Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20383334.roa
File: 34352e38372e3137352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: gqK6qnLvaAFkBAIwtBfRLWDxU7Lri51uHdk6+N38wqQ=
Subject key identifier: 89:CE:4A:30:08:B8:B0:BE:24:DE:D0:E1:99:70:B3:A3:90:B5:E4:33
Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Certificate serial: 7BC4EE822E6DBAB51C5DB964E7B0E83EFA94BF8A
Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20383334.roa
Signing time: Sun 02 Jun 2024 10:07:57 +0000
ROA not before: Sun 02 Jun 2024 10:02:57 +0000
ROA not after: Sun 01 Jun 2025 10:07:57 +0000
asID: 834
IP address blocks: 45.87.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:c4:ee:82:2e:6d:ba:b5:1c:5d:b9:64:e7:b0:e8:3e:fa:94:bf:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91
Validity
Not Before: Jun 2 10:02:57 2024 GMT
Not After : Jun 1 10:07:57 2025 GMT
Subject: CN=89CE4A3008B8B0BE24DED0E19970B3A390B5E433
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:9d:98:ad:fb:d0:c8:a0:33:47:50:7c:40:
86:3b:19:e3:e0:73:2d:a4:89:c5:f7:07:35:55:70:
0d:a4:72:6f:e6:00:70:8a:70:3f:d6:6b:49:f7:a6:
b1:1a:21:e9:96:c2:9a:e4:85:23:b6:64:83:19:cf:
c3:32:b3:9b:bf:80:e0:42:0e:56:32:f2:37:33:b9:
34:c1:a6:6b:e5:4b:ba:2d:9d:07:31:3f:71:3e:13:
c2:5f:9c:21:85:81:4b:67:7f:e4:91:ce:aa:bd:25:
68:26:53:43:73:1d:cb:85:5d:e0:10:30:05:ed:31:
0c:9d:f4:95:a3:3d:d2:ce:39:c3:4e:be:a0:cf:d4:
48:80:4b:71:3b:eb:c5:9b:a2:ec:00:9d:60:d2:f1:
e6:43:30:0d:60:db:bc:0b:0f:98:f9:3c:d8:42:93:
4b:7e:90:fb:81:ad:ff:07:05:b0:1b:56:a3:aa:04:
d2:8a:08:87:71:2e:4e:1c:86:fc:69:68:f6:56:11:
fd:32:10:b9:8a:d0:b4:b6:aa:7a:2e:54:70:3b:3e:
b4:d4:0f:9c:28:71:31:45:60:58:6d:09:20:f8:21:
5a:32:06:70:12:fa:f0:2c:0c:49:66:d0:76:4a:49:
15:db:de:a2:90:b2:45:c4:89:45:2d:2a:12:aa:c9:
b9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CE:4A:30:08:B8:B0:BE:24:DE:D0:E1:99:70:B3:A3:90:B5:E4:33
X509v3 Authority Key Identifier:
keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e38372e3137352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.175.0/24
Signature Algorithm: sha256WithRSAEncryption
50:24:40:93:ab:93:60:8b:85:d0:aa:3d:01:15:a8:e5:ac:5f:
02:b7:9d:e1:8b:95:46:f3:ce:5c:9b:ef:48:81:69:1f:af:d3:
dc:ea:cd:27:fe:91:f0:ff:32:93:34:f0:56:68:f9:32:dd:27:
88:6e:cf:fe:05:57:b8:36:5f:ee:b8:4f:55:55:16:60:ef:5f:
d3:18:b5:74:01:c8:dc:b9:b1:15:6c:2a:b6:36:d3:06:1f:7e:
94:a1:b7:40:bd:a5:02:49:7b:a7:76:dd:ce:61:27:16:8e:57:
e5:f4:85:2a:21:14:ac:5c:f1:4f:51:09:56:62:99:f9:74:7c:
60:f2:24:b4:0a:3f:b7:75:c0:e1:f9:d2:ba:91:b4:52:b7:7f:
58:4b:91:b2:59:43:d5:ba:72:c1:52:63:de:70:0b:3a:03:e2:
1c:bd:10:21:03:c2:11:2b:a7:a9:63:b8:ad:c3:59:bd:8f:15:
2b:8e:2d:c7:1e:9f:5a:ee:e0:2d:98:a3:d3:0d:53:16:d7:0f:
df:70:2f:3e:b7:d5:55:67:ac:3d:d9:96:a3:8c:b8:2c:34:70:
6f:e7:70:14:1c:f5:18:15:1a:62:f9:1d:ba:1c:90:45:db:b2:
6d:89:b5:73:30:b3:7d:21:dd:60:86:88:5c:35:71:d6:d2:44:
64:8d:7a:bf
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUe8Tugi5turUcXblk57DoPvqUv4owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3
OWI1ZmQ5MTAeFw0yNDA2MDIxMDAyNTdaFw0yNTA2MDExMDA3NTdaMDMxMTAvBgNV
BAMTKDg5Q0U0QTMwMDhCOEIwQkUyNERFRDBFMTk5NzBCM0EzOTBCNUU0MzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3U52YrfvQyKAzR1B8QIY7GePg
cy2kicX3BzVVcA2kcm/mAHCKcD/Wa0n3prEaIemWwprkhSO2ZIMZz8Mys5u/gOBC
DlYy8jczuTTBpmvlS7otnQcxP3E+E8JfnCGFgUtnf+SRzqq9JWgmU0NzHcuFXeAQ
MAXtMQyd9JWjPdLOOcNOvqDP1EiAS3E768WbouwAnWDS8eZDMA1g27wLD5j5PNhC
k0t+kPuBrf8HBbAbVqOqBNKKCIdxLk4chvxpaPZWEf0yELmK0LS2qnouVHA7PrTU
D5wocTFFYFhtCSD4IVoyBnAS+vAsDElm0HZKSRXb3qKQskXEiUUtKhKqybmBAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUic5KMAi4sL4k3tDhmXCzo5C15DMwHwYDVR0j
BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5
ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t
MV9aRS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt
ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzgzNzJlMzEzNzM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVevMA0G
CSqGSIb3DQEBCwUAA4IBAQBQJECTq5Ngi4XQqj0BFajlrF8Ct53hi5VG885cm+9I
gWkfr9Pc6s0n/pHw/zKTNPBWaPky3SeIbs/+BVe4Nl/uuE9VVRZg71/TGLV0Acjc
ubEVbCq2NtMGH36UobdAvaUCSXundt3OYScWjlfl9IUqIRSsXPFPUQlWYpn5dHxg
8iS0Cj+3dcDh+dK6kbRSt39YS5GyWUPVunLBUmPecAs6A+IcvRAhA8IRK6epY7it
w1m9jxUrji3HHp9a7uAtmKPTDVMW1w/fcC8+t9VVZ6w92ZajjLgsNHBv53AUHPUY
FRpi+R26HJBF27JtibVzMLN9Id1ghohcNXHW0kRkjXq/
-----END CERTIFICATE-----
Generated at Mon Jun 10 10:07:10 2024 by rpki-client on console.sobornost.net