Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/ff6ef4-4be4-44be-a225-11c0037aa120/1/v-CnANtktYUETgnTcGoFKli_wcw.roa
File: v-CnANtktYUETgnTcGoFKli_wcw.roa (raw, json)
Hash identifier: mfpCuWsRlE0JHgez66YDaksLYA1ERQG1DGJn1lLJ3ZI=
Subject key identifier: BF:E0:A7:00:DB:64:B5:85:04:4E:09:D3:70:6A:05:2A:58:BF:C1:CC
Certificate issuer: /CN=441a95d11a8ac0eedf855db0107b9a628f27a6b4
Certificate serial: 018571308A55CAFDBA9CD9A64FB8AF550401
Authority key identifier: 44:1A:95:D1:1A:8A:C0:EE:DF:85:5D:B0:10:7B:9A:62:8F:27:A6:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RBqV0RqKwO7fhV2wEHuaYo8nprQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/ff6ef4-4be4-44be-a225-11c0037aa120/1/v-CnANtktYUETgnTcGoFKli_wcw.roa
Signing time: Mon 02 Jan 2023 06:34:44 +0000
ROA not before: Mon 02 Jan 2023 06:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204588
IP address blocks: 185.240.40.0/24 maxlen: 24
185.240.43.0/24 maxlen: 24
185.240.41.0/24 maxlen: 24
185.240.42.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:30:8a:55:ca:fd:ba:9c:d9:a6:4f:b8:af:55:04:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441a95d11a8ac0eedf855db0107b9a628f27a6b4
Validity
Not Before: Jan 2 06:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bfe0a700db64b585044e09d3706a052a58bfc1cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c7:79:7f:5d:f4:7d:9b:29:1d:c0:a9:ed:f3:
9b:b8:93:bc:e1:fa:0c:8b:e5:e9:f7:4b:18:13:c3:
69:7f:3c:7a:b6:cf:a0:46:88:b1:d0:8c:58:b7:11:
44:64:0f:72:79:e0:d9:96:a9:e8:82:f1:fb:e1:a7:
9c:d0:be:a2:ae:c8:0c:63:69:2b:61:8d:06:bf:a0:
53:39:c7:cd:35:80:43:62:b3:c9:9e:e2:3c:5e:92:
18:cf:c8:95:c3:42:63:dc:89:b1:1d:0f:42:89:7b:
79:fe:ed:61:d4:02:69:bf:d8:0f:ee:fe:b5:4d:14:
c5:86:5a:ae:9b:4d:ab:1e:4f:8a:fa:6e:23:d7:19:
a3:7c:33:5c:92:50:05:2d:a6:73:32:4e:d6:aa:e9:
12:3a:bf:bf:2f:e8:ef:fd:4a:a4:c7:e5:67:b7:73:
3e:54:7d:3d:48:06:8b:6b:4b:f4:ad:4b:64:79:ad:
d8:7a:d5:7b:40:26:b1:50:c0:20:a4:c5:93:37:62:
3f:c5:09:45:ec:38:a2:92:cc:ce:8e:e7:04:97:3a:
02:d9:64:b9:16:25:27:89:39:b5:8b:9f:7b:ec:4b:
80:51:5b:77:4b:70:b3:91:f5:52:e0:9a:c2:fc:28:
95:47:3c:9d:eb:61:85:7d:05:13:d5:5b:57:86:7b:
3a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:E0:A7:00:DB:64:B5:85:04:4E:09:D3:70:6A:05:2A:58:BF:C1:CC
X509v3 Authority Key Identifier:
keyid:44:1A:95:D1:1A:8A:C0:EE:DF:85:5D:B0:10:7B:9A:62:8F:27:A6:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RBqV0RqKwO7fhV2wEHuaYo8nprQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ff6ef4-4be4-44be-a225-11c0037aa120/1/v-CnANtktYUETgnTcGoFKli_wcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/ff6ef4-4be4-44be-a225-11c0037aa120/1/RBqV0RqKwO7fhV2wEHuaYo8nprQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.40.0/22
