Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/CNKoWKZE8SuZNoh4YaxyoaNrSZk.roa
File: CNKoWKZE8SuZNoh4YaxyoaNrSZk.roa (raw, json)
Hash identifier: XZ7fcxHcRuoOZZ0UNaTUM9CSIHeUUC4/M/LcaLiL3Ms=
Subject key identifier: 08:D2:A8:58:A6:44:F1:2B:99:36:88:78:61:AC:72:A1:A3:6B:49:99
Certificate issuer: /CN=c49aa3226eafac1e77d23e8fcef18900384003c7
Certificate serial: 01963DD4C8C49ACFC238FD0CF9DB5B1353E5
Authority key identifier: C4:9A:A3:22:6E:AF:AC:1E:77:D2:3E:8F:CE:F1:89:00:38:40:03:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xJqjIm6vrB530j6PzvGJADhAA8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/CNKoWKZE8SuZNoh4YaxyoaNrSZk.roa
Signing time: Wed 16 Apr 2025 09:01:17 +0000
ROA not before: Wed 16 Apr 2025 09:01:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59441
IP address blocks: 185.40.16.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:d4:c8:c4:9a:cf:c2:38:fd:0c:f9:db:5b:13:53:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c49aa3226eafac1e77d23e8fcef18900384003c7
Validity
Not Before: Apr 16 09:01:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=08d2a858a644f12b9936887861ac72a1a36b4999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:88:c6:85:86:ca:e3:2e:e7:5b:7c:08:6d:
d5:6a:22:ab:ec:28:04:b8:5d:c1:b2:5d:35:68:a8:
93:ab:e8:14:27:3d:cc:6b:56:00:68:03:63:91:09:
df:54:ee:1f:6c:6c:7c:61:71:63:e6:6a:bf:67:87:
03:39:c3:ca:96:45:34:0b:f0:d5:f3:d1:6d:19:f5:
85:89:50:0d:7b:53:30:6e:37:e0:54:33:af:9e:1d:
0f:b3:e3:91:56:77:fb:4e:17:ca:c7:da:85:1b:1a:
af:5e:81:d2:a1:71:97:7c:9b:88:0c:92:c2:b5:1c:
18:b7:91:f6:ec:f7:6b:48:f0:03:e1:fc:2b:43:5b:
a6:ba:83:13:2a:71:8c:37:79:4a:92:8d:e3:3b:d6:
4c:27:ec:76:93:23:a6:72:24:cc:96:c7:fe:8d:ba:
c1:eb:f9:c3:ca:14:40:15:a2:af:2d:76:da:fb:08:
66:69:af:aa:6e:18:26:db:17:51:30:36:d9:7f:14:
a1:03:9b:40:23:65:b5:31:73:19:a5:c0:29:b8:8a:
12:02:4d:67:68:bc:11:2d:86:f5:a3:4d:39:80:7e:
97:f0:ac:46:60:95:28:02:40:ef:55:65:c1:7c:c1:
d9:fd:19:13:f9:46:78:96:a2:26:55:70:56:b0:bd:
b4:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:D2:A8:58:A6:44:F1:2B:99:36:88:78:61:AC:72:A1:A3:6B:49:99
X509v3 Authority Key Identifier:
keyid:C4:9A:A3:22:6E:AF:AC:1E:77:D2:3E:8F:CE:F1:89:00:38:40:03:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xJqjIm6vrB530j6PzvGJADhAA8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/CNKoWKZE8SuZNoh4YaxyoaNrSZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/08d018-e709-47fc-9b9e-a8fcac86b64e/1/xJqjIm6vrB530j6PzvGJADhAA8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.16.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:4d:10:f6:3e:53:7d:1c:ec:34:96:84:b4:07:df:6d:98:8d:
