Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/004b27-9e70-4466-8a32-a330c7640682/1/ndreWYkGqHCn3YWOFametG0yqmo.roa
File: ndreWYkGqHCn3YWOFametG0yqmo.roa (raw, json)
Hash identifier: vpBj7eiA9+9P6f5VcaL3zN8/baWXU76M1Dkj/qxmxnA=
Subject key identifier: 9D:DA:DE:59:89:06:A8:70:A7:DD:85:8E:15:A9:9E:B4:6D:32:AA:6A
Certificate issuer: /CN=fab67434afc59618046828a135e7e7d0c7ed8c9a
Certificate serial: 01833711171757631A2EA1D2B07D661CBB4F
Authority key identifier: FA:B6:74:34:AF:C5:96:18:04:68:28:A1:35:E7:E7:D0:C7:ED:8C:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-rZ0NK_FlhgEaCihNefn0MftjJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/004b27-9e70-4466-8a32-a330c7640682/1/ndreWYkGqHCn3YWOFametG0yqmo.roa
Signing time: Tue 13 Sep 2022 13:36:50 +0000
ROA not before: Tue 13 Sep 2022 13:36:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62267
IP address blocks: 185.41.228.0/22 maxlen: 22
2a01:56a0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:11:17:17:57:63:1a:2e:a1:d2:b0:7d:66:1c:bb:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fab67434afc59618046828a135e7e7d0c7ed8c9a
Validity
Not Before: Sep 13 13:36:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ddade598906a870a7dd858e15a99eb46d32aa6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:1a:fb:71:ec:53:b5:df:06:0b:e5:8d:b7:
a4:30:b0:89:b4:16:79:58:fc:78:d1:55:92:bf:64:
72:57:87:a7:b8:1b:df:b1:64:8e:41:7b:0a:f1:33:
ff:75:87:26:ef:45:bd:84:5c:d8:b7:d4:ce:59:b5:
8b:bb:bb:ae:57:65:5d:ac:29:e1:8c:d8:a8:44:17:
bf:71:76:9d:ea:13:af:59:48:38:8c:3d:45:e9:37:
43:68:c7:c0:8d:f4:90:d0:f0:e2:48:29:d4:ae:5b:
f8:c4:0b:75:6a:af:f7:03:4b:ae:a2:99:33:6c:2e:
b1:e5:a2:7f:8c:30:05:59:df:0e:39:16:ae:62:2f:
9d:fd:3f:2d:ee:e9:47:df:a4:76:76:4b:7c:d4:85:
df:d0:35:3b:d0:d7:80:c9:76:e6:a4:3d:f2:05:40:
44:06:6f:cb:d3:59:cc:8a:be:ef:3c:82:41:87:63:
51:50:07:f5:74:ba:7b:16:18:2e:c6:f5:e0:eb:59:
af:07:6a:f4:48:58:11:f1:95:05:9b:ff:95:a2:e1:
ed:fa:1b:a9:68:20:88:07:da:3b:1d:6e:70:2e:15:
45:8c:7a:5f:e1:54:02:8b:01:ca:c4:1a:c8:7a:f2:
4c:4f:a0:77:5a:36:3b:e1:0b:31:a8:59:6d:02:ba:
82:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DA:DE:59:89:06:A8:70:A7:DD:85:8E:15:A9:9E:B4:6D:32:AA:6A
X509v3 Authority Key Identifier:
keyid:FA:B6:74:34:AF:C5:96:18:04:68:28:A1:35:E7:E7:D0:C7:ED:8C:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-rZ0NK_FlhgEaCihNefn0MftjJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/004b27-9e70-4466-8a32-a330c7640682/1/ndreWYkGqHCn3YWOFametG0yqmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/004b27-9e70-4466-8a32-a330c7640682/1/1-rZ0NK_FlhgEaCihNefn0MftjJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.228.0/22
