Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/aILXhhgw7Ekf9Tbp61KAplwC3SI.roa
File: aILXhhgw7Ekf9Tbp61KAplwC3SI.roa (raw, json)
Hash identifier: DV/IxMuCrFmDBZCQ9h8zs11vZRwrwi45criAAMiO0P4=
Subject key identifier: 68:82:D7:86:18:30:EC:49:1F:F5:36:E9:EB:52:80:A6:5C:02:DD:22
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09E977EE
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/aILXhhgw7Ekf9Tbp61KAplwC3SI.roa
Signing time: Sat 01 Jan 2022 09:59:05 +0000
ROA not before: Sat 01 Jan 2022 09:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208029
IP address blocks: 2a09:be40:1700::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166295534 (0x9e977ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6882d7861830ec491ff536e9eb5280a65c02dd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:19:8a:1e:07:74:56:6f:9d:dc:4b:da:bc:fd:
bd:1c:b3:0f:96:e6:88:eb:35:e7:3f:47:80:e3:ad:
23:a7:3d:ba:87:6a:a0:9e:29:6b:82:66:7d:e1:f7:
65:da:1f:74:7f:eb:74:6a:71:ac:1f:90:dc:75:46:
74:a4:4b:a6:2e:f5:e1:75:24:35:ad:0b:ff:4b:57:
2c:1b:55:38:ae:40:a1:9c:31:82:72:9d:59:4f:bb:
ef:47:fa:2a:80:f7:65:2b:16:ec:f1:79:29:41:ec:
27:45:ea:6a:54:bc:63:0f:f3:6a:cd:61:69:7a:83:
69:74:f6:9c:11:7e:c9:a7:bf:cb:f1:e0:83:01:1b:
56:dc:3f:fa:c2:07:78:b7:79:cc:dd:71:8b:3b:f2:
c1:56:a6:ac:43:da:ab:9a:49:4e:b9:d9:fd:7e:45:
1d:dc:b2:42:05:99:9a:2b:03:d2:d6:ea:57:13:6c:
a0:1b:34:5c:38:99:35:10:fe:d9:71:b5:01:81:11:
c6:19:ef:02:e0:7b:5d:80:f1:75:02:c6:fd:23:39:
03:02:fb:8a:eb:41:2a:b0:e8:15:d2:fc:e9:12:88:
98:ca:49:dc:53:c2:e9:2f:7c:31:4b:73:e1:81:95:
f7:58:ad:36:e3:81:a6:3d:79:f7:f6:df:3e:cd:ef:
d1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:82:D7:86:18:30:EC:49:1F:F5:36:E9:EB:52:80:A6:5C:02:DD:22
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/aILXhhgw7Ekf9Tbp61KAplwC3SI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:1700::/40
Signature Algorithm: sha256WithRSAEncryption
90:71:53:90:ba:d6:a6:c6:d5:7e:45:d8:36:5a:24:e6:f4:82:
78:07:a6:44:ac:4f:d0:5b:9f:55:9d:c6:27:f2:2d:2d:85:09:
29:0b:82:65:d2:66:5c:dc:5f:51:53:c2:df:dd:00:25:98:24:
bc:b4:bb:15:15:01:22:48:ee:c4:e2:5a:80:39:b3:d5:fa:7f:
de:fc:dc:8a:62:1c:e4:77:1f:6e:cf:bb:4f:c8:3d:fc:26:86:
eb:ed:1a:98:5f:4c:54:c2:71:b2:8c:d8:6e:25:b7:80:03:7f:
df:36:85:0e:86:10:96:a8:0f:b8:b4:76:a5:e9:64:4e:00:cd:
5c:53:61:6e:2d:64:20:67:b7:06:8d:f0:c2:de:b1:96:5a:6f:
2a:86:4d:0d:d5:1c:a8:17:a2:a7:de:64:cd:9c:14:b7:d2:15:
e0:7a:07:9e:c6:68:6a:19:c4:a2:c7:df:78:1e:80:18:f7:03:
51:ca:72:0d:82:2b:1a:e6:d7:ab:3a:21:39:60:fd:37:80:73:
e8:89:79:ee:82:3e:c8:ee:65:98:57:8a:ab:3d:59:ec:a1:06:
5b:cb:62:87:b0:a9:c5:7a:fa:74:14:6a:e2:10:3d:59:5b:23:
be:1f:04:25:81:a3:20:9e:e1:7a:5c:84:30:64:30:b3:33:d3:
e4:10:80:fb
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECel37jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg4MmQ3ODYxODMw
ZWM0OTFmZjUzNmU5ZWI1MjgwYTY1YzAyZGQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoZih4HdFZvndxL2rz9vRyzD5bmiOs15z9HgOOtI6c9uodq
oJ4pa4JmfeH3ZdofdH/rdGpxrB+Q3HVGdKRLpi714XUkNa0L/0tXLBtVOK5AoZwx
gnKdWU+770f6KoD3ZSsW7PF5KUHsJ0XqalS8Yw/zas1haXqDaXT2nBF+yae/y/Hg
gwEbVtw/+sIHeLd5zN1xizvywVamrEPaq5pJTrnZ/X5FHdyyQgWZmisD0tbqVxNs
oBs0XDiZNRD+2XG1AYERxhnvAuB7XYDxdQLG/SM5AwL7iutBKrDoFdL86RKImMpJ
3FPC6S98MUtz4YGV91itNuOBpj159/bfPs3v0ccCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRogteGGDDsSR/1NunrUoCmXALdIjAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L2FJTFhoaGd3N0VrZjlUYnA2MUtBcGx3QzNTSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoJvkAXMA0GCSqGSIb3DQEBCwUA
A4IBAQCQcVOQutamxtV+Rdg2WiTm9IJ4B6ZErE/QW59VncYn8i0thQkpC4Jl0mZc
3F9RU8Lf3QAlmCS8tLsVFQEiSO7E4lqAObPV+n/e/NyKYhzkdx9uz7tPyD38Jobr
7RqYX0xUwnGyjNhuJbeAA3/fNoUOhhCWqA+4tHal6WROAM1cU2FuLWQgZ7cGjfDC
3rGWWm8qhk0N1RyoF6Kn3mTNnBS30hXgegeexmhqGcSix994HoAY9wNRynINgisa
5terOiE5YP03gHPoiXnugj7I7mWYV4qrPVnsoQZby2KHsKnFevp0FGriED1ZWyO+
HwQlgaMgnuF6XIQwZDCzM9PkEID7
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:18 2025 by rpki-client