Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/H21XB0YiA5JW-OstHu0cRBF3AXw.roa
File: H21XB0YiA5JW-OstHu0cRBF3AXw.roa (raw, json)
Hash identifier: +aUMKD/7Un5bwCymNP1GWdKkut/tZ0zgrtl40ohClcc=
Subject key identifier: 1F:6D:57:07:46:22:03:92:56:F8:EB:2D:1E:ED:1C:44:11:77:01:7C
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09ED04A4
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/H21XB0YiA5JW-OstHu0cRBF3AXw.roa
Signing time: Sat 01 Jan 2022 09:59:08 +0000
ROA not before: Sat 01 Jan 2022 09:59:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208755
IP address blocks: 2a09:be40:1140::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166528164 (0x9ed04a4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f6d57074622039256f8eb2d1eed1c441177017c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cb:45:97:b0:a5:37:5f:13:ba:e6:ea:a3:ba:
d4:73:49:fc:ce:af:a9:47:77:14:ea:8c:39:9d:11:
c7:4f:bd:68:d7:3e:4a:ac:18:64:90:50:a5:83:01:
2f:0c:ef:e6:7d:3a:f1:1b:c8:af:8f:82:c6:ce:17:
a8:af:2e:21:1e:10:fa:0c:ec:76:ad:47:e4:07:0f:
7b:7a:0b:75:5a:3e:a8:fb:21:d2:2d:77:e7:95:f1:
63:12:a4:13:10:1c:d9:de:c1:88:e2:1a:51:01:2c:
8b:c0:e2:8c:0a:81:47:cd:cd:6c:f6:24:96:87:54:
c7:46:37:c4:2e:ab:26:9e:ea:0d:8c:5f:d1:15:aa:
85:d7:a2:50:62:5b:39:7f:2d:a9:cb:8d:a6:49:46:
cc:60:db:d4:cd:fd:e9:6a:cf:08:fa:62:58:dd:49:
24:26:c0:3d:5d:fb:37:21:de:2d:a4:f1:7c:e0:a8:
8d:1c:d0:c8:6e:1a:e6:55:51:9b:c9:d1:63:19:ee:
13:a0:c9:f4:7d:bb:89:f2:33:07:cd:82:81:10:52:
e8:9b:c2:42:47:63:ad:05:50:d4:ac:75:d8:c1:76:
69:73:1a:9a:ac:03:e0:97:ca:2c:6f:ef:a6:96:01:
75:58:86:6c:33:e4:b3:33:c4:5b:71:88:c6:61:24:
b7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6D:57:07:46:22:03:92:56:F8:EB:2D:1E:ED:1C:44:11:77:01:7C
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/H21XB0YiA5JW-OstHu0cRBF3AXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:1140::/44
Signature Algorithm: sha256WithRSAEncryption
71:7d:10:6a:cf:25:9f:65:73:1c:46:4b:a7:4d:31:45:eb:36:
9c:64:6d:38:4d:e3:81:81:32:15:cd:14:79:47:c5:12:5a:da:
5c:5b:10:5c:32:b8:88:7b:c4:19:93:fb:e6:d4:bf:f6:d0:6b:
71:8a:bb:3e:6f:30:ca:b9:e0:2b:c5:79:6e:8e:bb:f1:5b:90:
ee:7c:d4:a0:3d:e4:d7:c1:74:5a:b2:7e:77:55:04:24:68:89:
48:5b:53:62:2b:62:ee:93:f8:f1:df:eb:ae:88:83:39:96:4d:
b9:ba:1c:da:75:32:6e:f5:12:48:92:d3:4f:64:d9:bf:4f:fe:
66:5f:69:78:0e:bc:f0:b9:3b:cd:c3:c5:0e:ea:b3:81:08:0f:
ae:5d:7d:2e:5f:21:2a:c7:30:fc:64:ca:b1:24:60:ff:19:9c:
8f:4a:77:c4:1a:31:e7:8f:c2:df:d0:08:e9:4e:05:4e:76:1d:
91:ba:88:a7:6f:9b:6a:33:f2:8e:67:c6:fb:0d:8e:a3:88:5c:
d5:3e:af:2d:0c:a1:62:29:e2:41:8e:e6:2e:82:32:72:85:1f:
d3:37:fb:7e:77:90:84:e5:8f:be:ee:a8:69:89:c5:81:d2:58:
78:e1:0f:e7:f0:3c:07:1d:24:e8:5d:37:d4:50:8c:d2:d3:1f:
05:da:7f:7c
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECe0EpDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY2ZDU3MDc0NjIy
MDM5MjU2ZjhlYjJkMWVlZDFjNDQxMTc3MDE3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzLRZewpTdfE7rm6qO61HNJ/M6vqUd3FOqMOZ0Rx0+9aNc+
SqwYZJBQpYMBLwzv5n068RvIr4+Cxs4XqK8uIR4Q+gzsdq1H5AcPe3oLdVo+qPsh
0i1355XxYxKkExAc2d7BiOIaUQEsi8DijAqBR83NbPYklodUx0Y3xC6rJp7qDYxf
0RWqhdeiUGJbOX8tqcuNpklGzGDb1M396WrPCPpiWN1JJCbAPV37NyHeLaTxfOCo
jRzQyG4a5lVRm8nRYxnuE6DJ9H27ifIzB82CgRBS6JvCQkdjrQVQ1Kx12MF2aXMa
mqwD4JfKLG/vppYBdViGbDPkszPEW3GIxmEktwcCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQfbVcHRiIDklb46y0e7RxEEXcBfDAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L0gyMVhCMFlpQTVKVy1Pc3RIdTBjUkJGM0FYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJvkARQDANBgkqhkiG9w0BAQsF
AAOCAQEAcX0Qas8ln2VzHEZLp00xRes2nGRtOE3jgYEyFc0UeUfFElraXFsQXDK4
iHvEGZP75tS/9tBrcYq7Pm8wyrngK8V5bo678VuQ7nzUoD3k18F0WrJ+d1UEJGiJ
SFtTYiti7pP48d/rroiDOZZNuboc2nUybvUSSJLTT2TZv0/+Zl9peA688Lk7zcPF
DuqzgQgPrl19Ll8hKscw/GTKsSRg/xmcj0p3xBox54/C39AI6U4FTnYdkbqIp2+b
ajPyjmfG+w2Oo4hc1T6vLQyhYiniQY7mLoIycoUf0zf7fneQhOWPvu6oaYnFgdJY
eOEP5/A8Bx0k6F031FCM0tMfBdp/fA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:32:31 2025 by rpki-client