bf:62:60:41:92:a7:05:4e:3f:37:73:40:45:c0:ef:e3:b8:f3:
f5:98:d9:84:57:2a:fe:54:e8:3d:d0:03:e5:dc:2a:29:4e:4e:
4f:c3:e3:ed:09:62:e1:c5:1a:2d:9e:f9:22:b3:b8:66:6a:5e:
73:65:a6:b5:03:6a:b7:49:32:cb:32:f3:d1:78:b2:37:56:66:
63:dc:01:89:ab:c6:a9:71:b9:3a:87:9c:f6:f6:58:eb:99:a6:
4c:7d:4c:cf:48:8d:31:99:94:3c:50:82:ad:da:1e:97:b6:af:
1d:ec:11:9f:89:26:36:af:c7:b1:bb:34:ce:23:dc:43:b6:09:
8e:49:8c:25:83:1b:c9:d4:f0:c7:53:88:dd:17:b9:20:37:29:
39:65:f9:f8:d8:1b:25:f2:9a:fb:c1:33:9d:c8:8d:98:73:ee:
94:33:7e:8c:bd:60:db:4b:af:28:4e:35:98:d7:76:ea:57:62:
a3:7e:03:0a:6b:f5:56:bd:2c:3e:06:c7:c8:56:ff:fa:8b:6e:
4b:94:10:e0:64:29:78:c0:65:0c:bb:fb:ae:6d:77:c0:c7:9b:
38:fc:a8:7f:8c:0b:21:a8:b0:6a:43:3d:dd:ec:ae:35:68:62:
37:9e:6c:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY91MjEms/COP0M+dtbE1PlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OWFhMzIyNmVhZmFjMWU3N2QyM2U4ZmNlZjE4OTAwMzg0
MDAzYzcwHhcNMjUwNDE2MDkwMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGQyYTg1OGE2NDRmMTJiOTkzNjg4Nzg2MWFjNzJhMWEzNmI0OTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr46IxoWGyuMu51t8CG3VaiKr7CgE
uF3Bsl01aKiTq+gUJz3Ma1YAaANjkQnfVO4fbGx8YXFj5mq/Z4cDOcPKlkU0C/DV
89FtGfWFiVANe1MwbjfgVDOvnh0Ps+ORVnf7ThfKx9qFGxqvXoHSoXGXfJuIDJLC
tRwYt5H27PdrSPAD4fwrQ1umuoMTKnGMN3lKko3jO9ZMJ+x2kyOmciTMlsf+jbrB
6/nDyhRAFaKvLXba+whmaa+qbhgm2xdRMDbZfxShA5tAI2W1MXMZpcApuIoSAk1n
aLwRLYb1o005gH6X8KxGYJUoAkDvVWXBfMHZ/RkT+UZ4lqImVXBWsL20cQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAjSqFimRPErmTaIeGGscqGja0mZMB8GA1UdIwQY
MBaAFMSaoyJur6wed9I+j87xiQA4QAPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEpxakltNnZyQjUzMGo2UHp2R0pBRGhBQThjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wOGQwMTgtZTcwOS00N2ZjLTliOWUt
YThmY2FjODZiNjRlLzEvQ05Lb1dLWkU4U3VaTm9oNFlheHlvYU5yU1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wOGQwMTgtZTcwOS00N2ZjLTliOWUtYThmY2FjODZiNjRl
LzEveEpxakltNnZyQjUzMGo2UHp2R0pBRGhBQThjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSgQMA0G
CSqGSIb3DQEBCwUAA4IBAQCfTRD2PlN9HOw0loS0B99tmI2/YmBBkqcFTj83c0BF
wO/juPP1mNmEVyr+VOg90APl3CopTk5Pw+PtCWLhxRotnvkis7hmal5zZaa1A2q3
STLLMvPReLI3VmZj3AGJq8apcbk6h5z29ljrmaZMfUzPSI0xmZQ8UIKt2h6Xtq8d
7BGfiSY2r8exuzTOI9xDtgmOSYwlgxvJ1PDHU4jdF7kgNyk5Zfn42Bsl8pr7wTOd
yI2Yc+6UM36MvWDbS68oTjWY13bqV2KjfgMKa/VWvSw+BsfIVv/6i25LlBDgZCl4
wGUMu/uubXfAx5s4/Kh/jAshqLBqQz3d7K41aGI3nmw6
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:03:15 2025 by rpki-client