Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/nwasxCIPFFaQLDFGjgREeCDdEJ0.roa
File: nwasxCIPFFaQLDFGjgREeCDdEJ0.roa (raw, json)
Hash identifier: l3Qci4Ma0ZBc/BJswSuk3N16gUqszJQ2M5qXeNWO8Z8=
Subject key identifier: 9F:06:AC:C4:22:0F:14:56:90:2C:31:46:8E:04:44:78:20:DD:10:9D
Certificate issuer: /CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Certificate serial: 0194221F8E8D366E2E2E46E433107240DF31
Authority key identifier: 73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/nwasxCIPFFaQLDFGjgREeCDdEJ0.roa
Signing time: Wed 01 Jan 2025 13:48:01 +0000
ROA not before: Wed 01 Jan 2025 13:48:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214624
IP address blocks: 185.86.225.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:8e:8d:36:6e:2e:2e:46:e4:33:10:72:40:df:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73975d5da9da8a074b33fbcb5c09d503a3b443a1
Validity
Not Before: Jan 1 13:48:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f06acc4220f1456902c31468e04447820dd109d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8e:f5:dd:bd:04:25:1f:c5:c9:d1:00:5e:0e:
28:c3:c2:4d:bb:76:00:b9:e4:00:af:aa:79:1e:3b:
50:31:60:56:83:2a:81:49:3f:73:76:c6:6f:b8:7e:
11:f2:33:8c:e2:af:94:d1:aa:26:1f:3d:52:4e:dc:
0b:85:e9:95:da:5a:c7:4d:32:32:27:21:a4:17:02:
0d:32:0f:dc:06:a9:37:ae:f7:4a:b5:2e:06:02:0a:
67:9f:14:8a:f4:e7:c1:69:83:ac:19:2a:12:fb:1d:
11:24:c2:3c:d5:bf:10:e7:58:14:5e:8b:e9:e8:54:
e9:4a:80:f9:08:b9:5f:00:a7:9e:ee:53:20:a8:30:
01:71:82:e6:9f:99:4e:6d:d1:6a:9c:ae:f3:5c:f0:
c2:a7:db:3b:1c:75:cc:30:97:32:e1:74:f8:de:48:
92:ee:79:23:79:65:09:19:a3:8c:f2:c7:b2:64:40:
14:7c:24:3d:c1:0b:cd:74:00:d8:37:69:32:db:b9:
77:a9:90:51:6f:2c:90:9a:34:db:41:92:e6:31:64:
92:c6:ca:26:68:cf:c9:e1:59:81:1c:31:16:1a:e0:
59:7c:e8:1d:29:2a:74:1e:3b:56:7b:19:d1:e7:b4:
ba:3c:0e:b3:52:d9:a2:82:91:78:2b:35:2f:9d:3d:
6f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:06:AC:C4:22:0F:14:56:90:2C:31:46:8E:04:44:78:20:DD:10:9D
X509v3 Authority Key Identifier:
keyid:73:97:5D:5D:A9:DA:8A:07:4B:33:FB:CB:5C:09:D5:03:A3:B4:43:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5ddXanaigdLM_vLXAnVA6O0Q6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/nwasxCIPFFaQLDFGjgREeCDdEJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/f0172e-69c2-422f-8296-9e80d0d87c2d/1/c5ddXanaigdLM_vLXAnVA6O0Q6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.225.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f0:82:64:cf:5c:ab:c9:79:1f:a6:93:76:75:e6:a8:a0:04:
d4:61:3b:22:38:45:40:a8:ba:7c:b6:88:50:c1:4d:45:25:63:
8e:58:61:57:c8:63:01:9b:8d:37:c2:3c:6b:79:11:f4:cf:2e:
82:50:71:16:c3:f5:07:e6:17:83:ef:4a:21:0d:75:b3:ce:9e:
b5:73:2f:da:6c:f0:d7:88:87:99:22:bf:00:f1:a7:9f:1c:ba:
c0:ae:4a:c0:fe:cb:6d:eb:28:cd:0d:61:f1:00:60:11:76:4f:
e5:a3:62:8a:9f:c6:5f:1e:b1:84:f9:2f:c5:44:c1:a3:75:75:
79:96:f2:8a:f8:c0:ab:87:8a:c6:da:0f:c5:86:31:83:cb:c5:
cd:11:d7:9e:41:d2:06:f9:cd:5c:ae:dd:59:d6:03:71:37:b5:
a5:d5:b9:b6:fa:b1:99:6f:f2:c2:a1:a3:a8:12:e4:36:80:55:
60:f8:56:bf:27:1f:f0:8a:17:7e:ff:cf:27:cd:72:0e:ee:c3:
a9:b4:3f:b8:7b:26:e0:7c:57:7c:e3:31:d3:9e:de:89:ee:b7:
a2:1b:53:9f:ed:91:05:b3:7e:d8:15:a6:bb:6c:ee:5b:92:ba:
8f:42:79:82:00:f6:d5:8f:2f:f6:f6:4c:68:d9:92:df:53:2b:
ed:ec:a5:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH46NNm4uLkbkMxByQN8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOTc1ZDVkYTlkYThhMDc0YjMzZmJjYjVjMDlkNTAzYTNi
NDQzYTEwHhcNMjUwMTAxMTM0ODAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjA2YWNjNDIyMGYxNDU2OTAyYzMxNDY4ZTA0NDQ3ODIwZGQxMDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04713b0EJR/FydEAXg4ow8JNu3YA
ueQAr6p5HjtQMWBWgyqBST9zdsZvuH4R8jOM4q+U0aomHz1STtwLhemV2lrHTTIy
JyGkFwINMg/cBqk3rvdKtS4GAgpnnxSK9OfBaYOsGSoS+x0RJMI81b8Q51gUXovp
6FTpSoD5CLlfAKee7lMgqDABcYLmn5lObdFqnK7zXPDCp9s7HHXMMJcy4XT43kiS
7nkjeWUJGaOM8seyZEAUfCQ9wQvNdADYN2ky27l3qZBRbyyQmjTbQZLmMWSSxsom
aM/J4VmBHDEWGuBZfOgdKSp0HjtWexnR57S6PA6zUtmigpF4KzUvnT1v8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8GrMQiDxRWkCwxRo4ERHgg3RCdMB8GA1UdIwQY
MBaAFHOXXV2p2ooHSzP7y1wJ1QOjtEOhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYt
OWU4MGQwZDg3YzJkLzEvbndhc3hDSVBGRmFRTERGR2pnUkVlQ0RkRUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9mMDE3MmUtNjljMi00MjJmLTgyOTYtOWU4MGQwZDg3YzJk
LzEvYzVkZFhhbmFpZ2RMTV92TFhBblZBNk8wUTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVbhMA0G
CSqGSIb3DQEBCwUAA4IBAQA88IJkz1yryXkfppN2deaooATUYTsiOEVAqLp8tohQ
wU1FJWOOWGFXyGMBm403wjxreRH0zy6CUHEWw/UH5heD70ohDXWzzp61cy/abPDX
iIeZIr8A8aefHLrArkrA/stt6yjNDWHxAGARdk/lo2KKn8ZfHrGE+S/FRMGjdXV5
lvKK+MCrh4rG2g/FhjGDy8XNEdeeQdIG+c1crt1Z1gNxN7Wl1bm2+rGZb/LCoaOo
EuQ2gFVg+Fa/Jx/wihd+/88nzXIO7sOptD+4eybgfFd84zHTnt6J7reiG1Of7ZEF
s37YFaa7bO5bkrqPQnmCAPbVjy/29kxo2ZLfUyvt7KX1
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:16:55 2025 by rpki-client