Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20383334.roa
File: 34352e382e3231362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: /8HxHWGr+xu9fLewFGTXcQPxFyVN3TAn0/Z7AFh7bMs=
Subject key identifier: A7:A3:17:8C:41:09:FC:B4:CB:AA:F2:FC:90:AB:CE:5B:2C:16:B9:44
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 2ACC7398BB3E8F7CD8C140CE0A43D11FA729CC98
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20383334.roa
Signing time: Sun 13 Apr 2025 11:16:49 +0000
ROA not before: Sun 13 Apr 2025 11:11:49 +0000
ROA not after: Sun 12 Apr 2026 11:16:49 +0000
asID: 834
IP address blocks: 45.8.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:cc:73:98:bb:3e:8f:7c:d8:c1:40:ce:0a:43:d1:1f:a7:29:cc:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 13 11:11:49 2025 GMT
Not After : Apr 12 11:16:49 2026 GMT
Subject: CN=A7A3178C4109FCB4CBAAF2FC90ABCE5B2C16B944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:41:82:b3:eb:08:7f:a5:42:45:7d:1f:e7:87:
d5:02:1a:97:8c:63:95:bd:95:79:41:d2:13:18:93:
7e:52:2d:e2:c2:85:1b:0c:07:ea:5a:24:85:6d:f2:
92:13:8d:f7:11:14:6f:be:03:79:b2:b4:4b:27:77:
28:62:c0:d4:96:f8:df:af:98:49:f5:24:92:b4:b8:
ce:bc:66:ac:dc:34:49:e0:f5:08:e0:f2:e2:3c:03:
16:08:51:13:8c:ff:ac:1d:63:fe:33:b6:8f:15:b8:
ef:c9:7d:23:ed:0f:c7:46:8d:99:23:3f:2c:8b:95:
3f:eb:0e:02:9b:7a:9b:91:3f:c6:27:d4:86:20:36:
6d:90:c8:43:73:09:f1:16:7b:5b:63:bc:54:0f:49:
31:8a:e5:15:a1:67:e5:ea:bb:3f:5b:65:82:d4:1f:
ae:fd:6a:e4:c5:ce:bf:52:86:b6:95:d2:59:bf:bb:
23:ad:2d:52:72:25:6b:e7:db:da:2c:9b:e2:08:94:
b8:ee:ab:f8:da:d7:86:d5:5a:06:d4:cd:1c:34:94:
44:5d:c7:39:ec:45:98:4b:5e:8c:86:46:ed:41:ce:
0d:f7:44:5a:4a:66:9c:18:79:ae:21:14:d2:2a:ba:
e4:df:84:51:e7:d3:df:3f:78:2b:7f:6b:00:06:11:
be:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:A3:17:8C:41:09:FC:B4:CB:AA:F2:FC:90:AB:CE:5B:2C:16:B9:44
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/34352e382e3231362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.216.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:47:a9:8f:1c:77:8d:d5:f8:09:2a:f7:08:8a:2e:89:06:92:
54:ae:8f:2d:2d:9e:23:33:d6:fe:fd:e9:60:22:88:d5:b5:13:
0a:4c:74:ed:a8:d7:e9:f4:f5:bc:0d:1d:2c:c9:91:17:03:56:
c9:73:e1:61:cf:a5:a8:02:7b:df:8d:05:ea:21:dd:04:47:41:
1c:79:9b:dd:27:a7:8a:36:ba:ad:dc:67:3b:02:92:e3:96:ee:
64:7a:82:cf:8c:a9:3b:65:02:7e:24:f6:53:c6:1e:44:b9:87:
f0:b7:77:74:51:db:98:40:5e:20:76:97:a5:50:ef:55:7d:72:
8a:8b:6a:64:9e:b6:5c:d1:80:77:a8:14:72:cf:4a:3f:86:4b:
43:0f:58:c3:bb:35:b8:1a:1e:74:38:9d:24:62:c3:7b:b1:72:
24:6a:bf:93:64:71:7d:8f:90:1c:db:8b:7b:6c:c0:29:a8:a2:
c7:7a:78:a0:01:0f:fb:53:64:62:17:be:0b:7e:7d:f8:46:d2:
a2:ce:33:19:a2:b0:05:28:a0:0f:62:20:98:18:91:7a:22:eb:
a1:f5:39:02:d2:72:ec:0f:14:e9:0a:08:96:37:35:17:f8:a3:
36:aa:64:92:93:58:54:b5:78:4a:79:8b:e5:95:ae:5e:65:09:
4c:ff:44:3b
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUKsxzmLs+j3zYwUDOCkPRH6cpzJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MTMxMTExNDlaFw0yNjA0MTIxMTE2NDlaMDMxMTAvBgNV
BAMTKEE3QTMxNzhDNDEwOUZDQjRDQkFBRjJGQzkwQUJDRTVCMkMxNkI5NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQQYKz6wh/pUJFfR/nh9UCGpeM
Y5W9lXlB0hMYk35SLeLChRsMB+paJIVt8pITjfcRFG++A3mytEsndyhiwNSW+N+v
mEn1JJK0uM68ZqzcNEng9Qjg8uI8AxYIUROM/6wdY/4zto8VuO/JfSPtD8dGjZkj
PyyLlT/rDgKbepuRP8Yn1IYgNm2QyENzCfEWe1tjvFQPSTGK5RWhZ+Xquz9bZYLU
H679auTFzr9ShraV0lm/uyOtLVJyJWvn29osm+IIlLjuq/ja14bVWgbUzRw0lERd
xznsRZhLXoyGRu1Bzg33RFpKZpwYea4hFNIquuTfhFHn098/eCt/awAGEb6ZAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUp6MXjEEJ/LTLqvL8kKvOWywWuUQwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzQzNTJlMzgyZTMyMzEzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC0I2DANBgkq
hkiG9w0BAQsFAAOCAQEAnUepjxx3jdX4CSr3CIouiQaSVK6PLS2eIzPW/v3pYCKI
1bUTCkx07ajX6fT1vA0dLMmRFwNWyXPhYc+lqAJ7340F6iHdBEdBHHmb3Senija6
rdxnOwKS45buZHqCz4ypO2UCfiT2U8YeRLmH8Ld3dFHbmEBeIHaXpVDvVX1yiotq
ZJ62XNGAd6gUcs9KP4ZLQw9Yw7s1uBoedDidJGLDe7FyJGq/k2RxfY+QHNuLe2zA
Kaiix3p4oAEP+1NkYhe+C359+EbSos4zGaKwBSigD2IgmBiReiLrofU5AtJy7A8U
6QoIljc1F/ijNqpkkpNYVLV4SnmL5ZWuXmUJTP9EOw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:23 2025 by rpki-client on console.sobornost.net