0b:46:f4:
d6:c9:0f:98:e9:c1:56:97:f2:e6:c4:34:4a:7b:de:
67:52:ed:28:97:07:19:65:bb:fd:72:26:ce:79:f1:
63:a7:b5:c0:65:5b:76:fa:73:de:1c:80:97:d4:96:
23:ad:0c:37:6b:8c:e0:66:cd:79:c5:f9:31:3c:67:
c3:20:86:43:f2:25:b7:b8:03:2b:24:31:b6:1d:68:
02:5f:e2:58:3b:37:9b:30:7d:1b:d8:13:ce:55:80:
1e:16:01:0e:5b:31:da:4a:12:2f:12:30:a7:c2:81:
25:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:20:42:11:94:AB:56:3F:D8:E5:E4:FA:6D:E9:E1:2B:D2:2A:7F:03
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e3133302e3130362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.106.0/24
Signature Algorithm: sha256WithRSAEncryption
97:10:22:6c:f0:47:c4:d7:33:0a:36:0b:59:0e:e2:03:15:93:
5d:b4:6b:7c:2c:bb:c0:96:cc:cc:95:66:92:1a:19:90:e0:02:
b2:a5:fa:1c:f1:f4:b8:e1:3e:7d:3d:d7:8c:c3:bd:da:93:25:
2f:28:d6:86:f3:da:96:58:70:ef:62:72:a5:33:d5:28:2d:e6:
b4:76:ce:70:32:de:df:bc:b1:bc:85:9a:c2:d2:28:a6:b3:d9:
29:9f:48:b4:da:8a:1d:2c:87:9d:4e:65:41:a8:3a:5c:5f:8b:
33:83:18:4b:63:bc:13:06:91:cb:11:ef:1b:77:4e:d9:d7:e9:
63:2d:ba:1a:93:31:90:ac:66:05:56:23:b1:2f:0f:f1:fa:eb:
0f:f8:a7:d8:55:cb:c7:df:28:49:8c:7f:4a:b9:52:da:19:e1:
94:d1:0e:ab:09:12:0b:13:5f:94:18:b1:8a:ef:85:e0:84:cf:
7f:73:15:36:aa:5d:f3:70:52:78:07:41:b5:11:a6:7a:eb:9f:
1d:13:8c:9f:3b:0b:5b:97:36:00:2a:72:f8:6f:3b:3c:29:e6:
7d:7f:c6:85:a1:c0:65:23:f8:00:1b:5a:41:25:44:7c:e6:85:
64:37:42:7d:cb:43:dc:96:22:1f:00:91:27:15:4b:f5:1c:7c:
32:c0:fe:9a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUZtFwvD/XhpLCn4swjScXi87hHfQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA3MjAwNTU5MTdaFw0yNTA3MTkwNjA0MTdaMDMxMTAvBgNV
BAMTKEZEMjA0MjExOTRBQjU2M0ZEOEU1RTRGQTZERTlFMTJCRDIyQTdGMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGUY/TWfIEc7QBhbN8nXlWeXXV
Y6IfjqbY9NZZKnTToPJq3XVnIzq4j0ziYhBQjo0YzvGYgOCK988xqW2ZYGySMGda
Lru9irUPnW67eIXYMyFBCDnPoevKMI0mQHdHi0rx8n4C3f68KOyAzPs3Jh/xT5mf
6RqLqZo0YdC/ERXeae5uZgMl2qCaqX1hbp2xlkSatwtG9NbJD5jpwVaX8ubENEp7
3mdS7SiXBxllu/1yJs558WOntcBlW3b6c94cgJfUliOtDDdrjOBmzXnF+TE8Z8Mg
hkPyJbe4AyskMbYdaAJf4lg7N5swfRvYE85VgB4WAQ5bMdpKEi8SMKfCgSVVAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU/SBCEZSrVj/Y5eT6benhK9IqfwMwHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzEzMzMwMmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtgmow
DQYJKoZIhvcNAQELBQADggEBAJcQImzwR8TXMwo2C1kO4gMVk120a3wsu8CWzMyV
ZpIaGZDgArKl+hzx9LjhPn0914zDvdqTJS8o1obz2pZYcO9icqUz1Sgt5rR2znAy
3t+8sbyFmsLSKKaz2SmfSLTaih0sh51OZUGoOlxfizODGEtjvBMGkcsR7xt3TtnX
6WMtuhqTMZCsZgVWI7EvD/H66w/4p9hVy8ffKEmMf0q5UtoZ4ZTRDqsJEgsTX5QY
sYrvheCEz39zFTaqXfNwUngHQbURpnrrnx0TjJ87C1uXNgAqcvhvOzwp5n1/xoWh
wGUj+AAbWkElRHzmhWQ3Qn3LQ9yWIh8AkScVS/UcfDLA/po=
-----END CERTIFICATE-----
Generated at Fri Mar 14 02:02:54 2025 by rpki-client