Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/PRgXoAwZkCkiYJg9TctLDNDPN1c.roa
File: PRgXoAwZkCkiYJg9TctLDNDPN1c.roa (raw, json)
Hash identifier: PJQ6eErOeYZwguFeHefcnTCZY+UDhTIu8HobmUpRc20=
Subject key identifier: 3D:18:17:A0:0C:19:90:29:22:60:98:3D:4D:CB:4B:0C:D0:CF:37:57
Certificate issuer: /CN=c49aa3226eafac1e77d23e8fcef18900384003c7
Certificate serial: 019421B18446FEDC4C1C4FAA1B6F2FFB1858
Authority key identifier: C4:9A:A3:22:6E:AF:AC:1E:77:D2:3E:8F:CE:F1:89:00:38:40:03:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJqjIm6vrB530j6PzvGJADhAA8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/PRgXoAwZkCkiYJg9TctLDNDPN1c.roa
Signing time: Wed 01 Jan 2025 11:47:49 +0000
ROA not before: Wed 01 Jan 2025 11:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 185.40.16.0/24 maxlen: 24
2a0d:7780::/29 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:84:46:fe:dc:4c:1c:4f:aa:1b:6f:2f:fb:18:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49aa3226eafac1e77d23e8fcef18900384003c7
Validity
Not Before: Jan 1 11:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d1817a00c1990292260983d4dcb4b0cd0cf3757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ac:13:9b:ce:17:2e:4d:9f:22:4c:81:c9:37:
35:4a:72:0b:55:a6:06:60:51:8d:e4:74:93:8e:70:
bc:5f:b9:36:23:ed:48:c7:24:fd:9e:f6:89:84:a0:
d7:c0:6d:af:46:29:6a:f1:b3:34:27:6b:b1:60:72:
76:fa:c7:18:ed:13:f1:1d:89:bf:71:c6:b4:2b:56:
f4:2a:d0:27:86:94:85:ea:53:19:88:b1:b8:77:12:
0a:49:5e:c4:4c:ef:93:5c:c7:0b:0a:3e:5c:11:62:
1e:ea:8c:29:1d:b2:31:f4:4c:c4:b5:4a:6d:9e:15:
88:72:35:54:55:85:b3:78:d5:78:d0:87:84:1d:ca:
41:fe:cf:4e:0d:44:5c:7d:a8:47:ba:c9:b9:6c:61:
c1:fd:83:ab:1f:69:90:f9:32:ae:cd:35:59:ab:32:
74:d2:23:f1:6f:6c:20:38:25:49:1d:be:10:33:69:
fc:b3:a8:f6:df:52:9a:46:32:0b:4d:b5:86:af:09:
6d:48:d5:09:15:3e:2b:73:73:cd:37:d3:45:8c:a8:
59:77:5b:24:e7:1a:b9:cc:9e:5e:03:68:f0:b2:f3:
bb:f4:42:59:4f:2a:fa:bb:1a:8e:48:d6:27:cb:55:
a1:68:5b:d2:72:d9:20:a3:1b:c8:03:bf:38:37:80:
cf:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:18:17:A0:0C:19:90:29:22:60:98:3D:4D:CB:4B:0C:D0:CF:37:57
X509v3 Authority Key Identifier:
keyid:C4:9A:A3:22:6E:AF:AC:1E:77:D2:3E:8F:CE:F1:89:00:38:40:03:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJqjIm6vrB530j6PzvGJADhAA8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/PRgXoAwZkCkiYJg9TctLDNDPN1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/xJqjIm6vrB530j6PzvGJADhAA8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.16.0/24
IPv6:
2a0d:7780::/29
