Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
File: 34352e3133322e39392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: MigQVYniNLzwvYZ9s+rg6irFyKk0wJA2I787ADZNOrc=
Subject key identifier: 1E:1C:B3:8E:74:B0:FA:9E:A4:0E:F9:CB:61:99:9D:7C:88:CE:DF:80
Certificate issuer: /CN=0d059f10d18d00052c808eb8069f90d47e30564a
Certificate serial: 25D0886707D3A263B168D0E41D2F41AD0FE2F224
Authority key identifier: 0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
Signing time: Fri 17 Jan 2025 07:44:33 +0000
ROA not before: Fri 17 Jan 2025 07:39:33 +0000
ROA not after: Fri 16 Jan 2026 07:44:33 +0000
asID: 834
IP address blocks: 45.132.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:d0:88:67:07:d3:a2:63:b1:68:d0:e4:1d:2f:41:ad:0f:e2:f2:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d059f10d18d00052c808eb8069f90d47e30564a
Validity
Not Before: Jan 17 07:39:33 2025 GMT
Not After : Jan 16 07:44:33 2026 GMT
Subject: CN=1E1CB38E74B0FA9EA40EF9CB61999D7C88CEDF80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fa:91:83:24:c7:ff:8d:37:ad:2f:39:ff:e1:
a2:31:dc:77:18:1f:29:d9:cf:f1:39:22:a0:64:f0:
ab:b4:b5:6b:2c:39:92:e9:e0:98:f9:ee:4d:78:49:
d4:af:9a:b1:d8:87:07:c9:dd:c4:83:6e:6f:44:ea:
60:db:d6:fc:6a:74:10:c0:69:a2:f9:ff:a4:14:bc:
3b:a7:83:48:04:e0:1a:ca:0b:95:03:68:89:f9:f8:
be:fd:b0:e4:2b:31:c5:f6:df:f3:27:ec:0a:5a:b3:
2d:14:3c:fd:97:9c:d9:1f:34:31:b3:b5:06:b7:0d:
c6:26:c7:97:83:95:f8:1e:2f:35:9c:21:bb:78:c8:
06:6f:63:9e:db:d3:31:38:e5:1b:c0:76:4b:0f:00:
18:75:00:ff:59:24:e1:27:81:c0:a7:f1:3d:c2:94:
b9:6c:7d:3a:71:ae:ff:df:a6:7a:ef:8f:9e:c0:39:
75:b9:09:f8:d6:49:a1:de:9e:9c:c8:0d:9e:f6:2c:
4b:61:32:fd:96:0c:31:5b:5c:d3:ed:aa:f5:04:a5:
f9:82:1b:16:4f:8e:11:de:b4:fc:1c:4f:1b:94:c2:
53:db:53:e0:56:7f:c4:8f:67:98:98:4e:9b:75:2f:
9e:21:68:75:7e:c4:f9:94:99:6f:70:cc:3a:91:68:
b3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:1C:B3:8E:74:B0:FA:9E:A4:0E:F9:CB:61:99:9D:7C:88:CE:DF:80
X509v3 Authority Key Identifier:
keyid:0D:05:9F:10:D1:8D:00:05:2C:80:8E:B8:06:9F:90:D4:7E:30:56:4A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/0D059F10D18D00052C808EB8069F90D47E30564A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQWfENGNAAUsgI64Bp-Q1H4wVko.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/faf16704-2854-4080-9a09-7262326c9e22/1/34352e3133322e39392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.132.99.0/24
Signature Algorithm: sha256WithRSAEncryption
55:a9:e8:25:d1:71:b2:1c:61:f6:71:cb:0d:12:6c:01:b9:62:
