Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/JBZwLHOeun9xUsFliq37fa6QYAo.roa
File: JBZwLHOeun9xUsFliq37fa6QYAo.roa (raw, json)
Hash identifier: 8ByuZxbvTl/x0Sjxc//zO5GFMR7JeQh92bNKijR57Vc=
Subject key identifier: 24:16:70:2C:73:9E:BA:7F:71:52:C1:65:8A:AD:FB:7D:AE:90:60:0A
Certificate issuer: /CN=d4d65ca34a968b0d8561ab8776dbb02ddb7c7833
Certificate serial: 0194266BB3C6F3406A504F530D33B1F2DC6E
Authority key identifier: D4:D6:5C:A3:4A:96:8B:0D:85:61:AB:87:76:DB:B0:2D:DB:7C:78:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NZco0qWiw2FYauHdtuwLdt8eDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/JBZwLHOeun9xUsFliq37fa6QYAo.roa
Signing time: Thu 02 Jan 2025 09:49:40 +0000
ROA not before: Thu 02 Jan 2025 09:49:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215790
IP address blocks: 185.238.40.0/22 maxlen: 22
185.238.40.0/24 maxlen: 24
185.238.41.0/24 maxlen: 24
185.238.42.0/24 maxlen: 24
185.238.43.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:b3:c6:f3:40:6a:50:4f:53:0d:33:b1:f2:dc:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d65ca34a968b0d8561ab8776dbb02ddb7c7833
Validity
Not Before: Jan 2 09:49:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2416702c739eba7f7152c1658aadfb7dae90600a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:64:92:e6:78:4d:ba:48:a9:0c:ef:e4:20:8f:
48:0b:aa:b6:6a:94:e0:cc:f5:4c:17:05:44:ed:7a:
46:2d:75:c6:b5:1d:fe:f6:4c:8e:83:f8:33:3a:4b:
0b:b7:35:de:6b:2b:75:6b:43:75:4d:29:5d:6d:61:
74:b2:99:66:53:58:a4:6f:00:2e:15:ff:c5:df:c8:
7f:a4:a6:9e:52:ae:b6:a4:9f:a8:99:31:80:88:18:
61:e1:f6:ff:2b:52:b8:13:2b:2e:3e:19:79:0b:a5:
a5:3e:d0:77:3a:b4:2d:bb:c7:41:7d:bd:cb:00:56:
9e:67:df:f5:db:7d:47:c7:fd:2f:c6:4c:e4:fc:65:
27:ba:b2:29:0d:81:31:86:d7:13:6f:e2:27:b1:e3:
51:05:b3:92:dd:8a:e8:23:29:a9:08:98:1e:9c:23:
6e:bd:b4:37:5e:36:6b:13:6e:0b:ab:8b:88:d8:d5:
bd:db:18:14:5c:e5:c0:7c:82:1b:de:23:33:b0:87:
44:ca:35:23:0a:32:0d:df:ef:44:a5:95:17:01:be:
ee:e6:65:9a:4d:3b:4e:ba:26:44:4c:c1:b9:f3:d4:
b5:7a:7b:64:82:c7:36:c1:2e:b5:70:2f:80:98:4b:
5d:73:0a:0a:6a:3a:4a:54:5d:7e:44:75:37:a1:23:
ef:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:16:70:2C:73:9E:BA:7F:71:52:C1:65:8A:AD:FB:7D:AE:90:60:0A
X509v3 Authority Key Identifier:
keyid:D4:D6:5C:A3:4A:96:8B:0D:85:61:AB:87:76:DB:B0:2D:DB:7C:78:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NZco0qWiw2FYauHdtuwLdt8eDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/JBZwLHOeun9xUsFliq37fa6QYAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/3cc34d-0f32-4a5d-984b-32eff95b39dc/1/1NZco0qWiw2FYauHdtuwLdt8eDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.40.0/22
