Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/uJz4m42Rc7BSCQf_u1w9phJcORM.roa
File: uJz4m42Rc7BSCQf_u1w9phJcORM.roa (raw, json)
Hash identifier: yIxHhMJ1KQOc7UC1ohKKytTIBv4dH9LJvF0d5a4BQPY=
Subject key identifier: B8:9C:F8:9B:8D:91:73:B0:52:09:07:FF:BB:5C:3D:A6:12:5C:39:13
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 019291485DD6A02353C90C69C48AB0DE2FF1
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/uJz4m42Rc7BSCQf_u1w9phJcORM.roa
Signing time: Tue 15 Oct 2024 17:44:51 +0000
ROA not before: Tue 15 Oct 2024 17:44:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30456
IP address blocks: 45.86.156.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:91:48:5d:d6:a0:23:53:c9:0c:69:c4:8a:b0:de:2f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Oct 15 17:44:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b89cf89b8d9173b0520907ffbb5c3da6125c3913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ba:7f:99:ea:fc:fe:21:de:b5:6f:91:08:1f:
c4:03:9e:db:0a:52:d1:a9:96:77:1a:b6:aa:b5:ff:
55:0e:ea:88:b2:b4:9e:c0:36:9b:92:10:79:0b:73:
47:13:55:c4:ad:67:de:3e:9d:58:04:f8:5e:ed:bc:
41:dc:7e:92:9b:38:63:3f:05:10:03:09:82:f7:d5:
4d:a9:7e:e8:d1:a9:80:b0:33:18:81:8b:82:40:3e:
03:a4:ec:7e:91:3a:b3:a9:6f:7d:f6:6b:24:14:3f:
c1:66:cd:58:c8:2d:06:d3:9e:3d:c1:89:6f:da:8c:
2c:20:99:d8:4e:a9:2b:6d:40:b3:de:2e:fd:38:20:
48:dd:9b:12:4b:c6:91:3d:33:7c:3e:08:2a:5a:d6:
9f:01:a3:01:80:19:ae:68:81:3e:6d:30:ac:48:0b:
1d:71:ca:d7:56:ae:23:f9:13:fc:e5:97:b2:92:94:
45:28:07:4b:32:e5:a7:58:4a:83:d6:37:e6:5a:8c:
6c:94:43:08:75:1f:13:e1:5e:b1:3b:3c:0e:31:d9:
fe:59:64:02:83:e0:c3:df:5e:ec:de:4f:8d:c2:91:
71:a7:73:fd:9b:e2:4d:a2:f1:e1:3a:96:2f:aa:62:
dd:47:c7:28:df:38:ae:37:07:3f:70:88:3d:c6:d8:
dd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:9C:F8:9B:8D:91:73:B0:52:09:07:FF:BB:5C:3D:A6:12:5C:39:13
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/uJz4m42Rc7BSCQf_u1w9phJcORM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d1:eb:c0:b5:ec:1f:92:22:ff:88:be:78:36:26:b7:69:7a:
58:f0:73:0f:67:12:6b:59:48:a3:f4:c8:24:68:3f:1c:57:41:
40:e9:79:b9:e0:2b:53:3c:7c:6c:3f:a2:b2:ae:a1:25:a8:8b:
19:f1:5d:40:86:16:a5:41:87:34:ba:80:38:1f:05:be:ec:fb:
e1:53:b6:ea:1c:f9:65:4f:d6:7b:63:b3:67:30:0e:f2:b8:68:
85:71:6b:6b:01:00:de:94:02:38:9f:94:2f:7f:51:cf:6d:b8:
61:c7:da:c1:9b:5f:7a:e1:a8:92:41:2b:a9:7a:ec:ea:8c:db:
e5:7c:04:02:ea:76:09:78:a6:36:30:f6:07:01:43:01:ac:87:
35:c8:16:1e:c6:18:2a:4e:7e:57:88:1d:fd:1c:0b:79:fc:72:
76:50:83:e1:4e:63:04:54:08:40:cc:7a:83:55:8f:d0:f8:3b:
b0:bf:17:37:69:72:ff:43:47:29:30:c0:78:b7:1c:38:7b:83:
3d:21:0c:dc:23:53:51:80:b1:06:2e:17:15:af:9d:dd:ac:45:
c8:13:14:29:37:1f:88:90:b7:84:80:24:4b:0b:14:6a:b7:9c:
6a:44:12:8d:13:1b:7a:8b:1e:49:3f:18:cc:b9:9e:50:81:c1:
be:50:cb:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKRSF3WoCNTyQxpxIqw3i/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQxMDE1MTc0NDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODljZjg5YjhkOTE3M2IwNTIwOTA3ZmZiYjVjM2RhNjEyNWMzOTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Lp/mer8/iHetW+RCB/EA57bClLR
qZZ3Graqtf9VDuqIsrSewDabkhB5C3NHE1XErWfePp1YBPhe7bxB3H6SmzhjPwUQ
AwmC99VNqX7o0amAsDMYgYuCQD4DpOx+kTqzqW999mskFD/BZs1YyC0G0549wYlv
2owsIJnYTqkrbUCz3i79OCBI3ZsSS8aRPTN8PggqWtafAaMBgBmuaIE+bTCsSAsd
ccrXVq4j+RP85ZeykpRFKAdLMuWnWEqD1jfmWoxslEMIdR8T4V6xOzwOMdn+WWQC
g+DD317s3k+NwpFxp3P9m+JNovHhOpYvqmLdR8co3ziuNwc/cIg9xtjdPQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLic+JuNkXOwUgkH/7tcPaYSXDkTMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvdUp6NG00MlJjN0JTQ1FmX3UxdzlwaEpjT1JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVacMA0G
CSqGSIb3DQEBCwUAA4IBAQCj0evAtewfkiL/iL54Nia3aXpY8HMPZxJrWUij9Mgk
aD8cV0FA6Xm54CtTPHxsP6KyrqElqIsZ8V1AhhalQYc0uoA4HwW+7PvhU7bqHPll
T9Z7Y7NnMA7yuGiFcWtrAQDelAI4n5Qvf1HPbbhhx9rBm1964aiSQSupeuzqjNvl
fAQC6nYJeKY2MPYHAUMBrIc1yBYexhgqTn5XiB39HAt5/HJ2UIPhTmMEVAhAzHqD
VY/Q+Duwvxc3aXL/Q0cpMMB4txw4e4M9IQzcI1NRgLEGLhcVr53drEXIExQpNx+I
kLeEgCRLCxRqt5xqRBKNExt6ix5JPxjMuZ5QgcG+UMvO
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:40:09 2025 by rpki-client