Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36372e302f32342d3234203d3e20323135303236.roa
File: 34352e39352e36372e302f32342d3234203d3e20323135303236.roa (raw, json)
Hash identifier: XaI1YG4317/CbxL8c9BkKUYMr/hv8vjXk610CL/2Os4=
Subject key identifier: 86:00:06:6B:81:E5:63:1D:C5:5D:CE:36:CE:59:2E:41:04:7D:17:7D
Certificate issuer: /CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Certificate serial: 21B2787495D9C66F10AF6D2E090A0D4429811D86
Authority key identifier: 62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36372e302f32342d3234203d3e20323135303236.roa
Signing time: Sat 04 Jan 2025 21:49:12 +0000
ROA not before: Sat 04 Jan 2025 21:44:12 +0000
ROA not after: Sat 03 Jan 2026 21:49:12 +0000
asID: 215026
IP address blocks: 45.95.67.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:b2:78:74:95:d9:c6:6f:10:af:6d:2e:09:0a:0d:44:29:81:1d:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fbd2cc0012fb2f86db40b589bd1ac4e973266d
Validity
Not Before: Jan 4 21:44:12 2025 GMT
Not After : Jan 3 21:49:12 2026 GMT
Subject: CN=8600066B81E5631DC55DCE36CE592E41047D177D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:da:31:53:7f:c7:3b:51:24:74:7c:ed:9b:3d:
e6:96:c5:2b:92:e0:ee:00:74:43:dc:30:e0:c3:6a:
c5:94:e0:2a:31:cc:6a:5b:8d:22:98:79:e1:71:31:
6d:9c:76:ae:1d:33:3b:05:76:84:4b:59:ec:08:45:
b2:8e:43:4c:2b:d8:37:0d:50:a5:4d:be:8d:48:f8:
d3:37:0b:7f:e3:21:48:39:d5:bb:65:1b:b7:d4:80:
6f:67:0d:90:89:0e:0e:20:2b:73:e6:76:48:83:6e:
39:50:32:39:d9:13:ed:20:f5:67:43:32:b5:23:af:
c2:88:93:3e:c8:e1:c8:17:49:9c:9b:ed:c6:73:56:
cc:c1:2f:da:97:5d:95:61:f8:0c:b2:be:3a:4f:f9:
81:fa:8c:db:1a:74:a8:0b:3b:3a:05:18:a1:28:e4:
01:40:95:ca:aa:e0:15:38:8f:37:e2:14:1c:03:ca:
9d:00:9f:26:69:c3:63:46:0e:4f:18:57:cf:11:db:
2c:b5:16:2a:b1:83:dc:51:35:76:e5:48:a1:7c:0b:
7f:5d:56:24:78:c9:27:ac:fa:67:a0:7a:b0:f2:50:
f1:d5:4b:9f:b2:d1:af:a5:87:1f:0e:ff:bd:c1:0e:
26:7c:4e:df:37:a6:ee:b8:28:4d:db:b3:f1:d0:a7:
5c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:00:06:6B:81:E5:63:1D:C5:5D:CE:36:CE:59:2E:41:04:7D:17:7D
X509v3 Authority Key Identifier:
keyid:62:FB:D2:CC:00:12:FB:2F:86:DB:40:B5:89:BD:1A:C4:E9:73:26:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/62FBD2CC0012FB2F86DB40B589BD1AC4E973266D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YvvSzAAS-y-G20C1ib0axOlzJm0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/46b93df0-ac8d-4da8-afb8-dcb7f2888362/0/34352e39352e36372e302f32342d3234203d3e20323135303236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.67.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:01:fb:d4:c2:67:fd:5e:54:fb:17:29:9f:73:59:61:74:fc:
