Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/4BvQ7Hx6GinJS_Fpk-o_oVZRspE.roa
File: 4BvQ7Hx6GinJS_Fpk-o_oVZRspE.roa (raw, json)
Hash identifier: 7Yszcssuv+XT6Vls+/RcFVBhEyT2qhvZ2ltSaMYlpsc=
Subject key identifier: E0:1B:D0:EC:7C:7A:1A:29:C9:4B:F1:69:93:EA:3F:A1:56:51:B2:91
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09F1E529
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/4BvQ7Hx6GinJS_Fpk-o_oVZRspE.roa
Signing time: Sat 01 Jan 2022 09:59:12 +0000
ROA not before: Sat 01 Jan 2022 09:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212348
IP address blocks: 2a09:be40:3420::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166847785 (0x9f1e529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e01bd0ec7c7a1a29c94bf16993ea3fa15651b291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:ea:52:93:a9:72:fb:af:42:d5:f5:3b:82:
b4:f5:5a:1c:3f:96:99:15:ea:14:cc:b6:59:3f:33:
0c:7c:c6:bb:d7:b3:2e:02:9c:09:b2:51:4a:09:90:
a9:63:b9:e8:44:fd:12:33:71:fb:15:c2:35:72:6b:
73:d1:64:2d:3d:eb:3c:55:bb:0f:f3:f3:ce:79:fb:
ab:f5:bc:de:f3:f7:44:8d:63:e3:45:18:ca:12:08:
77:6c:c9:de:e2:9c:c0:46:5e:98:39:18:89:88:2f:
82:64:85:40:8c:bb:fa:9d:32:9a:ee:b9:d5:0c:04:
6b:15:4d:71:7b:3e:15:53:88:36:2a:d0:72:2b:3c:
88:16:76:c3:e8:83:94:ce:50:2a:80:db:50:c5:88:
20:2e:90:42:21:af:f1:41:1c:79:7e:bd:90:b5:f9:
f2:52:3c:05:3e:a1:66:f8:f7:eb:f1:11:db:16:a0:
14:0f:d0:04:22:13:48:3c:e3:23:75:a2:85:81:59:
bf:8e:e3:c3:56:0d:41:c7:43:29:6c:56:d6:ac:cf:
d1:a4:09:d3:2e:db:fd:43:4e:54:b0:cf:7d:29:4e:
59:65:5f:5a:bd:83:1b:4e:66:ad:34:c8:a4:96:b1:
1b:8a:21:c0:03:3d:7d:4d:30:94:b8:4b:96:21:cb:
40:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1B:D0:EC:7C:7A:1A:29:C9:4B:F1:69:93:EA:3F:A1:56:51:B2:91
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/4BvQ7Hx6GinJS_Fpk-o_oVZRspE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:3420::/44
Signature Algorithm: sha256WithRSAEncryption
85:6e:63:86:d0:57:b8:dd:ed:66:f7:4b:43:69:fc:58:f9:37:
de:a0:1f:7c:ed:72:f1:68:32:47:38:d9:68:b9:18:44:55:53:
30:f8:00:2d:0b:11:73:5b:ee:3f:80:37:33:c4:9f:eb:4d:f2:
c5:1e:19:9f:e0:d6:78:a1:41:8a:6c:3f:68:f1:c7:6d:81:52:
fc:d6:00:cc:80:af:5c:d1:3e:7b:91:59:8a:b3:30:d7:65:49:
d9:06:da:23:c5:b0:6b:45:99:2e:24:59:1a:a7:ba:0e:8c:65:
fd:6e:f0:f8:75:0c:98:f2:fa:7d:d7:74:a3:87:df:ed:86:77:
7c:8e:6d:63:41:00:8c:57:21:83:63:2f:1c:8f:c7:75:41:04:
63:a5:fc:43:10:ac:5b:c5:a5:72:29:67:4a:8d:8c:dc:d9:be:
a7:e3:78:e6:fd:39:71:38:0c:d4:81:4c:a5:8d:c1:a1:40:a9:
a6:28:df:88:25:d9:6a:43:9c:ca:cb:64:fe:49:30:5f:78:ef:
27:e2:6e:94:65:5c:78:29:1c:7c:03:d8:9d:16:3a:17:bf:8a:
74:df:3a:2d:a8:ad:43:93:15:80:b3:37:c0:60:41:59:d6:b9:
67:c4:a5:1b:ca:65:e0:e1:6c:45:92:e0:e6:a8:c4:3a:6a:56:
69:13:dd:1e
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECfHlKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAxYmQwZWM3Yzdh
MWEyOWM5NGJmMTY5OTNlYTNmYTE1NjUxYjI5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC66lKTqXL7r0LV9TuCtPVaHD+WmRXqFMy2WT8zDHzGu9ez
LgKcCbJRSgmQqWO56ET9EjNx+xXCNXJrc9FkLT3rPFW7D/Pzznn7q/W83vP3RI1j
40UYyhIId2zJ3uKcwEZemDkYiYgvgmSFQIy7+p0ymu651QwEaxVNcXs+FVOINirQ
cis8iBZ2w+iDlM5QKoDbUMWIIC6QQiGv8UEceX69kLX58lI8BT6hZvj36/ER2xag
FA/QBCITSDzjI3WihYFZv47jw1YNQcdDKWxW1qzP0aQJ0y7b/UNOVLDPfSlOWWVf
Wr2DG05mrTTIpJaxG4ohwAM9fU0wlLhLliHLQI0CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTgG9DsfHoaKclL8WmT6j+hVlGykTAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
LzRCdlE3SHg2R2luSlNfRnBrLW9fb1ZaUnNwRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJvkA0IDANBgkqhkiG9w0BAQsF
AAOCAQEAhW5jhtBXuN3tZvdLQ2n8WPk33qAffO1y8WgyRzjZaLkYRFVTMPgALQsR
c1vuP4A3M8Sf603yxR4Zn+DWeKFBimw/aPHHbYFS/NYAzICvXNE+e5FZirMw12VJ
2QbaI8Wwa0WZLiRZGqe6Doxl/W7w+HUMmPL6fdd0o4ff7YZ3fI5tY0EAjFchg2Mv
HI/HdUEEY6X8QxCsW8WlcilnSo2M3Nm+p+N45v05cTgM1IFMpY3BoUCppijfiCXZ
akOcystk/kkwX3jvJ+JulGVceCkcfAPYnRY6F7+KdN86LaitQ5MVgLM3wGBBWda5
Z8SlG8pl4OFsRZLg5qjEOmpWaRPdHg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:53 2023 by rpki-client on console-fra.rpki-client.org