Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/8ALCem6WNzZicaF6OTNthjeQfck.roa
File: 8ALCem6WNzZicaF6OTNthjeQfck.roa (raw, json)
Hash identifier: YpH6jIe+TynmU/8cQY6b28ehJOsvk8Ov/8Gxgmlkb/M=
Subject key identifier: F0:02:C2:7A:6E:96:37:36:62:71:A1:7A:39:33:6D:86:37:90:7D:C9
Certificate issuer: /CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Certificate serial: 0194258EF2D956C594BEAB6EAF0A3B6BFC83
Authority key identifier: 78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/8ALCem6WNzZicaF6OTNthjeQfck.roa
Signing time: Thu 02 Jan 2025 05:48:32 +0000
ROA not before: Thu 02 Jan 2025 05:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206786
IP address blocks: 45.86.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:f2:d9:56:c5:94:be:ab:6e:af:0a:3b:6b:fc:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=788f5b210f3c3eb42065960e85d061e9d9d63ab8
Validity
Not Before: Jan 2 05:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f002c27a6e9637366271a17a39336d8637907dc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4c:da:3f:6d:9c:65:2c:80:52:61:fe:f9:01:
b4:35:81:3c:61:fd:36:8a:08:7f:fd:95:c0:4c:25:
78:fe:71:5a:30:b2:30:c0:09:4f:79:94:6b:39:fc:
71:ff:18:21:9b:8d:8d:84:a0:95:75:1f:c6:32:2b:
a2:ea:b1:c8:4b:07:7d:23:35:00:f3:5a:fc:4e:19:
20:b2:4b:69:b8:92:30:ee:ba:ac:f8:99:19:1a:f2:
6d:4b:0c:a3:a4:fe:97:8e:08:9c:cf:f7:27:7c:64:
8b:89:63:42:e7:19:d6:8a:eb:a9:a8:7b:ac:2f:15:
af:bb:61:f6:55:15:26:b4:b8:0a:7c:6a:2f:1d:62:
b4:00:d5:96:e1:2f:8a:47:31:54:05:d8:85:3c:0c:
87:a8:8d:70:92:43:0c:6c:28:4c:26:a4:a6:0c:4d:
91:ee:8c:35:72:72:64:41:0d:e5:71:d2:5e:50:5a:
40:fb:7c:c3:09:72:cd:cd:9c:19:73:6d:3e:26:3e:
12:3f:28:59:3a:c9:d0:5b:d2:55:43:83:5f:94:38:
2d:5b:7c:68:07:87:8d:63:62:fd:4c:05:00:3d:a3:
bc:96:b1:36:79:66:ff:27:86:b6:52:a0:ae:76:2f:
10:27:0e:1b:f6:23:78:87:e2:e9:d8:f9:b1:71:df:
9c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:02:C2:7A:6E:96:37:36:62:71:A1:7A:39:33:6D:86:37:90:7D:C9
X509v3 Authority Key Identifier:
keyid:78:8F:5B:21:0F:3C:3E:B4:20:65:96:0E:85:D0:61:E9:D9:D6:3A:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eI9bIQ88PrQgZZYOhdBh6dnWOrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/8ALCem6WNzZicaF6OTNthjeQfck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/e100b5-6f0a-4fe9-befb-c4acb8969c49/1/eI9bIQ88PrQgZZYOhdBh6dnWOrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.34.0/24