f8:21:04:bd:d4:bf:57:22:83:52:54:22:40:93:50:f0:db:df:
39:78:28:bd:2b:36:c0:ee:94:b0:6f:df:6c:0f:ed:fd:2a:ce:
70:89:1d:85:b6:29:8e:74:cd:09:a0:54:0a:98:b0:7e:a7:7f:
74:7e:45:5d:2b:41:47:94:67:37:13:57:f6:3b:76:0b:fc:34:
99:cd:cd:42:bd:a6:2c:3a:80:0f:e6:37:19:d2:7d:1e:44:85:
67:f4:bd:04:94:94:81:72:8f:fb:58:66:91:7c:89:bd:fa:f2:
23:ec:ae:9c:94:a3:86:d8:ce:f0:2c:ab:c8:66:b0:ae:c5:71:
fb:0d:0a:03:b8:73:d0:69:9a:88:c1:78:44:07:a1:b4:f7:e7:
23:1e:1d:18:f8:cf:d2:eb:32:65:93:46:1a:81:97:29:11:1c:
44:b6:7c:a4:27:3e:0f:ce:1a:8e:2e:25:03:de:b3:ed:ab:b4:
f7:2d:37:2e:07:1e:27:52:34:4e:e3:9c:16:f5:af:17:1d:3e:
cf:9c:1a:a8:e8:02:9d:19:8a:f2:1b:b6:db:15:6c:90:94:7b:
35:e0:b2:2f:b3:50:8d:3a:d9:3c:37:dc:3a:65:f8:92:ce:99:
c7:35:e2:50
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUIbJ4dJXZxm8Qr20uCQoNRCmBHYYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjJmYmQyY2MwMDEyZmIyZjg2ZGI0MGI1ODliZDFhYzRl
OTczMjY2ZDAeFw0yNTAxMDQyMTQ0MTJaFw0yNjAxMDMyMTQ5MTJaMDMxMTAvBgNV
BAMTKDg2MDAwNjZCODFFNTYzMURDNTVEQ0UzNkNFNTkyRTQxMDQ3RDE3N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCd2jFTf8c7USR0fO2bPeaWxSuS
4O4AdEPcMODDasWU4CoxzGpbjSKYeeFxMW2cdq4dMzsFdoRLWewIRbKOQ0wr2DcN
UKVNvo1I+NM3C3/jIUg51btlG7fUgG9nDZCJDg4gK3PmdkiDbjlQMjnZE+0g9WdD
MrUjr8KIkz7I4cgXSZyb7cZzVszBL9qXXZVh+AyyvjpP+YH6jNsadKgLOzoFGKEo
5AFAlcqq4BU4jzfiFBwDyp0AnyZpw2NGDk8YV88R2yy1Fiqxg9xRNXblSKF8C39d
ViR4ySes+megerDyUPHVS5+y0a+lhx8O/73BDiZ8Tt83pu64KE3bs/HQp1yPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUhgAGa4HlYx3FXc42zlkuQQR9F30wHwYDVR0j
BBgwFoAUYvvSzAAS+y+G20C1ib0axOlzJm0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAtYWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4
MzYyLzAvNjJGQkQyQ0MwMDEyRkIyRjg2REI0MEI1ODlCRDFBQzRFOTczMjY2RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1l2dlN6QUFTLXktRzIwQzFpYjBheE9s
ekptMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNDZiOTNkZjAt
YWM4ZC00ZGE4LWFmYjgtZGNiN2YyODg4MzYyLzAvMzQzNTJlMzkzNTJlMzYzNzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNTMwMzIzNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1f
QzANBgkqhkiG9w0BAQsFAAOCAQEAnwH71MJn/V5U+xcpn3NZYXT8+CEEvdS/VyKD
UlQiQJNQ8NvfOXgovSs2wO6UsG/fbA/t/SrOcIkdhbYpjnTNCaBUCpiwfqd/dH5F
XStBR5RnNxNX9jt2C/w0mc3NQr2mLDqAD+Y3GdJ9HkSFZ/S9BJSUgXKP+1hmkXyJ
vfryI+yunJSjhtjO8CyryGawrsVx+w0KA7hz0GmaiMF4RAehtPfnIx4dGPjP0usy
ZZNGGoGXKREcRLZ8pCc+D84aji4lA96z7au09y03LgceJ1I0TuOcFvWvFx0+z5wa
qOgCnRmK8hu22xVskJR7NeCyL7NQjTrZPDfcOmX4ks6ZxzXiUA==
-----END CERTIFICATE-----
Generated at Fri Apr 25 00:13:40 2025 by rpki-client