Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/agf1rHEXuaw6PqYvlJKc_ttMDNI.roa
File: agf1rHEXuaw6PqYvlJKc_ttMDNI.roa (raw, json)
Hash identifier: Mlkch72AUplJsFlGfXRx28F95loZZhlYA74o/vTCBb0=
Subject key identifier: 6A:07:F5:AC:71:17:B9:AC:3A:3E:A6:2F:94:92:9C:FE:DB:4C:0C:D2
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09F41D90
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/agf1rHEXuaw6PqYvlJKc_ttMDNI.roa
Signing time: Sat 01 Jan 2022 09:59:13 +0000
ROA not before: Sat 01 Jan 2022 09:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213167
IP address blocks: 2a09:be40:3100::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166993296 (0x9f41d90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a07f5ac7117b9ac3a3ea62f94929cfedb4c0cd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ce:2f:fa:27:37:58:6a:4b:bb:19:4e:56:63:
ef:93:e7:43:70:8c:b0:cb:e6:64:a1:0c:df:53:9c:
39:42:10:f7:4d:79:24:1f:a4:51:30:fb:4a:7f:a3:
01:00:33:7d:06:20:83:d9:80:2b:59:42:97:c6:7d:
b7:f8:0c:01:6b:ac:3d:15:30:6a:e0:98:f8:d9:a8:
cf:d9:07:6e:e5:0a:b7:30:46:61:7c:ea:06:59:53:
86:a7:fc:a5:c7:91:eb:3d:23:c6:cc:3f:dd:b6:06:
cc:ee:d8:91:6c:fb:8e:81:f0:1f:fb:1d:ff:03:8c:
33:de:ef:45:75:54:ef:7c:03:58:82:2d:e1:8d:a7:
b5:eb:59:46:9f:c0:ba:67:76:39:b7:5e:6a:75:f5:
c4:ff:37:0c:f3:06:09:7c:66:be:76:c1:28:e2:1b:
3e:2d:b3:d6:59:4a:9c:52:9f:03:31:ad:93:64:2a:
71:cb:4a:18:ea:d9:c7:fb:f0:b1:57:69:cf:44:51:
eb:63:c0:75:47:42:21:b9:e2:d0:48:19:19:f6:69:
cb:de:b0:ca:3a:81:6e:ab:a1:46:68:e9:27:ed:31:
59:4b:9f:29:00:5c:74:bb:59:db:d3:c9:31:a9:29:
05:77:72:e3:0d:b6:73:6f:24:ce:49:46:a8:2a:fd:
0a:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:07:F5:AC:71:17:B9:AC:3A:3E:A6:2F:94:92:9C:FE:DB:4C:0C:D2
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/agf1rHEXuaw6PqYvlJKc_ttMDNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:3100::/40
Signature Algorithm: sha256WithRSAEncryption
1b:9d:98:14:5e:77:0e:c0:86:cb:30:b0:96:fe:c6:d6:dd:c5:
09:3c:8e:77:5b:04:64:5f:78:a6:a8:42:79:6b:3d:a9:79:c7:
dc:0f:ee:6b:52:a1:99:49:89:ff:49:2b:d2:77:25:5a:85:9c:
95:a5:6c:02:24:15:c0:ad:3e:65:05:7a:34:b6:98:96:8d:70:
03:6c:55:82:ea:2e:70:ad:03:c4:d6:c6:d2:37:31:7a:0b:89:
a0:55:91:9a:fa:1f:6c:e1:13:bb:7e:30:e6:ec:db:db:42:94:
7f:1e:e9:f3:5d:72:c6:95:54:df:ef:ab:04:b4:de:d7:4d:22:
d0:34:33:c8:1e:f9:3e:b7:e4:55:cb:16:8d:05:7d:0f:73:dc:
0f:ff:be:31:36:78:95:70:39:1f:7d:a5:af:25:a8:14:0d:ed:
27:fb:35:4d:83:0a:90:c9:55:9f:2d:11:66:79:88:6a:9f:b3:
5b:f9:6d:ca:85:9d:da:91:d7:a5:da:a5:9c:b7:df:a0:70:9f:
69:32:6c:37:6e:a2:cd:8e:b7:de:98:cb:7e:93:9e:60:04:3a:
56:ce:72:4e:14:dc:18:f7:39:79:cb:5a:1e:70:ae:2b:46:42:
3e:91:57:77:e8:43:ca:31:9e:3e:0f:9f:98:16:f1:be:39:07:
46:60:59:8d
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECfQdkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEwN2Y1YWM3MTE3
YjlhYzNhM2VhNjJmOTQ5MjljZmVkYjRjMGNkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvOL/onN1hqS7sZTlZj75PnQ3CMsMvmZKEM31OcOUIQ9015
JB+kUTD7Sn+jAQAzfQYgg9mAK1lCl8Z9t/gMAWusPRUwauCY+Nmoz9kHbuUKtzBG
YXzqBllThqf8pceR6z0jxsw/3bYGzO7YkWz7joHwH/sd/wOMM97vRXVU73wDWIIt
4Y2ntetZRp/Aumd2ObdeanX1xP83DPMGCXxmvnbBKOIbPi2z1llKnFKfAzGtk2Qq
cctKGOrZx/vwsVdpz0RR62PAdUdCIbni0EgZGfZpy96wyjqBbquhRmjpJ+0xWUuf
KQBcdLtZ29PJMakpBXdy4w22c28kzklGqCr9CrkCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRqB/WscRe5rDo+pi+Ukpz+20wM0jAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L2FnZjFySEVYdWF3NlBxWXZsSktjX3R0TUROSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoJvkAxMA0GCSqGSIb3DQEBCwUA
A4IBAQAbnZgUXncOwIbLMLCW/sbW3cUJPI53WwRkX3imqEJ5az2pecfcD+5rUqGZ
SYn/SSvSdyVahZyVpWwCJBXArT5lBXo0tpiWjXADbFWC6i5wrQPE1sbSNzF6C4mg
VZGa+h9s4RO7fjDm7NvbQpR/HunzXXLGlVTf76sEtN7XTSLQNDPIHvk+t+RVyxaN
BX0Pc9wP/74xNniVcDkffaWvJagUDe0n+zVNgwqQyVWfLRFmeYhqn7Nb+W3KhZ3a
kdel2qWct9+gcJ9pMmw3bqLNjrfemMt+k55gBDpWznJOFNwY9zl5y1oecK4rRkI+
kVd36EPKMZ4+D5+YFvG+OQdGYFmN
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:15:38 2025 by rpki-client