Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d9da42-45d7-464c-9a52-8a1100ccf7cd/1/nwCD9fNvN46eDRzk6EmypbFtjls.roa
File: nwCD9fNvN46eDRzk6EmypbFtjls.roa (raw, json)
Hash identifier: RUxoYuQeZFrOiSg68trlZh3JCJQ3wEIkfsm01D/i8IE=
Subject key identifier: 9F:00:83:F5:F3:6F:37:8E:9E:0D:1C:E4:E8:49:B2:A5:B1:6D:8E:5B
Certificate issuer: /CN=7f6b95455c5f0d8090e3662c691c22690e9a116d
Certificate serial: 018571B0E3042D46EDBADFECF08E6EE36446
Authority key identifier: 7F:6B:95:45:5C:5F:0D:80:90:E3:66:2C:69:1C:22:69:0E:9A:11:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f2uVRVxfDYCQ42YsaRwiaQ6aEW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d9da42-45d7-464c-9a52-8a1100ccf7cd/1/nwCD9fNvN46eDRzk6EmypbFtjls.roa
Signing time: Mon 02 Jan 2023 08:54:55 +0000
ROA not before: Mon 02 Jan 2023 08:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212667
IP address blocks: 185.253.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:e3:04:2d:46:ed:ba:df:ec:f0:8e:6e:e3:64:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f6b95455c5f0d8090e3662c691c22690e9a116d
Validity
Not Before: Jan 2 08:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f0083f5f36f378e9e0d1ce4e849b2a5b16d8e5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:a3:5d:ef:14:88:5f:e2:f5:03:05:6c:b7:
e4:d4:fc:11:c9:cc:ce:6b:c0:f8:82:25:af:cc:a4:
ad:ae:5c:53:e2:36:5e:2d:fc:6a:4d:c4:20:3d:9d:
6a:78:a0:fe:5b:c2:09:9c:d2:a0:28:af:1d:9a:7b:
13:91:18:05:17:39:cf:35:b1:cc:80:b3:88:20:11:
89:d7:c9:52:2b:b7:79:8d:6f:6f:6b:4f:bf:b6:eb:
85:0e:0e:dd:25:93:bb:b5:62:61:9e:ee:42:fc:43:
57:6f:30:9a:6b:98:26:1f:e7:04:32:ab:3e:a5:1d:
b7:bb:28:7e:ff:8c:da:09:6d:8d:f1:02:20:af:a0:
c3:cf:be:cd:8d:c9:63:29:cc:b9:96:90:41:9a:91:
20:c5:b9:d7:7c:19:0e:ed:50:f6:92:a9:3d:02:32:
b8:60:95:05:b5:15:5a:47:9a:dd:85:bb:10:fa:62:
c2:31:72:e4:71:f1:5c:d8:0f:54:45:8c:a8:8a:5c:
71:81:98:c6:35:d3:1c:27:ce:2a:02:b9:62:ea:bd:
ae:6f:78:fd:8e:a6:2d:9e:45:69:db:19:7a:54:b7:
49:0a:c7:4e:49:d4:9c:4e:06:9e:d4:85:1b:ba:84:
57:a7:55:2a:62:c7:d8:d7:94:1a:02:67:bd:0d:a2:
64:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:00:83:F5:F3:6F:37:8E:9E:0D:1C:E4:E8:49:B2:A5:B1:6D:8E:5B
X509v3 Authority Key Identifier:
keyid:7F:6B:95:45:5C:5F:0D:80:90:E3:66:2C:69:1C:22:69:0E:9A:11:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2uVRVxfDYCQ42YsaRwiaQ6aEW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d9da42-45d7-464c-9a52-8a1100ccf7cd/1/nwCD9fNvN46eDRzk6EmypbFtjls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d9da42-45d7-464c-9a52-8a1100ccf7cd/1/f2uVRVxfDYCQ42YsaRwiaQ6aEW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.2.0/24