Signature Algorithm: sha256WithRSAEncryption
b1:c8:7c:01:57:fe:77:ce:47:d8:7a:3f:e9:04:2d:13:7c:95:
fa:ba:fd:cc:a5:4a:4d:38:3a:3e:13:9c:f6:0b:69:7c:b2:14:
c3:da:d1:7e:5e:cd:cd:42:0e:e4:dd:c3:2e:01:94:82:8f:26:
95:8b:74:d3:49:ef:56:07:9d:41:55:1e:0b:fd:1c:09:c1:f9:
7a:19:52:ce:c1:c3:13:b2:26:a9:91:4c:8e:1b:23:b8:4a:07:
8a:cd:1c:bd:3d:dc:4a:0e:3c:e8:e7:62:7a:80:01:db:23:f7:
82:e4:ca:9d:1e:7d:65:24:9d:de:09:ec:f9:4b:44:21:da:88:
6f:bd:34:74:79:63:58:4e:d3:9d:bd:52:6f:b8:6e:95:2f:60:
66:64:68:c5:6f:31:9f:8a:d0:36:68:81:19:43:d9:58:22:22:
ab:1c:16:42:ab:f5:fa:d6:9c:5e:f1:b7:8e:19:19:9a:22:ec:
16:d5:0d:0b:4f:7f:67:2b:4a:12:91:e8:b1:45:8a:db:06:f2:
3a:a8:de:56:b5:60:2e:58:a1:8e:5d:30:3d:c4:e7:e3:24:c9:
0c:0d:4f:e2:68:5d:33:25:3f:06:ad:86:8c:43:52:04:02:af:
1a:04:b6:d4:c5:f9:1d:ad:d2:72:2c:df:ff:1e:d1:22:1d:24:
44:5e:59:15
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsYRG/txMHE+qG28v+xhYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWFhMzIyNmVhZmFjMWU3N2QyM2U4ZmNlZjE4OTAwMzg0
MDAzYzcwHhcNMjUwMTAxMTE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE4MTdhMDBjMTk5MDI5MjI2MDk4M2Q0ZGNiNGIwY2QwY2YzNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKwTm84XLk2fIkyByTc1SnILVaYG
YFGN5HSTjnC8X7k2I+1IxyT9nvaJhKDXwG2vRilq8bM0J2uxYHJ2+scY7RPxHYm/
cca0K1b0KtAnhpSF6lMZiLG4dxIKSV7ETO+TXMcLCj5cEWIe6owpHbIx9EzEtUpt
nhWIcjVUVYWzeNV40IeEHcpB/s9ODURcfahHusm5bGHB/YOrH2mQ+TKuzTVZqzJ0
0iPxb2wgOCVJHb4QM2n8s6j231KaRjILTbWGrwltSNUJFT4rc3PNN9NFjKhZd1sk
5xq5zJ5eA2jwsvO79EJZTyr6uxqOSNYny1WhaFvSctkgoxvIA784N4DPeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFD0YF6AMGZApImCYPU3LSwzQzzdXMB8GA1UdIwQY
MBaAFMSaoyJur6wed9I+j87xiQA4QAPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpxakltNnZyQjUzMGo2UHp2R0pBRGhBQThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wOGQwMTgtZTcwOS00N2ZjLTliOWUt
YThmY2FjODZiNjRlLzEvUFJnWG9Bd1prQ2tpWUpnOVRjdExETkRQTjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wOGQwMTgtZTcwOS00N2ZjLTliOWUtYThmY2FjODZiNjRl
LzEveEpxakltNnZyQjUzMGo2UHp2R0pBRGhBQThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuSgQMA0E
AgACMAcDBQMqDXeAMA0GCSqGSIb3DQEBCwUAA4IBAQCxyHwBV/53zkfYej/pBC0T
fJX6uv3MpUpNODo+E5z2C2l8shTD2tF+Xs3NQg7k3cMuAZSCjyaVi3TTSe9WB51B
VR4L/RwJwfl6GVLOwcMTsiapkUyOGyO4SgeKzRy9PdxKDjzo52J6gAHbI/eC5Mqd
Hn1lJJ3eCez5S0Qh2ohvvTR0eWNYTtOdvVJvuG6VL2BmZGjFbzGfitA2aIEZQ9lY
IiKrHBZCq/X61pxe8beOGRmaIuwW1Q0LT39nK0oSkeixRYrbBvI6qN5WtWAuWKGO
XTA9xOfjJMkMDU/iaF0zJT8GrYaMQ1IEAq8aBLbUxfkdrdJyLN//HtEiHSREXlkV
-----END CERTIFICATE-----
Generated at Fri Apr 11 02:29:44 2025 by rpki-client