IPv6:
2a01:56a0::/32
Signature Algorithm: sha256WithRSAEncryption
aa:0c:f3:fe:53:77:26:f5:59:41:4a:9f:00:78:3c:6d:8b:fc:
4c:4a:ad:04:eb:12:6e:c2:d6:47:c9:a8:b3:be:de:a4:de:01:
e5:de:3e:c0:fa:65:c5:72:b3:78:4f:f1:17:cf:aa:21:25:8b:
2e:bf:40:b8:c7:a5:7c:74:73:75:cf:e2:96:ee:b3:9d:4a:97:
53:73:4a:18:50:8d:db:39:c8:df:08:7f:eb:8b:5e:88:10:fc:
a8:22:91:c4:93:48:7c:45:76:9b:4a:ab:28:40:12:02:a0:c9:
fe:72:ad:20:6e:f0:10:b6:0f:71:e3:7d:cc:60:98:71:e2:94:
14:ef:07:8a:ce:db:dd:fe:91:9f:59:ef:e9:a9:27:7c:c2:f5:
88:40:71:c4:03:6b:3d:0b:9a:e6:38:09:e9:ac:8b:c2:b9:98:
8d:46:1a:0b:79:f7:ff:8e:0a:04:c9:d9:26:71:18:11:e4:a0:
53:d7:c1:02:cd:eb:2c:60:02:b0:61:3a:a5:c3:34:a5:2d:7b:
b4:db:f6:11:21:d0:51:b5:88:50:b8:78:c6:ef:f6:4a:8c:5e:
36:98:cb:bc:8e:ac:12:34:16:b3:dd:35:99:82:fc:d9:d0:46:
1d:79:0d:07:90:d5:8f:65:80:07:eb:b6:0c:02:cc:9d:0f:0a:
f1:0a:09:eb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYM3ERcXV2MaLqHSsH1mHLtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYjY3NDM0YWZjNTk2MTgwNDY4MjhhMTM1ZTdlN2QwYzdl
ZDhjOWEwHhcNMjIwOTEzMTMzNjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGRhZGU1OTg5MDZhODcwYTdkZDg1OGUxNWE5OWViNDZkMzJhYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqEa+3HsU7XfBgvljbekMLCJtBZ5
WPx40VWSv2RyV4enuBvfsWSOQXsK8TP/dYcm70W9hFzYt9TOWbWLu7uuV2VdrCnh
jNioRBe/cXad6hOvWUg4jD1F6TdDaMfAjfSQ0PDiSCnUrlv4xAt1aq/3A0uuopkz
bC6x5aJ/jDAFWd8OORauYi+d/T8t7ulH36R2dkt81IXf0DU70NeAyXbmpD3yBUBE
Bm/L01nMir7vPIJBh2NRUAf1dLp7FhguxvXg61mvB2r0SFgR8ZUFm/+VouHt+hup
aCCIB9o7HW5wLhVFjHpf4VQCiwHKxBrIevJMT6B3WjY74QsxqFltArqC/QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJ3a3lmJBqhwp92FjhWpnrRtMqpqMB8GA1UdIwQY
MBaAFPq2dDSvxZYYBGgooTXn59DH7YyaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1yWjBOS19GbGhnRWFDaWhOZWZuME1mdGpKby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMvMDA0YjI3LTllNzAtNDQ2Ni04YTMy
LWEzMzBjNzY0MDY4Mi8xL25kcmVXWWtHcUhDbjNZV09GYW1ldEcweXFtby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTMvMDA0YjI3LTllNzAtNDQ2Ni04YTMyLWEzMzBjNzY0MDY4
Mi8xLzEtclowTktfRmxoZ0VhQ2loTmVmbjBNZnRqSm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5KeQw
DQQCAAIwBwMFACoBVqAwDQYJKoZIhvcNAQELBQADggEBAKoM8/5Tdyb1WUFKnwB4
PG2L/ExKrQTrEm7C1kfJqLO+3qTeAeXePsD6ZcVys3hP8RfPqiEliy6/QLjHpXx0
c3XP4pbus51Kl1NzShhQjds5yN8If+uLXogQ/KgikcSTSHxFdptKqyhAEgKgyf5y
rSBu8BC2D3HjfcxgmHHilBTvB4rO293+kZ9Z7+mpJ3zC9YhAccQDaz0LmuY4Cems
i8K5mI1GGgt59/+OCgTJ2SZxGBHkoFPXwQLN6yxgArBhOqXDNKUte7Tb9hEh0FG1
iFC4eMbv9kqMXjaYy7yOrBI0FrPdNZmC/NnQRh15DQeQ1Y9lgAfrtgwCzJ0PCvEK
Ces=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org