Signature Algorithm: sha256WithRSAEncryption
19:1c:a8:9f:bb:78:5e:e2:0f:4e:56:0d:e3:e0:7b:99:9c:14:
ae:9e:51:24:95:f6:c4:5a:ad:54:0b:42:e6:c1:cd:52:82:cb:
c7:ec:c5:46:bf:eb:aa:87:a2:2c:ff:80:c8:fd:a2:5e:02:ea:
dc:f3:a4:34:f4:1c:bd:bc:8a:4f:16:35:79:a1:a4:f0:89:c1:
e5:e8:56:f6:09:b7:b3:4c:0c:e6:65:98:37:31:65:b5:24:69:
52:ff:0d:ea:e3:68:79:20:72:c7:f8:bc:57:3a:69:6c:53:c9:
35:02:10:f8:ca:6d:3a:d7:9c:9c:90:b6:95:80:8c:e9:78:df:
14:f5:a0:b3:0d:3a:76:8d:ea:00:ab:86:d2:3c:e4:71:3c:32:
72:e7:0c:97:e0:fd:ba:88:24:b1:17:f9:45:c6:9c:68:2c:d9:
60:60:34:6f:f6:d9:1f:84:42:d9:35:db:64:91:71:e1:36:21:
e9:d4:80:ac:e8:aa:b8:f1:34:fd:4b:d9:7f:e5:da:a2:23:3b:
41:cd:df:21:b3:ca:df:2c:35:8c:e5:72:dc:1a:94:fe:9c:6f:
cd:62:dc:07:31:70:28:83:ee:34:fe:06:4d:da:1f:42:9c:90:
3d:11:33:c3:ca:37:aa:a8:6a:a5:67:f9:f8:4f:01:69:a0:80:
2a:c7:25:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsOMELUbtut/s8I5u42RGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNmI5NTQ1NWM1ZjBkODA5MGUzNjYyYzY5MWMyMjY5MGU5
YTExNmQwHhcNMjMwMTAyMDg1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjAwODNmNWYzNmYzNzhlOWUwZDFjZTRlODQ5YjJhNWIxNmQ4ZTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBejXe8UiF/i9QMFbLfk1PwRyczO
a8D4giWvzKStrlxT4jZeLfxqTcQgPZ1qeKD+W8IJnNKgKK8dmnsTkRgFFznPNbHM
gLOIIBGJ18lSK7d5jW9va0+/tuuFDg7dJZO7tWJhnu5C/ENXbzCaa5gmH+cEMqs+
pR23uyh+/4zaCW2N8QIgr6DDz77NjcljKcy5lpBBmpEgxbnXfBkO7VD2kqk9AjK4
YJUFtRVaR5rdhbsQ+mLCMXLkcfFc2A9URYyoilxxgZjGNdMcJ84qArli6r2ub3j9
jqYtnkVp2xl6VLdJCsdOSdScTgae1IUbuoRXp1UqYsfY15QaAme9DaJkWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8Ag/XzbzeOng0c5OhJsqWxbY5bMB8GA1UdIwQY
MBaAFH9rlUVcXw2AkONmLGkcImkOmhFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjJ1VlJWeGZEWUNRNDJZc2FSd2lhUTZhRVcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kOWRhNDItNDVkNy00NjRjLTlhNTIt
OGExMTAwY2NmN2NkLzEvbndDRDlmTnZONDZlRFJ6azZFbXlwYkZ0amxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kOWRhNDItNDVkNy00NjRjLTlhNTItOGExMTAwY2NmN2Nk
LzEvZjJ1VlJWeGZEWUNRNDJZc2FSd2lhUTZhRVcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf0CMA0G
CSqGSIb3DQEBCwUAA4IBAQAZHKifu3he4g9OVg3j4HuZnBSunlEklfbEWq1UC0Lm
wc1SgsvH7MVGv+uqh6Is/4DI/aJeAurc86Q09By9vIpPFjV5oaTwicHl6Fb2Cbez
TAzmZZg3MWW1JGlS/w3q42h5IHLH+LxXOmlsU8k1AhD4ym0615yckLaVgIzpeN8U
9aCzDTp2jeoAq4bSPORxPDJy5wyX4P26iCSxF/lFxpxoLNlgYDRv9tkfhELZNdtk
kXHhNiHp1ICs6Kq48TT9S9l/5dqiIztBzd8hs8rfLDWM5XLcGpT+nG/NYtwHMXAo
g+40/gZN2h9CnJA9ETPDyjeqqGqlZ/n4TwFpoIAqxyUp
-----END CERTIFICATE-----
Generated at Mon Sep 11 13:51:19 2023 by rpki-client on console-fra.rpki-client.org