Signature Algorithm: sha256WithRSAEncryption
50:af:80:cc:42:00:18:11:68:45:fe:5e:9e:0b:1e:85:9a:7d:
e6:f3:fe:a6:79:c3:fa:46:9a:36:89:67:da:83:5e:92:b9:e9:
b0:42:8f:21:b7:85:09:6e:73:a9:d8:9e:69:52:63:be:8d:c9:
19:5c:b7:86:58:ec:de:f8:76:11:b2:82:e7:2e:a9:ee:6c:30:
81:48:db:25:43:62:75:03:4b:01:23:3a:01:62:fb:f7:32:f0:
9f:a4:8c:56:a8:a2:4c:c7:9d:c0:bc:ad:c4:f8:f5:3b:9c:2c:
5c:9d:22:50:66:38:d3:c1:0e:13:b1:be:89:5a:5b:8c:6a:19:
52:15:4d:eb:7b:0e:c5:27:39:46:e3:b4:1b:95:46:f8:df:cd:
53:97:54:c1:dd:33:c7:a4:d6:f8:e6:e9:f1:5a:a4:cc:ba:e3:
84:2a:a8:6f:7c:80:95:44:87:85:97:0c:df:43:a9:bf:12:76:
e4:30:f1:95:5c:a0:22:79:34:76:85:2a:23:c9:c1:0c:81:6e:
f7:7f:20:8c:4f:96:0f:2c:3e:02:8f:bb:e3:63:01:6f:f9:95:
37:3c:0a:4a:41:41:f5:17:ba:39:12:6a:41:2b:8b:83:2b:f7:
11:9c:be:58:c4:3b:2d:a0:49:8c:5f:c1:fd:f7:6c:96:0e:73:
be:21:01:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxMIpVyv26nNmmT7ivVQQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWE5NWQxMWE4YWMwZWVkZjg1NWRiMDEwN2I5YTYyOGYy
N2E2YjQwHhcNMjMwMTAyMDYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmUwYTcwMGRiNjRiNTg1MDQ0ZTA5ZDM3MDZhMDUyYTU4YmZjMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsd5f130fZspHcCp7fObuJO84foM
i+Xp90sYE8Npfzx6ts+gRoix0IxYtxFEZA9yeeDZlqnogvH74aec0L6irsgMY2kr
YY0Gv6BTOcfNNYBDYrPJnuI8XpIYz8iVw0Jj3ImxHQ9CiXt5/u1h1AJpv9gP7v61
TRTFhlqum02rHk+K+m4j1xmjfDNcklAFLaZzMk7WqukSOr+/L+jv/Uqkx+Vnt3M+
VH09SAaLa0v0rUtkea3YetV7QCaxUMAgpMWTN2I/xQlF7DiikszOjucElzoC2WS5
FiUniTm1i5977EuAUVt3S3CzkfVS4JrC/CiVRzyd62GFfQUT1VtXhns61wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL/gpwDbZLWFBE4J03BqBSpYv8HMMB8GA1UdIwQY
MBaAFEQaldEaisDu34VdsBB7mmKPJ6a0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkJxVjBScUt3TzdmaFYyd0VIdWFZbzhucHJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9mZjZlZjQtNGJlNC00NGJlLWEyMjUt
MTFjMDAzN2FhMTIwLzEvdi1DbkFOdGt0WVVFVGduVGNHb0ZLbGlfd2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9mZjZlZjQtNGJlNC00NGJlLWEyMjUtMTFjMDAzN2FhMTIw
LzEvUkJxVjBScUt3TzdmaFYyd0VIdWFZbzhucHJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufAoMA0G
CSqGSIb3DQEBCwUAA4IBAQBQr4DMQgAYEWhF/l6eCx6Fmn3m8/6mecP6Rpo2iWfa
g16SuemwQo8ht4UJbnOp2J5pUmO+jckZXLeGWOze+HYRsoLnLqnubDCBSNslQ2J1
A0sBIzoBYvv3MvCfpIxWqKJMx53AvK3E+PU7nCxcnSJQZjjTwQ4Tsb6JWluMahlS
FU3rew7FJzlG47QblUb4381Tl1TB3TPHpNb45unxWqTMuuOEKqhvfICVRIeFlwzf
Q6m/EnbkMPGVXKAieTR2hSojycEMgW73fyCMT5YPLD4Cj7vjYwFv+ZU3PApKQUH1
F7o5EmpBK4uDK/cRnL5YxDstoEmMX8H992yWDnO+IQGW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:03 2025 by rpki-client