Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b4a080-5080-447e-a54d-e90bea5ffd40/1/Yq3N7Z_6X2LG8dVfmv2no8AMPAI.roa
File: Yq3N7Z_6X2LG8dVfmv2no8AMPAI.roa (raw, json)
Hash identifier: PgzCWtWZ+MRsPKn26TMqZDRuvNRonXHnUeY8hiuueuA=
Subject key identifier: 62:AD:CD:ED:9F:FA:5F:62:C6:F1:D5:5F:9A:FD:A7:A3:C0:0C:3C:02
Certificate issuer: /CN=846a1ba02e439066ef579010ea308054ac8bf9df
Certificate serial: 01856FCB8C3E016A8B9840C1620C335B2295
Authority key identifier: 84:6A:1B:A0:2E:43:90:66:EF:57:90:10:EA:30:80:54:AC:8B:F9:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hGoboC5DkGbvV5AQ6jCAVKyL-d8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b4a080-5080-447e-a54d-e90bea5ffd40/1/Yq3N7Z_6X2LG8dVfmv2no8AMPAI.roa
Signing time: Mon 02 Jan 2023 00:04:48 +0000
ROA not before: Mon 02 Jan 2023 00:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212669
IP address blocks: 146.19.28.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:8c:3e:01:6a:8b:98:40:c1:62:0c:33:5b:22:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=846a1ba02e439066ef579010ea308054ac8bf9df
Validity
Not Before: Jan 2 00:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62adcded9ffa5f62c6f1d55f9afda7a3c00c3c02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:8a:c7:a6:87:74:55:3f:b1:79:87:9c:43:49:
2c:e1:da:f4:ba:ba:d7:10:c9:8f:a2:22:9e:fe:70:
c6:7b:03:38:e6:54:6e:ab:26:d5:e9:7f:64:66:ab:
fb:9b:b0:a7:7b:b0:55:4a:a9:21:6c:fe:b9:78:fb:
1a:83:72:b1:6a:6d:92:0a:f0:39:e9:af:fc:6e:aa:
55:33:0e:08:f1:26:e9:cd:73:01:ed:07:d1:a3:8d:
89:50:bd:22:be:5e:dc:3c:93:6d:d7:5b:01:14:f8:
3a:3d:37:8a:d3:d9:b8:60:fb:fb:76:af:ca:3d:f0:
d1:b5:da:f1:05:4e:35:46:af:79:75:3b:0a:19:9f:
0b:f8:3f:e9:b1:a9:45:8f:64:ce:cb:f5:f5:b3:27:
2e:e4:79:d8:53:8a:0c:c6:cb:f6:f8:00:f1:52:c1:
b4:90:7f:9c:7e:ce:6f:af:46:83:fd:59:58:64:2c:
69:22:a3:22:10:1c:41:74:dd:b3:bc:ce:fc:89:0f:
0c:39:c9:44:3d:8a:02:5d:d9:1d:bd:96:60:06:6d:
e8:a0:1f:a8:8b:93:73:ea:65:28:cc:12:0b:78:48:
dc:fa:30:bc:29:1c:ef:26:f4:10:0a:3e:a2:0d:b1:
d8:99:23:da:16:83:43:2e:39:72:33:c4:45:28:89:
77:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:AD:CD:ED:9F:FA:5F:62:C6:F1:D5:5F:9A:FD:A7:A3:C0:0C:3C:02
X509v3 Authority Key Identifier:
keyid:84:6A:1B:A0:2E:43:90:66:EF:57:90:10:EA:30:80:54:AC:8B:F9:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hGoboC5DkGbvV5AQ6jCAVKyL-d8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b4a080-5080-447e-a54d-e90bea5ffd40/1/Yq3N7Z_6X2LG8dVfmv2no8AMPAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b4a080-5080-447e-a54d-e90bea5ffd40/1/hGoboC5DkGbvV5AQ6jCAVKyL-d8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.28.0/24