f0:64:78:3e:da:4d:65:cc:62:31:bb:28:6a:1e:46:9c:2b:6e:
09:97:1a:01:31:a6:af:fe:df:8c:a0:66:d7:ef:3b:45:6b:c9:
44:e5:05:1c:05:cf:40:a6:80:ab:46:a8:26:15:2f:3c:84:fd:
34:e3:30:50:ae:a5:49:3e:04:35:41:bc:1b:b0:b0:d9:e7:0e:
f3:5f:dd:0a:f2:9b:ef:05:f4:fd:f0:4e:c2:3b:d9:1c:45:77:
56:d1:39:80:a8:e6:43:af:79:37:e5:da:8e:6f:e2:13:25:7f:
af:c2:5f:d2:c8:99:41:a9:46:06:d3:90:db:d0:66:d3:ee:23:
83:dc:80:62:20:06:02:cf:61:11:49:54:45:18:71:a7:57:41:
fa:c3:35:91:b2:3b:c4:57:25:d9:b5:e3:96:c4:f8:f0:7a:e2:
3b:07:15:f4:6e:7e:7f:91:30:3d:2d:84:e5:38:5e:e2:73:22:
78:7c:4a:ca:66:55:a4:66:e2:4f:c7:4c:11:63:c9:cd:ae:d9:
72:a4:d7:df:35:13:25:74:9c:36:67:10:f6:b5:ea:19:30:38:
1a:2d:69:48:d6:1a:30:bb:dd:6a:82:c4:ab:00:00:1d:a0:09:
63:cd:78:84
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUJdCIZwfTomOxaNDkHS9BrQ/i8iQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQwNTlmMTBkMThkMDAwNTJjODA4ZWI4MDY5ZjkwZDQ3
ZTMwNTY0YTAeFw0yNTAxMTcwNzM5MzNaFw0yNjAxMTYwNzQ0MzNaMDMxMTAvBgNV
BAMTKDFFMUNCMzhFNzRCMEZBOUVBNDBFRjlDQjYxOTk5RDdDODhDRURGODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT+pGDJMf/jTetLzn/4aIx3HcY
HynZz/E5IqBk8Ku0tWssOZLp4Jj57k14SdSvmrHYhwfJ3cSDbm9E6mDb1vxqdBDA
aaL5/6QUvDung0gE4BrKC5UDaIn5+L79sOQrMcX23/Mn7Apasy0UPP2XnNkfNDGz
tQa3DcYmx5eDlfgeLzWcIbt4yAZvY57b0zE45RvAdksPABh1AP9ZJOEngcCn8T3C
lLlsfTpxrv/fpnrvj57AOXW5CfjWSaHenpzIDZ72LEthMv2WDDFbXNPtqvUEpfmC
GxZPjhHetPwcTxuUwlPbU+BWf8SPZ5iYTpt1L54haHV+xPmUmW9wzDqRaLO5AgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUHhyzjnSw+p6kDvnLYZmdfIjO34AwHwYDVR0j
BBgwFoAUDQWfENGNAAUsgI64Bp+Q1H4wVkowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQtMjg1NC00MDgwLTlhMDktNzI2MjMyNmM5
ZTIyLzEvMEQwNTlGMTBEMThEMDAwNTJDODA4RUI4MDY5RjkwRDQ3RTMwNTY0QS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RRV2ZFTkdOQUFVc2dJNjRCcC1RMUg0
d1Zrby5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmFmMTY3MDQt
Mjg1NC00MDgwLTlhMDktNzI2MjMyNmM5ZTIyLzEvMzQzNTJlMzEzMzMyMmUzOTM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYRjMA0G
CSqGSIb3DQEBCwUAA4IBAQBVqegl0XGyHGH2ccsNEmwBuWLwZHg+2k1lzGIxuyhq
HkacK24JlxoBMaav/t+MoGbX7ztFa8lE5QUcBc9ApoCrRqgmFS88hP004zBQrqVJ
PgQ1QbwbsLDZ5w7zX90K8pvvBfT98E7CO9kcRXdW0TmAqOZDr3k35dqOb+ITJX+v
wl/SyJlBqUYG05Db0GbT7iOD3IBiIAYCz2ERSVRFGHGnV0H6wzWRsjvEVyXZteOW
xPjweuI7BxX0bn5/kTA9LYTlOF7icyJ4fErKZlWkZuJPx0wRY8nNrtlypNffNRMl
dJw2ZxD2teoZMDgaLWlI1howu91qgsSrAAAdoAljzXiE
-----END CERTIFICATE-----
Generated at Fri Apr 25 06:02:48 2025 by rpki-client