Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/MWd_zJCCtky5uU44fppjHNR26hg.roa
File: MWd_zJCCtky5uU44fppjHNR26hg.roa (raw, json)
Hash identifier: Oyiv4lI5Gy71tNRNOQYH2bTYTyT8/iMpyrW+5LZJMbI=
Subject key identifier: 31:67:7F:CC:90:82:B6:4C:B9:B9:4E:38:7E:9A:63:1C:D4:76:EA:18
Certificate issuer: /CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Certificate serial: 0194258F702D4D4F97332453E4D98E289DC4
Authority key identifier: CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/MWd_zJCCtky5uU44fppjHNR26hg.roa
Signing time: Thu 02 Jan 2025 05:49:04 +0000
ROA not before: Thu 02 Jan 2025 05:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41202
IP address blocks: 45.144.40.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:70:2d:4d:4f:97:33:24:53:e4:d9:8e:28:9d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcd73f82c260da87386dcf7be26d5c5445526fa
Validity
Not Before: Jan 2 05:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31677fcc9082b64cb9b94e387e9a631cd476ea18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:42:e9:23:91:b8:04:a4:ea:fd:66:89:c0:c8:
ae:4c:3f:95:e8:71:99:1b:1c:35:3d:ce:0d:16:f6:
45:cc:17:4a:87:ed:19:00:4c:77:f8:59:f1:e8:53:
7e:15:9b:d9:46:ef:f5:c5:04:69:56:b9:01:8f:2a:
32:de:a6:2f:3f:8f:e3:1f:bc:0c:11:87:45:df:fb:
09:e6:06:4d:17:8f:c8:4f:44:7c:9d:82:5c:87:0e:
6a:c4:cc:d2:d3:7c:96:2f:a7:19:b4:39:96:2e:b6:
b7:7f:48:09:f5:78:92:53:47:ba:bf:f8:a9:95:1f:
9c:53:64:9e:06:c9:3a:9f:f0:84:53:08:79:61:6b:
0c:59:d0:a0:da:6c:1f:1d:a7:77:34:d1:3f:85:0e:
38:21:89:12:b7:61:2e:50:93:73:ea:30:72:1c:31:
b3:bd:11:d8:d3:1b:73:0a:b1:48:af:07:5f:c4:f0:
b0:c5:45:7f:8b:c7:86:9d:ee:e8:00:df:b3:9c:cf:
65:74:10:14:ee:a2:0d:91:d4:00:b2:d6:d9:f4:de:
59:d1:2f:84:18:86:aa:28:21:98:0c:a4:66:0b:14:
2d:3d:d1:14:6b:4a:56:6e:af:5f:13:d6:42:b6:da:
5b:04:38:e3:af:03:b0:4e:18:91:0b:74:4c:e0:90:
e7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:67:7F:CC:90:82:B6:4C:B9:B9:4E:38:7E:9A:63:1C:D4:76:EA:18
X509v3 Authority Key Identifier:
keyid:CF:CD:73:F8:2C:26:0D:A8:73:86:DC:F7:BE:26:D5:C5:44:55:26:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z81z-CwmDahzhtz3vibVxURVJvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/MWd_zJCCtky5uU44fppjHNR26hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/40ade0-98da-4aa5-b817-6edc1b225625/1/z81z-CwmDahzhtz3vibVxURVJvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.40.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:94:c8:3f:1c:5c:01:06:64:41:13:6c:6e:49:57:a0:de:28:
