Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/gN-AAzGNnKvZv7CwVBXYgneyFaw.roa
File: gN-AAzGNnKvZv7CwVBXYgneyFaw.roa (raw, json)
Hash identifier: JLBXivqEX0QU1J6fqgAhTPvB+gxvHcl/WsxmIg30nQU=
Subject key identifier: 80:DF:80:03:31:8D:9C:AB:D9:BF:B0:B0:54:15:D8:82:77:B2:15:AC
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09F0902C
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/gN-AAzGNnKvZv7CwVBXYgneyFaw.roa
Signing time: Sat 01 Jan 2022 09:59:11 +0000
ROA not before: Sat 01 Jan 2022 09:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212276
IP address blocks: 2a09:be40:3680::/44 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166760492 (0x9f0902c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=80df8003318d9cabd9bfb0b05415d88277b215ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d0:f8:84:64:08:a5:d1:cd:8b:40:35:70:c8:
89:59:5a:65:9c:bc:ba:3d:67:bf:0f:ec:db:c3:d0:
fa:62:fd:c2:01:61:0d:3b:99:7e:09:67:b2:f1:6a:
fc:a2:2f:3a:7e:1f:16:80:ba:09:ee:49:fb:41:2e:
4a:20:0a:4e:f7:38:63:2b:36:4b:11:f1:12:8a:c9:
ed:58:73:b9:c5:20:2b:3c:d3:22:aa:3b:04:77:ff:
e8:6c:16:e3:15:02:14:9d:2d:4b:b5:a4:8e:84:8e:
15:ea:32:45:1b:eb:82:f6:0d:98:7f:23:6d:1a:d9:
38:79:b6:d3:62:2c:47:ee:cf:d0:9a:43:ce:b3:85:
0c:51:75:0d:a1:53:9d:3f:e3:22:05:ac:9e:af:df:
14:e0:78:a2:be:b9:07:aa:1c:79:f1:15:16:6e:93:
b0:bb:46:cf:ca:ed:69:1c:b2:22:5c:30:e1:dd:64:
e2:c5:bd:aa:b8:ee:c8:2b:b9:fc:f6:df:46:0a:a3:
41:aa:a1:0f:7a:83:2f:40:cf:67:b1:87:d8:55:a0:
d0:b4:e3:f9:d5:80:f7:c4:62:4f:06:4b:73:92:94:
6e:d0:70:d1:25:22:b2:30:89:3c:f9:6d:bd:a9:f8:
06:c9:fe:c1:4e:72:e9:fe:79:e6:24:22:14:e5:e5:
e5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:DF:80:03:31:8D:9C:AB:D9:BF:B0:B0:54:15:D8:82:77:B2:15:AC
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/gN-AAzGNnKvZv7CwVBXYgneyFaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:3680::/44
Signature Algorithm: sha256WithRSAEncryption
0d:f6:45:39:00:17:4d:bb:22:81:81:e8:e8:c7:31:97:74:bc:
8f:be:37:7d:a1:62:0e:dd:83:99:f1:69:f9:fe:30:c4:e6:7c:
ff:98:f1:82:85:75:9c:25:66:59:89:b9:20:31:fb:1c:58:77:
18:42:3b:5a:ec:b1:75:7d:ed:5d:f5:02:1e:9a:7e:c1:bf:a8:
24:e3:a4:22:55:22:74:e9:9b:ef:6c:44:8b:6d:d4:01:bd:25:
e2:fb:6c:18:9e:c8:67:26:67:8e:7b:67:f8:91:98:9c:a1:60:
60:68:82:18:0c:b6:72:f3:c4:8e:11:df:74:23:6c:98:24:39:
01:37:27:20:ee:4b:ec:d5:e5:56:38:cd:cc:d0:be:04:88:9b:
52:a5:33:fe:4d:86:04:df:67:4e:e3:09:4d:19:10:9f:1f:3c:
7e:6c:2d:73:2b:64:21:b5:d7:c7:cf:02:e7:61:b8:db:07:e9:
48:24:d4:56:fc:00:fd:86:65:f1:78:01:ad:2d:13:5c:2d:76:
6e:76:53:8f:da:c0:82:b4:35:08:04:1b:c5:1c:13:7d:8d:01:
59:47:47:c8:9a:70:fa:5d:1d:41:2d:66:8a:a2:b3:1e:58:3e:
41:08:3a:f6:ca:7d:80:82:ce:40:5b:8b:95:ba:6c:2b:ec:1d:
6c:0b:ed:1d
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECfCQLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODBkZjgwMDMzMThk
OWNhYmQ5YmZiMGIwNTQxNWQ4ODI3N2IyMTVhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXQ+IRkCKXRzYtANXDIiVlaZZy8uj1nvw/s28PQ+mL9wgFh
DTuZfglnsvFq/KIvOn4fFoC6Ce5J+0EuSiAKTvc4Yys2SxHxEorJ7VhzucUgKzzT
Iqo7BHf/6GwW4xUCFJ0tS7WkjoSOFeoyRRvrgvYNmH8jbRrZOHm202IsR+7P0JpD
zrOFDFF1DaFTnT/jIgWsnq/fFOB4or65B6ocefEVFm6TsLtGz8rtaRyyIlww4d1k
4sW9qrjuyCu5/PbfRgqjQaqhD3qDL0DPZ7GH2FWg0LTj+dWA98RiTwZLc5KUbtBw
0SUisjCJPPltvan4Bsn+wU5y6f555iQiFOXl5ZUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSA34ADMY2cq9m/sLBUFdiCd7IVrDAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L2dOLUFBekdObkt2WnY3Q3dWQlhZZ25leUZhdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoJvkA2gDANBgkqhkiG9w0BAQsF
AAOCAQEADfZFOQAXTbsigYHo6Mcxl3S8j743faFiDt2DmfFp+f4wxOZ8/5jxgoV1
nCVmWYm5IDH7HFh3GEI7WuyxdX3tXfUCHpp+wb+oJOOkIlUidOmb72xEi23UAb0l
4vtsGJ7IZyZnjntn+JGYnKFgYGiCGAy2cvPEjhHfdCNsmCQ5ATcnIO5L7NXlVjjN
zNC+BIibUqUz/k2GBN9nTuMJTRkQnx88fmwtcytkIbXXx88C52G42wfpSCTUVvwA
/YZl8XgBrS0TXC12bnZTj9rAgrQ1CAQbxRwTfY0BWUdHyJpw+l0dQS1miqKzHlg+
QQg69sp9gILOQFuLlbpsK+wdbAvtHQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:14:57 2025 by rpki-client