Signature Algorithm: sha256WithRSAEncryption
87:c7:37:eb:ca:b7:51:91:58:fb:a6:f8:31:9b:9f:d4:b1:e3:
a2:3c:59:a3:f0:c5:51:4e:cd:1d:81:4f:f3:cb:7b:c7:32:27:
09:ae:16:06:9c:ae:e6:67:c6:8c:eb:5f:bc:ed:77:02:43:b0:
10:9b:12:fb:04:64:c3:a9:bc:0d:8f:d8:b2:3a:e5:96:0f:4c:
b1:cc:aa:1b:a7:c9:b4:08:ce:67:11:9e:2a:f3:8d:f0:90:33:
ed:ee:4c:31:73:bf:08:87:7d:3d:0d:ec:53:33:3f:9f:26:63:
db:72:e7:1e:30:a0:59:6f:ac:93:25:7c:37:3f:2c:94:9e:9c:
ea:50:ee:81:46:bd:49:a9:4e:66:ed:f2:8c:bd:75:60:20:09:
18:98:17:c4:c5:54:6b:22:06:f0:4c:13:95:6e:4c:3b:1b:bc:
f1:c9:58:8b:ff:41:eb:df:a1:de:4d:6d:a7:61:a0:9d:69:99:
01:e7:d6:4a:f5:a6:ad:ac:af:bc:b8:29:e7:aa:b3:0b:7d:f8:
96:dc:7e:f4:8d:49:de:71:ca:31:cf:08:86:d1:25:50:8c:e6:
4a:33:15:d2:5b:59:bd:06:2d:5d:ec:45:c4:65:27:b8:92:fc:
ca:58:2b:5d:4a:eb:c2:3a:a7:f6:d2:e2:68:08:61:d8:b3:e9:
1e:a9:56:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljvLZVsWUvqturwo7a/yDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc4OGY1YjIxMGYzYzNlYjQyMDY1OTYwZTg1ZDA2MWU5ZDlk
NjNhYjgwHhcNMjUwMTAyMDU0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDAyYzI3YTZlOTYzNzM2NjI3MWExN2EzOTMzNmQ4NjM3OTA3ZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkzaP22cZSyAUmH++QG0NYE8Yf02
igh//ZXATCV4/nFaMLIwwAlPeZRrOfxx/xghm42NhKCVdR/GMiui6rHISwd9IzUA
81r8ThkgsktpuJIw7rqs+JkZGvJtSwyjpP6Xjgicz/cnfGSLiWNC5xnWiuupqHus
LxWvu2H2VRUmtLgKfGovHWK0ANWW4S+KRzFUBdiFPAyHqI1wkkMMbChMJqSmDE2R
7ow1cnJkQQ3lcdJeUFpA+3zDCXLNzZwZc20+Jj4SPyhZOsnQW9JVQ4NflDgtW3xo
B4eNY2L9TAUAPaO8lrE2eWb/J4a2UqCudi8QJw4b9iN4h+Lp2Pmxcd+cSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPACwnpuljc2YnGhejkzbYY3kH3JMB8GA1UdIwQY
MBaAFHiPWyEPPD60IGWWDoXQYenZ1jq4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmIt
YzRhY2I4OTY5YzQ5LzEvOEFMQ2VtNldOelppY2FGNk9UTnRoamVRZmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9lMTAwYjUtNmYwYS00ZmU5LWJlZmItYzRhY2I4OTY5YzQ5
LzEvZUk5YklRODhQclFnWlpZT2hkQmg2ZG5XT3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVYiMA0G
CSqGSIb3DQEBCwUAA4IBAQCHxzfryrdRkVj7pvgxm5/UseOiPFmj8MVRTs0dgU/z
y3vHMicJrhYGnK7mZ8aM61+87XcCQ7AQmxL7BGTDqbwNj9iyOuWWD0yxzKobp8m0
CM5nEZ4q843wkDPt7kwxc78Ih309DexTMz+fJmPbcuceMKBZb6yTJXw3PyyUnpzq
UO6BRr1JqU5m7fKMvXVgIAkYmBfExVRrIgbwTBOVbkw7G7zxyViL/0Hr36HeTW2n
YaCdaZkB59ZK9aatrK+8uCnnqrMLffiW3H70jUneccoxzwiG0SVQjOZKMxXSW1m9
Bi1d7EXEZSe4kvzKWCtdSuvCOqf20uJoCGHYs+keqVaA
-----END CERTIFICATE-----
Generated at Fri Apr 25 03:57:19 2025 by rpki-client