24:3f:08:6a:8d:9d:78:3b:2c:6f:21:4c:bf:bf:d9:4b:01:13:
b2:0f:7f:9f:9c:2d:ce:d0:51:a2:06:0d:2d:e9:ff:3f:8c:04:
cf:37:c6:f6:ad:98:21:30:95:2b:11:8a:c6:9c:f7:24:b3:c7:
ed:6c:72:cc:8c:ea:60:70:b7:7e:25:2a:0c:c8:b6:0b:f2:f5:
bf:e5:be:00:af:b1:ab:14:1f:1b:40:e7:c6:7c:55:68:7e:9e:
a2:12:e4:e2:d1:7c:a3:ff:fe:4f:7b:95:d0:e7:12:74:ff:4f:
16:7d:c4:7d:f4:be:f7:96:af:7b:39:c2:17:67:0f:25:53:81:
25:77:20:07:f9:48:65:07:52:17:a7:78:d1:fc:f1:49:f9:52:
1b:65:56:d0:8a:96:93:e2:f2:81:b2:31:42:46:2a:59:4c:77:
c7:ab:ed:46:82:a0:0f:02:c0:b6:98:c0:70:fd:64:c0:59:24:
32:6a:34:fe:23:a1:cf:85:2a:0e:f9:fb:44:3f:0b:af:4b:6c:
04:8e:f5:02:31:76:8b:85:18:96:27:38:85:79:4f:7d:7a:b8:
b6:62:9a:06:3d:67:07:c5:a0:32:a9:91:b1:32:00:fd:f6:e3:
86:85:aa:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlj3AtTU+XMyRT5NmOKJ3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2Q3M2Y4MmMyNjBkYTg3Mzg2ZGNmN2JlMjZkNWM1NDQ1
NTI2ZmEwHhcNMjUwMTAyMDU0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTY3N2ZjYzkwODJiNjRjYjliOTRlMzg3ZTlhNjMxY2Q0NzZlYTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ULpI5G4BKTq/WaJwMiuTD+V6HGZ
Gxw1Pc4NFvZFzBdKh+0ZAEx3+Fnx6FN+FZvZRu/1xQRpVrkBjyoy3qYvP4/jH7wM
EYdF3/sJ5gZNF4/IT0R8nYJchw5qxMzS03yWL6cZtDmWLra3f0gJ9XiSU0e6v/ip
lR+cU2SeBsk6n/CEUwh5YWsMWdCg2mwfHad3NNE/hQ44IYkSt2EuUJNz6jByHDGz
vRHY0xtzCrFIrwdfxPCwxUV/i8eGne7oAN+znM9ldBAU7qINkdQAstbZ9N5Z0S+E
GIaqKCGYDKRmCxQtPdEUa0pWbq9fE9ZCttpbBDjjrwOwThiRC3RM4JDnjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDFnf8yQgrZMublOOH6aYxzUduoYMB8GA1UdIwQY
MBaAFM/Nc/gsJg2oc4bc974m1cVEVSb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTct
NmVkYzFiMjI1NjI1LzEvTVdkX3pKQ0N0a3k1dVU0NGZwcGpITlIyNmhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy80MGFkZTAtOThkYS00YWE1LWI4MTctNmVkYzFiMjI1NjI1
LzEvejgxei1Dd21EYWh6aHR6M3ZpYlZ4VVJWSnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLZAoMA0G
CSqGSIb3DQEBCwUAA4IBAQCblMg/HFwBBmRBE2xuSVeg3igkPwhqjZ14OyxvIUy/
v9lLAROyD3+fnC3O0FGiBg0t6f8/jATPN8b2rZghMJUrEYrGnPcks8ftbHLMjOpg
cLd+JSoMyLYL8vW/5b4Ar7GrFB8bQOfGfFVofp6iEuTi0Xyj//5Pe5XQ5xJ0/08W
fcR99L73lq97OcIXZw8lU4EldyAH+UhlB1IXp3jR/PFJ+VIbZVbQipaT4vKBsjFC
RipZTHfHq+1GgqAPAsC2mMBw/WTAWSQyajT+I6HPhSoO+ftEPwuvS2wEjvUCMXaL
hRiWJziFeU99eri2YpoGPWcHxaAyqZGxMgD99uOGharl
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:37:55 2025 by rpki-client