Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/xxxxWGJQOFXP14bkISKikgBrCz8.roa
File: xxxxWGJQOFXP14bkISKikgBrCz8.roa (raw, json)
Hash identifier: Go/fglYtMrUaXMnReXCKRj4gMjGi3hkRQACC4x5fkOs=
Subject key identifier: C7:1C:71:58:62:50:38:55:CF:D7:86:E4:21:22:A2:92:00:6B:0B:3F
Certificate issuer: /CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Certificate serial: 018CC94E2FA808C80F50F4F764E5AE26CBA9
Authority key identifier: 45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/xxxxWGJQOFXP14bkISKikgBrCz8.roa
Signing time: Tue 02 Jan 2024 08:33:13 +0000
ROA not before: Tue 02 Jan 2024 08:33:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41171
IP address blocks: 185.253.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:2f:a8:08:c8:0f:50:f4:f7:64:e5:ae:26:cb:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454bef73c5a47687b2b5c5276b0dbc070bb9cb50
Validity
Not Before: Jan 2 08:33:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c71c715862503855cfd786e42122a292006b0b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:74:e6:57:4f:49:c1:e5:0e:65:95:fa:f9:a4:
14:13:53:0a:e5:fa:26:8f:26:ab:1b:ad:01:f1:e1:
04:64:f4:41:22:d1:4f:ed:28:aa:69:8d:2a:62:6c:
46:2d:43:51:78:34:d0:db:8f:51:08:76:46:89:01:
e6:ce:ff:db:e9:59:51:66:c7:34:ce:aa:bf:5e:b7:
c6:0e:61:c4:17:b7:bd:52:92:06:ed:20:91:e8:63:
45:a6:9a:e3:18:a1:32:fa:f3:93:00:ba:cb:fb:de:
a5:93:c8:79:05:7f:4a:3e:47:3d:53:4f:bd:48:85:
75:b2:eb:13:7f:15:a2:1b:8e:e2:94:9e:6e:00:15:
7f:50:0b:e1:9b:89:f0:6e:68:6d:08:24:16:30:6f:
f4:8c:83:4c:38:66:83:08:d9:42:ec:e5:62:70:86:
f2:8b:bd:ca:2e:b9:c0:fe:b3:0e:53:59:cc:4f:1c:
b2:65:ed:58:75:39:46:75:73:54:48:b0:83:81:49:
6b:11:1e:b0:be:83:79:2f:1f:43:d3:08:a5:af:25:
94:bf:4a:a5:13:65:3b:8a:ba:13:2f:cb:85:53:44:
04:5e:11:bb:09:21:5e:68:bd:a0:5e:24:9b:58:4e:
31:2b:f8:31:be:0d:a7:04:bd:5e:92:b4:b1:8d:ea:
56:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:1C:71:58:62:50:38:55:CF:D7:86:E4:21:22:A2:92:00:6B:0B:3F
X509v3 Authority Key Identifier:
keyid:45:4B:EF:73:C5:A4:76:87:B2:B5:C5:27:6B:0D:BC:07:0B:B9:CB:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUvvc8WkdoeytcUnaw28Bwu5y1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/xxxxWGJQOFXP14bkISKikgBrCz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c425fd-980a-4646-a162-9c2914ef8753/1/RUvvc8WkdoeytcUnaw28Bwu5y1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.3.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e3:26:6f:0e:6f:ed:bf:19:44:4b:4e:4d:33:fa:6d:a7:5f:
42:f0:fa:b2:2d:82:48:6a:3b:5e:ad:b2:df:ee:de:a6:70:8c:
1b:6e:72:28:0e:51:33:f5:c8:97:86:bb:d5:90:24:c8:a4:53:
a1:58:65:d9:67:b3:26:70:d6:c8:f1:1c:47:1f:80:62:b4:57:
64:71:8b:f7:78:6f:68:13:47:02:85:95:24:51:fb:a2:85:9c:
2c:00:5f:49:ff:20:73:5e:06:d3:92:1b:de:03:48:29:86:fd:
fe:3e:53:b6:59:40:db:49:d0:72:07:ad:a2:ee:0f:a0:29:45:
5d:8c:98:8c:4a:cf:d7:65:e8:2b:f4:3a:56:ee:ec:eb:62:3d:
4f:69:32:ba:c8:96:cb:08:e2:37:06:9f:f6:36:5f:04:a0:5a:
83:6b:ef:a4:c5:7a:b6:ef:77:bd:2c:93:92:49:0c:07:26:43:
38:23:72:85:66:23:96:aa:11:3e:83:23:ee:58:71:a1:f9:2d:
b4:87:8c:f3:c2:31:27:80:19:55:34:40:7e:b3:a3:40:27:da:
ff:2e:b7:3e:ba:5b:67:09:0c:28:1e:aa:75:99:b3:e5:11:69:
ed:86:e4:23:46:ee:62:75:fa:a1:06:5e:17:e5:c4:6b:3f:a0:
f4:95:82:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTi+oCMgPUPT3ZOWuJsupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NGJlZjczYzVhNDc2ODdiMmI1YzUyNzZiMGRiYzA3MGJi
OWNiNTAwHhcNMjQwMTAyMDgzMzEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzFjNzE1ODYyNTAzODU1Y2ZkNzg2ZTQyMTIyYTI5MjAwNmIwYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnTmV09JweUOZZX6+aQUE1MK5fom
jyarG60B8eEEZPRBItFP7SiqaY0qYmxGLUNReDTQ249RCHZGiQHmzv/b6VlRZsc0
zqq/XrfGDmHEF7e9UpIG7SCR6GNFpprjGKEy+vOTALrL+96lk8h5BX9KPkc9U0+9
SIV1susTfxWiG47ilJ5uABV/UAvhm4nwbmhtCCQWMG/0jINMOGaDCNlC7OVicIby
i73KLrnA/rMOU1nMTxyyZe1YdTlGdXNUSLCDgUlrER6wvoN5Lx9D0wilryWUv0ql
E2U7iroTL8uFU0QEXhG7CSFeaL2gXiSbWE4xK/gxvg2nBL1ekrSxjepWjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcccVhiUDhVz9eG5CEiopIAaws/MB8GA1UdIwQY
MBaAFEVL73PFpHaHsrXFJ2sNvAcLuctQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjIt
OWMyOTE0ZWY4NzUzLzEveHh4eFdHSlFPRlhQMTRia0lTS2lrZ0JyQ3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9jNDI1ZmQtOTgwYS00NjQ2LWExNjItOWMyOTE0ZWY4NzUz
LzEvUlV2dmM4V2tkb2V5dGNVbmF3MjhCd3U1eTFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0DMA0G
CSqGSIb3DQEBCwUAA4IBAQBO4yZvDm/tvxlES05NM/ptp19C8PqyLYJIajterbLf
7t6mcIwbbnIoDlEz9ciXhrvVkCTIpFOhWGXZZ7MmcNbI8RxHH4BitFdkcYv3eG9o
E0cChZUkUfuihZwsAF9J/yBzXgbTkhveA0gphv3+PlO2WUDbSdByB62i7g+gKUVd
jJiMSs/XZegr9DpW7uzrYj1PaTK6yJbLCOI3Bp/2Nl8EoFqDa++kxXq273e9LJOS
SQwHJkM4I3KFZiOWqhE+gyPuWHGh+S20h4zzwjEngBlVNEB+s6NAJ9r/Lrc+ultn
CQwoHqp1mbPlEWnthuQjRu5idfqhBl4X5cRrP6D0lYIB
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:19:24 2024 by rpki-client on console-ams.rpki-client.org