Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32342d3234203d3e20313336373837.roa
File: 34352e38342e3133362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: boQ3JE285MMzT70DVwc/OYI3SBvEuGHGIO9AncbWxXo=
Subject key identifier: 34:E8:76:11:BD:6F:4F:72:15:4E:4F:51:AB:49:05:C1:A4:26:01:9F
Certificate issuer: /CN=12c2a8354689aec2a74fca14944927621ba27c94
Certificate serial: 4555F47648AFDF41EB84DC6E52C2EAE2A3EC66C0
Authority key identifier: 12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 01 Apr 2024 14:03:23 +0000
ROA not before: Mon 01 Apr 2024 13:58:23 +0000
ROA not after: Mon 31 Mar 2025 14:03:23 +0000
asID: 136787
IP address blocks: 45.84.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:55:f4:76:48:af:df:41:eb:84:dc:6e:52:c2:ea:e2:a3:ec:66:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12c2a8354689aec2a74fca14944927621ba27c94
Validity
Not Before: Apr 1 13:58:23 2024 GMT
Not After : Mar 31 14:03:23 2025 GMT
Subject: CN=34E87611BD6F4F72154E4F51AB4905C1A426019F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:91:ea:94:40:8a:07:0f:4f:35:ca:62:d1:12:
a6:cf:8c:1a:ff:c6:6f:d1:6f:10:e3:59:6e:0c:be:
34:89:42:9b:35:f3:75:26:c3:a8:2e:0b:33:f7:f9:
99:45:35:49:01:b4:16:c0:36:cf:ce:26:90:bc:c8:
0e:5f:24:43:09:6b:02:a4:e5:79:30:2a:88:2d:12:
b0:d9:6b:f0:1a:99:6d:96:f1:fb:10:66:73:07:19:
0e:b2:32:65:4a:8c:82:ea:e5:08:a0:64:01:c3:1e:
42:8e:32:7b:b0:3f:ce:1b:07:e9:41:43:21:95:c0:
12:9d:af:4c:d8:4f:99:91:45:99:f3:d9:22:7c:b2:
cd:65:33:74:3c:0a:5c:bc:ae:19:97:0b:ea:a7:4c:
8d:31:14:6a:d8:b6:fd:f7:e8:48:55:f4:f6:a3:77:
04:4d:19:5b:b0:1d:23:b3:4a:fc:d5:05:0a:49:99:
f7:86:34:37:cb:9a:e2:f0:b1:08:81:a6:eb:33:8d:
88:46:a6:c6:7f:3c:d6:b8:0d:13:f3:48:8d:92:6e:
c8:14:ac:c7:92:48:55:41:00:df:a0:c2:a5:a6:02:
07:d4:21:5b:60:11:01:10:33:4e:65:f1:83:84:22:
5c:f4:36:71:ae:08:ea:be:b6:13:44:82:fc:1a:2a:
d6:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:E8:76:11:BD:6F:4F:72:15:4E:4F:51:AB:49:05:C1:A4:26:01:9F
X509v3 Authority Key Identifier:
keyid:12:C2:A8:35:46:89:AE:C2:A7:4F:CA:14:94:49:27:62:1B:A2:7C:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/12C2A8354689AEC2A74FCA14944927621BA27C94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EsKoNUaJrsKnT8oUlEknYhuifJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/7/34352e38342e3133362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.136.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:7e:79:5f:d3:7a:c1:1e:e8:09:ee:be:f3:95:39:23:88:df:
