Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/CANBUB1YKbCmA7ScoDWaXGtX2uc.roa
File: CANBUB1YKbCmA7ScoDWaXGtX2uc.roa (raw, json)
Hash identifier: aie8Fma/xfSFGEQSDW4nRAqWZZILRzEAkJDRNa0r8qI=
Subject key identifier: 08:03:41:50:1D:58:29:B0:A6:03:B4:9C:A0:35:9A:5C:6B:57:DA:E7
Certificate issuer: /CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Certificate serial: 019422FB81AF5835B0DFAB727B4520A31AD1
Authority key identifier: D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/CANBUB1YKbCmA7ScoDWaXGtX2uc.roa
Signing time: Wed 01 Jan 2025 17:48:15 +0000
ROA not before: Wed 01 Jan 2025 17:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41071
IP address blocks: 185.88.116.0/22 maxlen: 22
185.88.116.0/23 maxlen: 23
185.88.118.0/23 maxlen: 23
2a05:ca40::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:81:af:58:35:b0:df:ab:72:7b:45:20:a3:1a:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d05a85c45bf53c3d88a76695aafebbd4aa77bbc1
Validity
Not Before: Jan 1 17:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=080341501d5829b0a603b49ca0359a5c6b57dae7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:17:4a:65:cd:82:8c:f5:01:50:02:1c:f5:8c:
42:82:9f:73:1b:3b:dd:22:99:f4:3a:19:ca:fd:ad:
14:3d:ef:3b:da:e0:e1:ce:22:52:ad:d6:bc:b2:d4:
ac:f6:81:fe:dd:16:60:4b:86:f5:01:4e:d2:4a:c5:
8e:f6:57:d5:05:22:f0:4f:a2:e2:a7:83:e1:e0:ea:
e5:b0:23:f3:39:0a:ce:d7:e9:03:e9:89:6c:1e:31:
a2:4d:8e:93:88:5c:4a:7f:22:d0:19:9f:ff:b9:af:
41:46:8b:80:a6:c4:a4:e4:62:b1:31:61:af:c3:69:
ef:c6:df:22:09:ae:d8:15:59:94:2e:b1:a4:52:af:
da:90:f1:05:fc:14:f5:94:b6:f5:55:de:f0:9a:15:
5c:5a:db:4c:58:6b:07:44:f4:f6:85:4f:11:a8:94:
36:0d:94:02:69:9b:b6:4d:b7:31:7d:b9:6a:b8:7f:
4e:c2:70:18:00:fd:a3:11:42:97:53:6a:ba:f5:1f:
27:a0:3b:46:95:43:1a:b4:c7:b8:8a:b2:dd:f6:69:
60:74:ef:4e:bb:7c:63:4c:1a:f1:f0:27:d6:38:88:
ab:85:ef:75:94:0a:97:cb:25:67:25:0b:18:2b:49:
ed:57:16:91:4a:64:d2:8e:24:e5:2b:c4:1b:3d:01:
00:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:03:41:50:1D:58:29:B0:A6:03:B4:9C:A0:35:9A:5C:6B:57:DA:E7
X509v3 Authority Key Identifier:
keyid:D0:5A:85:C4:5B:F5:3C:3D:88:A7:66:95:AA:FE:BB:D4:AA:77:BB:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0FqFxFv1PD2Ip2aVqv671Kp3u8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/CANBUB1YKbCmA7ScoDWaXGtX2uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/549477-4a82-42bc-839e-4f9840defa1f/1/0FqFxFv1PD2Ip2aVqv671Kp3u8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.116.0/22
