Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ATwCQL75QAs5BFAqAbVhregOciY.roa
File: ATwCQL75QAs5BFAqAbVhregOciY.roa (raw, json)
Hash identifier: OnDI+RjIXKI27zj/Q/QqLQ87gQYG2XWJL5ryeyoiQXg=
Subject key identifier: 01:3C:02:40:BE:F9:40:0B:39:04:50:2A:01:B5:61:AD:E8:0E:72:26
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09E6F9C8
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ATwCQL75QAs5BFAqAbVhregOciY.roa
Signing time: Sat 01 Jan 2022 09:59:03 +0000
ROA not before: Sat 01 Jan 2022 09:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137909
IP address blocks: 2a09:be40:ba02::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166132168 (0x9e6f9c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=013c0240bef9400b3904502a01b561ade80e7226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:aa:06:bd:a3:a5:7b:94:e6:6a:f0:62:c7:f7:
5f:a2:4f:8f:50:be:a4:60:1f:20:ef:5e:4a:c7:a7:
72:b4:28:36:36:6d:17:95:b6:96:56:ad:14:83:af:
39:aa:70:fd:5b:f3:fb:aa:e1:d3:c8:0c:ca:41:3c:
9e:44:57:4f:fa:44:97:6f:d7:15:2b:c5:ff:cb:06:
52:ae:5a:12:00:39:8a:6a:1e:6e:bd:7f:1e:26:cb:
c4:4c:58:1c:dc:26:2c:b6:c4:1b:3a:9e:0f:a8:25:
29:3f:c4:47:e1:48:f4:8d:d4:bf:07:d3:07:1d:12:
5c:85:ee:a6:52:ff:a5:0a:78:4c:a1:49:a6:4f:05:
52:be:83:11:f1:2a:a7:99:29:06:2c:84:38:f5:1b:
70:5c:dd:8f:56:2c:ca:6a:fd:f6:ed:1c:23:ea:cd:
0d:5f:35:03:a0:80:29:dd:91:7d:ac:37:48:dc:1a:
d9:58:27:7e:51:a7:63:b1:ef:d6:4c:66:d9:2f:87:
ea:29:4f:61:dc:25:1c:c0:23:de:5b:00:71:02:12:
1e:36:6d:19:dc:df:b4:7f:17:51:66:44:b5:17:da:
d2:e5:70:ec:d8:58:e0:66:ed:83:3f:4b:b4:e0:d0:
6b:e7:5b:49:5c:ed:50:13:7c:d5:5d:45:eb:f2:a7:
28:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3C:02:40:BE:F9:40:0B:39:04:50:2A:01:B5:61:AD:E8:0E:72:26
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ATwCQL75QAs5BFAqAbVhregOciY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:ba02::/48
Signature Algorithm: sha256WithRSAEncryption
54:e5:bf:3a:0d:4c:71:fb:46:19:36:1e:6b:30:e8:ed:42:c2:
53:ae:33:a6:2a:41:d3:0e:43:8f:81:7a:0a:d8:3c:0d:74:0c:
f0:69:16:ad:63:ed:07:5e:15:90:91:bc:51:42:63:ff:0a:a6:
07:4a:66:3c:64:1e:b9:e1:60:83:0d:d6:a1:7d:1f:2a:6f:ca:
cf:0f:63:59:52:e5:8c:52:72:7a:af:42:ab:a0:33:57:81:20:
99:6f:3e:c7:2c:ca:95:dc:06:27:53:95:19:6b:0b:20:55:b6:
bf:37:d9:41:62:61:8b:18:68:b0:c6:31:19:a6:63:45:b4:86:
b6:26:25:65:9c:c3:3a:0d:75:41:5b:64:1e:41:75:d6:01:1d:
25:61:57:62:37:a5:6a:4b:c5:1e:68:38:4a:a2:86:92:5e:84:
a8:61:09:e6:49:4a:d8:b8:4b:c1:22:5a:2e:62:ef:3c:13:c1:
48:20:16:45:53:5e:cd:39:0f:ed:ef:78:36:1f:f8:57:59:a0:
95:6c:0e:b3:03:3b:e2:2e:3f:b2:4e:45:70:50:24:b4:f8:63:
71:41:f9:35:88:97:21:a6:96:1a:f4:ce:62:5e:c9:97:b4:92:
9f:82:b1:2d:39:d4:c3:28:ca:fe:2d:98:58:d4:98:42:ef:7e:
b9:54:93:b9
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECeb5yDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEzYzAyNDBiZWY5
NDAwYjM5MDQ1MDJhMDFiNTYxYWRlODBlNzIyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCqBr2jpXuU5mrwYsf3X6JPj1C+pGAfIO9eSsencrQoNjZt
F5W2llatFIOvOapw/Vvz+6rh08gMykE8nkRXT/pEl2/XFSvF/8sGUq5aEgA5imoe
br1/HibLxExYHNwmLLbEGzqeD6glKT/ER+FI9I3UvwfTBx0SXIXuplL/pQp4TKFJ
pk8FUr6DEfEqp5kpBiyEOPUbcFzdj1Ysymr99u0cI+rNDV81A6CAKd2Rfaw3SNwa
2VgnflGnY7Hv1kxm2S+H6ilPYdwlHMAj3lsAcQISHjZtGdzftH8XUWZEtRfa0uVw
7NhY4Gbtgz9LtODQa+dbSVztUBN81V1F6/KnKA8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQBPAJAvvlACzkEUCoBtWGt6A5yJjAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L0FUd0NRTDc1UUFzNUJGQXFBYlZocmVnT2NpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJvkC6AjANBgkqhkiG9w0BAQsF
AAOCAQEAVOW/Og1McftGGTYeazDo7ULCU64zpipB0w5Dj4F6Ctg8DXQM8GkWrWPt
B14VkJG8UUJj/wqmB0pmPGQeueFggw3WoX0fKm/Kzw9jWVLljFJyeq9Cq6AzV4Eg
mW8+xyzKldwGJ1OVGWsLIFW2vzfZQWJhixhosMYxGaZjRbSGtiYlZZzDOg11QVtk
HkF11gEdJWFXYjelakvFHmg4SqKGkl6EqGEJ5klK2LhLwSJaLmLvPBPBSCAWRVNe
zTkP7e94Nh/4V1mglWwOswM74i4/sk5FcFAktPhjcUH5NYiXIaaWGvTOYl7Jl7SS
n4KxLTnUwyjK/i2YWNSYQu9+uVSTuQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:15 2025 by rpki-client