Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: /LJvJtFE1WKAz5MZ1RynxrQrBlOSVQI4QLa0e2tZT4k=
Subject key identifier: B6:58:EC:0A:CA:3B:B5:09:D1:A5:86:17:B0:15:88:29:D0:C3:6A:52
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7DF56C14AE2B625F5BD6D34836E965A09AE0EA59
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
Signing time: Mon 27 Jan 2025 13:35:19 +0000
ROA not before: Mon 27 Jan 2025 13:30:19 +0000
ROA not after: Mon 26 Jan 2026 13:35:19 +0000
asID: 40676
IP address blocks: 46.202.224.0/24 maxlen: 24
91.124.135.0/24 maxlen: 24
91.124.145.0/24 maxlen: 24
91.124.178.0/24 maxlen: 24
91.124.179.0/24 maxlen: 24
91.124.216.0/24 maxlen: 24
91.124.219.0/24 maxlen: 24
91.124.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f5:6c:14:ae:2b:62:5f:5b:d6:d3:48:36:e9:65:a0:9a:e0:ea:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jan 27 13:30:19 2025 GMT
Not After : Jan 26 13:35:19 2026 GMT
Subject: CN=B658EC0ACA3BB509D1A58617B0158829D0C36A52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:79:e4:15:4d:06:e1:8e:4c:65:d3:7b:11:d1:
31:61:8a:66:5d:ae:d9:63:9e:a8:27:48:4f:35:d3:
a8:ee:32:a2:67:f7:b3:12:44:07:0a:f5:5d:eb:ba:
dc:b1:b5:df:44:25:21:81:9f:5e:c3:dc:0f:47:44:
1f:d2:d3:ad:a9:81:be:93:00:a8:20:a5:2c:4a:bf:
ab:0b:c2:95:d1:a4:d1:26:24:e9:eb:e9:a7:28:64:
f4:5f:d6:f6:6d:23:38:81:99:42:48:8d:eb:a0:e1:
a3:84:7d:c4:4f:ec:56:33:b1:58:cd:d5:9d:52:63:
79:91:6f:43:3e:b3:e5:83:19:f2:14:15:a5:cd:56:
96:1a:b0:b7:49:f7:45:de:ef:8f:60:35:73:17:46:
84:53:63:0c:ae:80:4b:d1:97:ec:5e:4d:e1:96:e1:
f3:4b:78:6a:e4:57:94:37:d6:6d:86:58:13:17:47:
fe:54:c3:93:4b:25:90:aa:f9:05:58:5b:d5:5a:06:
1b:16:10:a4:2a:8e:24:20:b9:04:6b:6a:68:35:bd:
85:31:84:81:d2:0e:2e:2e:88:2f:c3:67:00:d5:67:
20:7c:f7:d3:cb:a0:04:3f:2b:0a:4d:1e:1c:2c:ed:
70:53:a0:1e:46:7c:7f:f0:dd:1a:f9:cb:9b:7c:ce:
e8:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:58:EC:0A:CA:3B:B5:09:D1:A5:86:17:B0:15:88:29:D0:C3:6A:52
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.224.0/24
91.124.135.0/24
91.124.145.0/24
91.124.178.0/23
91.124.216.0/24
91.124.219.0/24
91.124.237.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:8b:84:7f:61:f1:7c:d7:e4:e4:01:2b:0e:8f:11:06:47:a2:
dd:d7:80:cc:3a:37:06:24:09:b6:81:a0:c1:3c:35:ef:2a:3d:
ae:06:2c:c6:ce:07:ff:d0:f3:ed:a9:42:8d:ed:11:d3:43:c4:
a0:12:b8:1c:a8:2e:18:32:ed:94:63:d5:83:c2:a7:e8:3b:53:
cd:e6:1f:f4:6b:06:d4:16:47:12:a6:08:3c:75:78:83:37:5b:
c9:bc:90:32:b3:cb:d5:4e:e0:c9:1a:16:0e:93:f5:44:1e:88:
ad:6a:5b:22:03:41:13:72:d9:38:84:97:de:78:7d:60:cb:6c:
7d:c4:34:02:43:1a:b1:74:32:70:34:0e:5d:e6:a7:66:be:48:
c1:f2:9e:11:e6:aa:e7:29:1d:fc:b3:03:c2:9c:73:30:93:c2:
36:47:9f:c6:a4:41:7b:8b:95:49:b3:a5:7f:58:45:68:ae:2e:
50:0d:e5:18:80:5f:8d:98:b5:fd:be:5f:f1:1a:ce:72:6b:85:
8c:f9:d0:f1:6a:34:30:d0:a7:ce:52:05:aa:70:13:f6:b3:9a:
9d:9a:33:15:bf:df:d0:38:20:67:09:2e:33:27:bc:16:0b:aa:
bd:03:39:91:c5:40:49:08:a6:ad:2f:5f:bf:17:e9:10:48:42:
d4:32:28:7f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUffVsFK4rYl9b1tNINulloJrg6lkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAxMjcxMzMwMTlaFw0yNjAxMjYxMzM1MTlaMDMxMTAvBgNV
BAMTKEI2NThFQzBBQ0EzQkI1MDlEMUE1ODYxN0IwMTU4ODI5RDBDMzZBNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDueeQVTQbhjkxl03sR0TFhimZd
rtljnqgnSE8106juMqJn97MSRAcK9V3rutyxtd9EJSGBn17D3A9HRB/S062pgb6T
AKggpSxKv6sLwpXRpNEmJOnr6acoZPRf1vZtIziBmUJIjeug4aOEfcRP7FYzsVjN
1Z1SY3mRb0M+s+WDGfIUFaXNVpYasLdJ90Xe749gNXMXRoRTYwyugEvRl+xeTeGW
4fNLeGrkV5Q31m2GWBMXR/5Uw5NLJZCq+QVYW9VaBhsWEKQqjiQguQRramg1vYUx
hIHSDi4uiC/DZwDVZyB899PLoAQ/KwpNHhws7XBToB5GfH/w3Rr5y5t8zuh9AgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUtljsCso7tQnRpYYXsBWIKdDDalIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAAuyuAD
BABbfIcDBABbfJEDBAFbfLIDBABbfNgDBABbfNsDBABbfO0wDQYJKoZIhvcNAQEL
BQADggEBAGuLhH9h8XzX5OQBKw6PEQZHot3XgMw6NwYkCbaBoME8Ne8qPa4GLMbO
B//Q8+2pQo3tEdNDxKASuByoLhgy7ZRj1YPCp+g7U83mH/RrBtQWRxKmCDx1eIM3
W8m8kDKzy9VO4MkaFg6T9UQeiK1qWyIDQRNy2TiEl954fWDLbH3ENAJDGrF0MnA0
Dl3mp2a+SMHynhHmqucpHfyzA8KcczCTwjZHn8akQXuLlUmzpX9YRWiuLlAN5RiA
X42Ytf2+X/EaznJrhYz50PFqNDDQp85SBapwE/azmp2aMxW/39A4IGcJLjMnvBYL
qr0DOZHFQEkIpq0vX78X6RBIQtQyKH8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:05 2025 by rpki-client