IPv6:
2a05:ca40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:3a:f4:fe:bf:54:2e:93:da:31:0c:c6:8c:16:69:b4:73:5d:
7d:71:24:01:ae:e5:c8:94:cb:08:1f:88:3b:50:99:c2:22:75:
67:a9:d2:08:81:d2:77:7f:85:d2:5a:dd:9f:0f:66:a7:49:48:
95:b8:64:ea:0b:43:23:43:6b:f2:6b:40:33:b7:0b:27:88:d1:
f0:e4:fa:77:29:67:97:9a:27:59:7e:d5:a0:de:64:10:14:6b:
ea:44:0e:ae:d9:f4:a9:a5:e1:9e:4e:29:18:a1:36:6d:db:95:
43:e5:54:20:a6:e9:58:c3:67:d6:33:42:75:64:26:d3:29:08:
0e:8b:42:3f:78:a5:ee:49:aa:ea:f5:d5:3d:6a:24:92:5c:ab:
f5:78:d6:09:cc:00:8b:8b:ea:eb:ad:e6:80:42:1a:7d:64:51:
ac:ed:20:bf:c9:1c:ae:6e:37:87:45:2c:a3:45:cd:12:f2:57:
d7:82:26:78:2d:93:66:db:64:d5:24:17:d8:90:55:d7:e4:18:
dc:59:eb:09:61:0d:f0:4e:9c:c9:17:32:ef:aa:fe:a8:66:6a:
60:64:e4:09:95:7d:72:5d:76:29:77:42:45:1f:88:59:83:8d:
a2:54:69:c5:bb:e5:d1:d0:b6:9c:ef:eb:5a:82:84:4d:81:95:
66:41:2a:c5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi+4GvWDWw36tye0UgoxrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNWE4NWM0NWJmNTNjM2Q4OGE3NjY5NWFhZmViYmQ0YWE3
N2JiYzEwHhcNMjUwMTAxMTc0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODAzNDE1MDFkNTgyOWIwYTYwM2I0OWNhMDM1OWE1YzZiNTdkYWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBdKZc2CjPUBUAIc9YxCgp9zGzvd
Ipn0OhnK/a0UPe872uDhziJSrda8stSs9oH+3RZgS4b1AU7SSsWO9lfVBSLwT6Li
p4Ph4OrlsCPzOQrO1+kD6YlsHjGiTY6TiFxKfyLQGZ//ua9BRouApsSk5GKxMWGv
w2nvxt8iCa7YFVmULrGkUq/akPEF/BT1lLb1Vd7wmhVcWttMWGsHRPT2hU8RqJQ2
DZQCaZu2TbcxfblquH9OwnAYAP2jEUKXU2q69R8noDtGlUMatMe4irLd9mlgdO9O
u3xjTBrx8CfWOIirhe91lAqXyyVnJQsYK0ntVxaRSmTSjiTlK8QbPQEA7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAgDQVAdWCmwpgO0nKA1mlxrV9rnMB8GA1UdIwQY
MBaAFNBahcRb9Tw9iKdmlar+u9Sqd7vBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUt
NGY5ODQwZGVmYTFmLzEvQ0FOQlVCMVlLYkNtQTdTY29EV2FYR3RYMnVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS81NDk0NzctNGE4Mi00MmJjLTgzOWUtNGY5ODQwZGVmYTFm
LzEvMEZxRnhGdjFQRDJJcDJhVnF2NjcxS3AzdThFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVh0MA0E
AgACMAcDBQMqBcpAMA0GCSqGSIb3DQEBCwUAA4IBAQBtOvT+v1Quk9oxDMaMFmm0
c119cSQBruXIlMsIH4g7UJnCInVnqdIIgdJ3f4XSWt2fD2anSUiVuGTqC0MjQ2vy
a0AztwsniNHw5Pp3KWeXmidZftWg3mQQFGvqRA6u2fSppeGeTikYoTZt25VD5VQg
pulYw2fWM0J1ZCbTKQgOi0I/eKXuSarq9dU9aiSSXKv1eNYJzACLi+rrreaAQhp9
ZFGs7SC/yRyubjeHRSyjRc0S8lfXgiZ4LZNm22TVJBfYkFXX5BjcWesJYQ3wTpzJ
FzLvqv6oZmpgZOQJlX1yXXYpd0JFH4hZg42iVGnFu+XR0Lac7+tagoRNgZVmQSrF
-----END CERTIFICATE-----
Generated at Fri Apr 25 04:10:39 2025 by rpki-client