Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
File: AS40676.roa (raw, json)
Hash identifier: jbDiZ9ntM2Pd0F8tHDBRxwn4OvFCKSrfOHRePOr1S/s=
Subject key identifier: 24:54:E6:8D:EF:02:D4:D3:85:F6:83:12:2E:FD:53:24:07:BB:C7:2D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 252ABE1F1E47DD8FA29E85690233425FBA232FF5
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
Signing time: Tue 07 Jan 2025 10:50:41 +0000
ROA not before: Tue 07 Jan 2025 10:45:41 +0000
ROA not after: Tue 06 Jan 2026 10:50:41 +0000
asID: 40676
IP address blocks: 96.62.243.0/24 maxlen: 24
145.223.52.0/24 maxlen: 24
145.223.56.0/24 maxlen: 24
146.103.44.0/24 maxlen: 24
146.103.55.0/24 maxlen: 24
146.103.59.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:2a:be:1f:1e:47:dd:8f:a2:9e:85:69:02:33:42:5f:ba:23:2f:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jan 7 10:45:41 2025 GMT
Not After : Jan 6 10:50:41 2026 GMT
Subject: CN=2454E68DEF02D4D385F683122EFD532407BBC72D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:e0:9e:85:6c:99:ba:1e:9e:73:54:19:47:
6f:d2:e0:d0:af:a8:66:ee:08:1f:a7:d7:ae:19:1e:
e7:60:17:3a:12:f7:59:e6:7b:d3:b1:13:a4:0f:e9:
92:06:98:67:e0:9c:1c:ea:41:18:fc:4f:ca:73:52:
2d:2b:39:e3:e6:be:64:04:46:21:14:2a:3b:8a:93:
5a:56:35:e4:41:05:03:4e:78:9c:ed:ec:18:2f:cf:
74:f4:83:dc:18:ed:a5:4b:87:59:f6:6f:a6:61:6f:
b4:8b:29:f2:9d:14:28:e4:cd:71:bd:ab:40:f2:13:
57:ae:40:21:be:18:6b:79:9c:3a:e5:cc:19:f9:30:
e8:53:2e:78:49:48:0b:3f:f0:5e:b7:58:ce:05:4f:
dd:73:7b:ab:ff:89:c8:8b:4a:e6:62:6c:cd:33:1f:
bd:0c:39:32:f1:03:ee:1e:06:e8:ff:fa:e2:53:9a:
8e:57:e8:a4:2a:c9:d6:9a:69:35:63:5d:1b:db:e8:
e2:65:bc:20:eb:72:36:9a:7f:1c:a1:9f:39:fc:65:
28:b2:85:43:09:d5:09:09:ed:ac:75:ba:cd:36:95:
56:9d:f4:d9:74:b0:c1:9b:f3:b8:4f:3a:e2:05:08:
55:a3:e7:90:f4:a2:a0:f8:9b:f6:7e:b8:2f:f7:81:
3a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:54:E6:8D:EF:02:D4:D3:85:F6:83:12:2E:FD:53:24:07:BB:C7:2D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS40676.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.243.0/24
145.223.52.0/24
145.223.56.0/24
146.103.44.0/24
146.103.55.0/24
146.103.59.0/24
Signature Algorithm: sha256WithRSAEncryption
39:58:9a:a7:29:80:9a:7d:23:79:17:be:4c:76:c2:8d:77:45:
cd:6c:8a:da:04:6d:c9:ec:35:a7:62:f2:04:84:f5:84:da:2f:
0c:0b:1b:c6:d6:65:b6:4d:51:73:0f:58:53:63:59:ac:25:40:
c1:97:55:e1:bc:07:ac:65:4b:4f:8f:bc:c5:9a:d6:4c:cc:94:
67:0d:d0:9f:01:23:19:41:1a:5b:a3:30:c6:ad:2e:79:46:a0:
0f:75:b6:e1:8e:43:75:4e:7c:1c:f9:92:3a:3a:34:8a:f0:52:
01:20:16:48:da:7d:58:47:3d:98:3e:6a:aa:6e:ed:ed:a2:73:
3d:d5:90:0c:ff:71:6c:89:f0:d0:86:cd:10:7b:13:4d:f0:3b:
e2:8a:9d:49:60:9d:0c:96:32:43:f4:be:ab:eb:71:ad:ae:73:
19:bd:de:d5:60:e6:29:84:5e:c6:23:08:18:60:b3:c5:23:c1:
fb:01:91:04:67:aa:b6:2d:7a:10:9e:fa:be:16:76:73:0a:ab:
a8:13:4a:3b:41:c6:bb:f0:85:3e:58:25:3c:48:2a:2c:91:3c:
fe:48:3d:2c:85:8d:37:44:2f:6d:7b:01:72:fa:e4:30:ed:37:
fe:92:57:b4:27:21:bb:55:a9:a2:75:b3:c2:0a:c3:34:2d:f8:
74:36:f0:09
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIUJSq+Hx5H3Y+inoVpAjNCX7ojL/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAxMDcxMDQ1NDFaFw0yNjAxMDYxMDUwNDFaMDMxMTAvBgNV
BAMTKDI0NTRFNjhERUYwMkQ0RDM4NUY2ODMxMjJFRkQ1MzI0MDdCQkM3MkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe2+CehWyZuh6ec1QZR2/S4NCv
qGbuCB+n164ZHudgFzoS91nme9OxE6QP6ZIGmGfgnBzqQRj8T8pzUi0rOePmvmQE
RiEUKjuKk1pWNeRBBQNOeJzt7Bgvz3T0g9wY7aVLh1n2b6Zhb7SLKfKdFCjkzXG9
q0DyE1euQCG+GGt5nDrlzBn5MOhTLnhJSAs/8F63WM4FT91ze6v/iciLSuZibM0z
H70MOTLxA+4eBuj/+uJTmo5X6KQqydaaaTVjXRvb6OJlvCDrcjaafxyhnzn8ZSiy
hUMJ1QkJ7ax1us02lVad9Nl0sMGb87hPOuIFCFWj55D0oqD4m/Z+uC/3gTqVAgMB
AAGjggInMIICIzAdBgNVHQ4EFgQUJFTmje8C1NOF9oMSLv1TJAe7xy0wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABgPvMD
BACR3zQDBACR3zgDBACSZywDBACSZzcDBACSZzswDQYJKoZIhvcNAQELBQADggEB
ADlYmqcpgJp9I3kXvkx2wo13Rc1sitoEbcnsNadi8gSE9YTaLwwLG8bWZbZNUXMP
WFNjWawlQMGXVeG8B6xlS0+PvMWa1kzMlGcN0J8BIxlBGlujMMatLnlGoA91tuGO
Q3VOfBz5kjo6NIrwUgEgFkjafVhHPZg+aqpu7e2icz3VkAz/cWyJ8NCGzRB7E03w
O+KKnUlgnQyWMkP0vqvrca2ucxm93tVg5imEXsYjCBhgs8UjwfsBkQRnqrYtehCe
+r4WdnMKq6gTSjtBxrvwhT5YJTxIKiyRPP5IPSyFjTdEL217AXL65DDtN/6SV7Qn
IbtVqaJ1s8IKwzQt+HQ28Ak=
-----END CERTIFICATE-----
Generated at Fri Apr 25 23:17:04 2025 by rpki-client