Signature Algorithm: sha256WithRSAEncryption
40:c9:ad:af:de:39:91:6a:41:38:dd:0c:84:e9:d5:88:0d:1f:
e8:8f:0b:b6:2c:e2:79:51:fd:72:7f:c3:75:fd:8f:12:11:8b:
35:7d:0a:63:fd:1a:10:1f:24:0b:5f:33:43:26:9b:4f:84:d2:
49:c6:af:c7:bc:57:3b:bb:77:36:51:e0:b0:0c:66:c1:6f:cf:
0b:81:f6:86:b9:6f:e3:77:5a:1d:27:ec:57:17:a9:01:71:5f:
fc:f1:1a:34:4a:32:80:6f:d2:5d:4c:97:e0:0b:2a:25:ad:bf:
d3:22:18:f6:09:84:8a:dc:86:0f:05:16:ad:73:bf:d4:f7:43:
84:21:11:13:17:fb:14:b4:06:8a:18:e4:31:9d:e9:99:19:84:
c3:2a:53:f9:e2:ac:d9:11:1f:ed:fb:e5:18:d3:31:99:7b:6e:
10:47:36:4c:87:3c:10:bf:67:c6:60:57:09:e3:ed:7d:56:8a:
29:0f:c6:cd:80:d7:28:39:7c:ae:2b:bd:24:1d:06:e9:9a:71:
4e:89:d9:77:cf:41:1d:82:a9:05:c1:c2:dc:de:cd:93:eb:66:
73:0d:65:68:8f:3c:96:b9:c9:fd:a6:56:a2:de:a0:cc:35:80:
78:6f:51:37:bc:37:85:ed:5a:fe:35:12:06:19:9b:fd:9b:41:
a0:03:5f:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7PG80BqUE9TDTOx8txuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDY1Y2EzNGE5NjhiMGQ4NTYxYWI4Nzc2ZGJiMDJkZGI3
Yzc4MzMwHhcNMjUwMTAyMDk0OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDE2NzAyYzczOWViYTdmNzE1MmMxNjU4YWFkZmI3ZGFlOTA2MDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWSS5nhNukipDO/kII9IC6q2apTg
zPVMFwVE7XpGLXXGtR3+9kyOg/gzOksLtzXeayt1a0N1TSldbWF0splmU1ikbwAu
Ff/F38h/pKaeUq62pJ+omTGAiBhh4fb/K1K4EysuPhl5C6WlPtB3OrQtu8dBfb3L
AFaeZ9/1231Hx/0vxkzk/GUnurIpDYExhtcTb+InseNRBbOS3YroIympCJgenCNu
vbQ3XjZrE24Lq4uI2NW92xgUXOXAfIIb3iMzsIdEyjUjCjIN3+9EpZUXAb7u5mWa
TTtOuiZETMG589S1entkgsc2wS61cC+AmEtdcwoKajpKVF1+RHU3oSPv1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCQWcCxznrp/cVLBZYqt+32ukGAKMB8GA1UdIwQY
MBaAFNTWXKNKlosNhWGrh3bbsC3bfHgzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5aY28wcVdpdzJGWWF1SGR0dXdMZHQ4ZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8zY2MzNGQtMGYzMi00YTVkLTk4NGIt
MzJlZmY5NWIzOWRjLzEvSkJad0xIT2V1bjl4VXNGbGlxMzdmYTZRWUFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8zY2MzNGQtMGYzMi00YTVkLTk4NGItMzJlZmY5NWIzOWRj
LzEvMU5aY28wcVdpdzJGWWF1SGR0dXdMZHQ4ZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4oMA0G
CSqGSIb3DQEBCwUAA4IBAQBAya2v3jmRakE43QyE6dWIDR/ojwu2LOJ5Uf1yf8N1
/Y8SEYs1fQpj/RoQHyQLXzNDJptPhNJJxq/HvFc7u3c2UeCwDGbBb88LgfaGuW/j
d1odJ+xXF6kBcV/88Ro0SjKAb9JdTJfgCyolrb/TIhj2CYSK3IYPBRatc7/U90OE
IRETF/sUtAaKGOQxnemZGYTDKlP54qzZER/t++UY0zGZe24QRzZMhzwQv2fGYFcJ
4+19VoopD8bNgNcoOXyuK70kHQbpmnFOidl3z0EdgqkFwcLc3s2T62ZzDWVojzyW
ucn9plai3qDMNYB4b1E3vDeF7Vr+NRIGGZv9m0GgA18u
-----END CERTIFICATE-----
Generated at Fri Apr 25 09:37:16 2025 by rpki-client