Signature Algorithm: sha256WithRSAEncryption
70:7f:54:7a:53:fd:91:1f:55:aa:fa:b0:d1:c4:7f:26:40:94:
0a:a2:b2:e2:5d:db:cf:fc:7d:2b:d8:e2:85:b4:8d:32:5b:3b:
5a:99:f9:90:2d:69:ee:25:3c:20:8a:23:64:3a:a3:15:5a:c5:
04:b1:a6:c5:b6:76:e4:f6:e5:eb:b4:a3:7d:58:90:68:66:b1:
a7:8e:6d:64:03:1b:63:e7:03:36:5e:dd:35:38:39:85:3e:14:
a2:fe:70:eb:bc:29:ec:d0:37:f3:f9:9d:59:0d:55:a0:5e:40:
de:40:2a:c8:97:e5:fd:e5:69:c6:69:64:e3:9f:4f:66:94:76:
8d:3a:d2:54:a0:d7:13:ea:e7:94:ba:b7:90:35:84:32:a2:c3:
e4:33:f0:8c:8b:ab:d3:10:1e:fc:b9:52:90:f8:3c:a4:86:92:
dd:a1:e0:35:60:96:a6:a2:9c:ef:d5:80:b1:c8:f0:41:cd:2d:
56:dc:b1:3f:b2:c7:cb:be:e6:b0:80:53:cf:a7:fe:6f:0a:5f:
5d:26:6c:e1:b2:5c:69:fe:70:af:c4:fd:bd:af:fc:aa:99:76:
ec:43:64:07:8b:73:12:95:84:ca:f0:ab:45:df:78:c9:f6:bb:
e2:c7:b8:0d:f8:1e:fe:28:33:a6:07:5f:10:6d:38:cb:09:4d:
c7:0e:36:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy4w+AWqLmEDBYgwzWyKVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NmExYmEwMmU0MzkwNjZlZjU3OTAxMGVhMzA4MDU0YWM4
YmY5ZGYwHhcNMjMwMTAyMDAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmFkY2RlZDlmZmE1ZjYyYzZmMWQ1NWY5YWZkYTdhM2MwMGMzYzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYrHpod0VT+xeYecQ0ks4dr0urrX
EMmPoiKe/nDGewM45lRuqybV6X9kZqv7m7Cne7BVSqkhbP65ePsag3Kxam2SCvA5
6a/8bqpVMw4I8SbpzXMB7QfRo42JUL0ivl7cPJNt11sBFPg6PTeK09m4YPv7dq/K
PfDRtdrxBU41Rq95dTsKGZ8L+D/psalFj2TOy/X1sycu5HnYU4oMxsv2+ADxUsG0
kH+cfs5vr0aD/VlYZCxpIqMiEBxBdN2zvM78iQ8MOclEPYoCXdkdvZZgBm3ooB+o
i5Nz6mUozBILeEjc+jC8KRzvJvQQCj6iDbHYmSPaFoNDLjlyM8RFKIl3swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKtze2f+l9ixvHVX5r9p6PADDwCMB8GA1UdIwQY
MBaAFIRqG6AuQ5Bm71eQEOowgFSsi/nfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEdvYm9DNURrR2J2VjVBUTZqQ0FWS3lMLWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iNGEwODAtNTA4MC00NDdlLWE1NGQt
ZTkwYmVhNWZmZDQwLzEvWXEzTjdaXzZYMkxHOGRWZm12Mm5vOEFNUEFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iNGEwODAtNTA4MC00NDdlLWE1NGQtZTkwYmVhNWZmZDQw
LzEvaEdvYm9DNURrR2J2VjVBUTZqQ0FWS3lMLWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhMcMA0G
CSqGSIb3DQEBCwUAA4IBAQBwf1R6U/2RH1Wq+rDRxH8mQJQKorLiXdvP/H0r2OKF
tI0yWztamfmQLWnuJTwgiiNkOqMVWsUEsabFtnbk9uXrtKN9WJBoZrGnjm1kAxtj
5wM2Xt01ODmFPhSi/nDrvCns0Dfz+Z1ZDVWgXkDeQCrIl+X95WnGaWTjn09mlHaN
OtJUoNcT6ueUureQNYQyosPkM/CMi6vTEB78uVKQ+DykhpLdoeA1YJamopzv1YCx
yPBBzS1W3LE/ssfLvuawgFPPp/5vCl9dJmzhslxp/nCvxP29r/yqmXbsQ2QHi3MS
lYTK8KtF33jJ9rvix7gN+B7+KDOmB18QbTjLCU3HDjb1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:33 2025 by rpki-client