c1:45:86:df:9d:38:08:d0:cc:77:29:9e:fa:57:01:b0:0b:16:
69:f0:d2:e7:54:bc:fc:78:bd:27:57:b9:69:c2:c2:ed:d5:1f:
4f:5f:6c:81:41:cb:66:28:74:48:28:ae:09:73:8b:db:08:df:
57:b7:32:a7:5f:30:cd:70:57:1f:7a:4a:66:67:72:79:36:cd:
6c:b8:ea:11:2d:75:55:67:c2:57:a0:6b:bb:c2:54:e3:50:9a:
1f:b4:b0:f5:aa:3b:4d:08:c2:eb:bc:76:59:00:f7:6b:ca:8c:
db:01:03:64:47:21:ef:c7:28:09:46:f4:1a:df:2b:33:89:a1:
7f:13:74:52:3e:03:59:31:fc:13:74:71:8a:b1:f9:cb:e7:46:
24:ff:a0:8f:96:e6:f6:82:1c:e0:3d:7f:6e:20:80:50:0e:a6:
34:fe:b0:a5:73:1a:10:f5:08:c0:92:23:6d:a3:b6:51:82:9c:
29:6d:05:c4:d9:dc:b7:37:23:1b:d7:3b:a3:8e:c1:81:5d:be:
9c:e5:58:b3:27:2d:1d:af:8a:b4:35:13:0a:a8:b3:d2:7d:a1:
74:a2:54:d0:cb:46:ff:3b:11:c9:f6:31:5d:a7:07:cf:f8:9a:
15:fa:28:cd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURVX0dkiv30HrhNxuUsLq4qPsZsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTJjMmE4MzU0Njg5YWVjMmE3NGZjYTE0OTQ0OTI3NjIx
YmEyN2M5NDAeFw0yNDA0MDExMzU4MjNaFw0yNTAzMzExNDAzMjNaMDMxMTAvBgNV
BAMTKDM0RTg3NjExQkQ2RjRGNzIxNTRFNEY1MUFCNDkwNUMxQTQyNjAxOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWkeqUQIoHD081ymLREqbPjBr/
xm/RbxDjWW4MvjSJQps183Umw6guCzP3+ZlFNUkBtBbANs/OJpC8yA5fJEMJawKk
5XkwKogtErDZa/AamW2W8fsQZnMHGQ6yMmVKjILq5QigZAHDHkKOMnuwP84bB+lB
QyGVwBKdr0zYT5mRRZnz2SJ8ss1lM3Q8Cly8rhmXC+qnTI0xFGrYtv336EhV9Paj
dwRNGVuwHSOzSvzVBQpJmfeGNDfLmuLwsQiBpuszjYhGpsZ/PNa4DRPzSI2SbsgU
rMeSSFVBAN+gwqWmAgfUIVtgEQEQM05l8YOEIlz0NnGuCOq+thNEgvwaKtYpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNOh2Eb1vT3IVTk9Rq0kFwaQmAZ8wHwYDVR0j
BBgwFoAUEsKoNUaJrsKnT8oUlEknYhuifJQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzcvMTJDMkE4MzU0Njg5QUVDMkE3NEZDQTE0OTQ0OTI3NjIxQkEyN0M5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0VzS29OVWFKcnNLblQ4b1VsRWtuWWh1
aWZKUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzcvMzQzNTJlMzgzNDJlMzEzMzM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
LVSIMA0GCSqGSIb3DQEBCwUAA4IBAQCmfnlf03rBHugJ7r7zlTkjiN/BRYbfnTgI
0Mx3KZ76VwGwCxZp8NLnVLz8eL0nV7lpwsLt1R9PX2yBQctmKHRIKK4Jc4vbCN9X
tzKnXzDNcFcfekpmZ3J5Ns1suOoRLXVVZ8JXoGu7wlTjUJoftLD1qjtNCMLrvHZZ
APdryozbAQNkRyHvxygJRvQa3ysziaF/E3RSPgNZMfwTdHGKsfnL50Yk/6CPlub2
ghzgPX9uIIBQDqY0/rClcxoQ9QjAkiNto7ZRgpwpbQXE2dy3NyMb1zujjsGBXb6c
5VizJy0dr4q0NRMKqLPSfaF0olTQy0b/OxHJ9jFdpwfP+JoV+ijN
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:04:32 2025 by rpki-client