Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: fL46VvYA5dW1S83reY8/kU29bGKEWNEkvQ/zBwCleP0=
Subject key identifier: C8:AC:4D:96:7A:B1:D0:F1:11:FA:B4:6B:EE:7A:AC:11:45:27:D9:66
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4604A12E086EE9BA08A3C3137BFA03E4BACA3E2A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
Signing time: Tue 04 Feb 2025 22:47:19 +0000
ROA not before: Tue 04 Feb 2025 22:42:19 +0000
ROA not after: Tue 03 Feb 2026 22:47:19 +0000
asID: 40676
IP address blocks: 82.25.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:04:a1:2e:08:6e:e9:ba:08:a3:c3:13:7b:fa:03:e4:ba:ca:3e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 4 22:42:19 2025 GMT
Not After : Feb 3 22:47:19 2026 GMT
Subject: CN=C8AC4D967AB1D0F111FAB46BEE7AAC114527D966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:2e:1c:2c:2d:2b:45:05:52:65:18:e0:bd:
96:da:e6:e0:91:77:b4:35:29:22:f5:59:ca:bb:2b:
7a:dd:c3:84:28:71:39:0d:b1:eb:aa:71:42:58:d4:
8e:d7:fd:57:49:0f:f6:07:51:21:22:e7:64:41:07:
9c:ed:b1:b2:66:aa:28:00:00:50:b6:92:58:28:c0:
12:66:c6:0e:47:ba:37:e1:32:97:c0:ce:06:55:39:
dd:38:94:d1:2d:2a:1a:85:b0:d7:8c:35:5e:7d:9e:
bc:a7:8d:c9:66:8f:ac:ef:66:ee:a5:f4:16:6b:0f:
5a:52:89:9b:48:ae:c1:05:e9:93:76:b7:40:f1:22:
d5:6d:c0:78:61:a2:85:3f:cc:8a:d9:e9:7c:ad:0e:
e1:b5:ab:6a:29:83:80:43:d1:2f:ec:94:6c:a5:86:
26:74:e0:49:e3:b5:bf:22:00:c2:90:6c:14:76:d1:
e3:44:e3:bb:b5:7d:1b:22:3f:ea:da:af:ac:0e:be:
f8:4d:a5:6f:ef:e5:32:06:41:9f:d2:7c:2a:f9:9d:
0d:a0:34:7a:5a:6f:3e:dd:ac:05:3e:c6:19:2f:65:
f1:f2:33:9d:e2:67:73:f6:4b:77:bc:76:50:69:2c:
f5:2a:9f:47:6e:8f:69:d3:4b:78:af:3e:ea:cc:62:
27:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:AC:4D:96:7A:B1:D0:F1:11:FA:B4:6B:EE:7A:AC:11:45:27:D9:66
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.25.32.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:94:02:27:ce:58:09:71:7b:e6:46:0f:a4:31:f6:b1:12:30:
fc:6b:3f:c2:01:fb:0a:94:92:4a:e2:9b:f1:7d:90:07:c7:96:
cb:ae:72:24:80:ae:13:a3:35:c3:8b:fe:03:f4:2a:fd:b3:cd:
d3:68:4a:a5:58:86:ff:f0:2e:aa:96:aa:b9:25:ad:40:78:9d:
2c:67:fe:18:ad:01:c7:88:50:8c:37:64:32:6d:e7:30:d9:5f:
79:c7:69:64:47:26:27:27:ed:50:eb:7c:4d:7e:04:17:d9:a3:
d0:55:76:77:b1:dd:fa:ad:91:cc:c7:2a:c0:9c:49:9d:f4:2a:
94:6b:bc:2e:c8:9e:9d:17:b0:43:74:f6:c1:75:a6:1f:d6:dc:
06:72:53:ff:01:cf:6a:91:fa:a0:9f:df:a3:64:08:90:0e:80:
2b:51:9d:89:b9:4e:26:f6:b5:31:4a:60:ea:34:87:e0:96:f7:
4b:17:37:63:a4:de:58:74:25:a3:88:4f:e2:df:d7:c6:2d:7d:
00:9c:46:80:9d:9d:dd:e3:d4:20:e4:1d:db:18:d2:06:28:65:
69:37:dc:e3:ba:4e:bc:4e:9c:9a:b8:31:05:14:bc:8e:a1:3b:
d1:3e:6b:48:ef:a9:5d:d3:58:74:df:7e:c1:7a:e2:eb:5b:6c:
50:10:99:83
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIURgShLghu6boIo8MTe/oD5LrKPiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDQyMjQyMTlaFw0yNjAyMDMyMjQ3MTlaMDMxMTAvBgNV
BAMTKEM4QUM0RDk2N0FCMUQwRjExMUZBQjQ2QkVFN0FBQzExNDUyN0Q5NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/uS4cLC0rRQVSZRjgvZba5uCR
d7Q1KSL1Wcq7K3rdw4QocTkNseuqcUJY1I7X/VdJD/YHUSEi52RBB5ztsbJmqigA
AFC2klgowBJmxg5HujfhMpfAzgZVOd04lNEtKhqFsNeMNV59nrynjclmj6zvZu6l
9BZrD1pSiZtIrsEF6ZN2t0DxItVtwHhhooU/zIrZ6XytDuG1q2opg4BD0S/slGyl
hiZ04Enjtb8iAMKQbBR20eNE47u1fRsiP+rar6wOvvhNpW/v5TIGQZ/SfCr5nQ2g
NHpabz7drAU+xhkvZfHyM53iZ3P2S3e8dlBpLPUqn0duj2nTS3ivPurMYicLAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUyKxNlnqx0PER+rRr7nqsEUUn2WYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARSGSAw
DQYJKoZIhvcNAQELBQADggEBAE2UAifOWAlxe+ZGD6Qx9rESMPxrP8IB+wqUkkri
m/F9kAfHlsuuciSArhOjNcOL/gP0Kv2zzdNoSqVYhv/wLqqWqrklrUB4nSxn/hit
AceIUIw3ZDJt5zDZX3nHaWRHJicn7VDrfE1+BBfZo9BVdnex3fqtkczHKsCcSZ30
KpRrvC7Inp0XsEN09sF1ph/W3AZyU/8Bz2qR+qCf36NkCJAOgCtRnYm5Tib2tTFK
YOo0h+CW90sXN2Ok3lh0JaOIT+Lf18YtfQCcRoCdnd3j1CDkHdsY0gYoZWk33OO6
TrxOnJq4MQUUvI6hO9E+a0jvqV3TWHTffsF64utbbFAQmYM=
-----END CERTIFICATE-----
Generated at Sat Apr 12 01:31:22 2025 by rpki-client