Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/l1ptNtFtXX9Htc1I8LPpn91Q630.roa
File: l1ptNtFtXX9Htc1I8LPpn91Q630.roa (raw, json)
Hash identifier: fi30l6unmDlK+QzccAH3Gs0Yw2tubUsdUa6aaZkl1SU=
Subject key identifier: 97:5A:6D:36:D1:6D:5D:7F:47:B5:CD:48:F0:B3:E9:9F:DD:50:EB:7D
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 09F4B6CD
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/l1ptNtFtXX9Htc1I8LPpn91Q630.roa
Signing time: Sat 01 Jan 2022 09:59:13 +0000
ROA not before: Sat 01 Jan 2022 09:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213349
IP address blocks: 2a09:be40:4200::/40 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167032525 (0x9f4b6cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Jan 1 09:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=975a6d36d16d5d7f47b5cd48f0b3e99fdd50eb7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:62:d1:ed:1b:22:4b:be:73:cc:75:4e:17:47:
82:d0:d9:84:6d:8f:ed:a4:c0:51:e2:ff:bb:b4:8e:
08:5b:ba:bb:1f:a7:65:39:58:f0:c1:a8:38:4e:d5:
e3:8f:21:02:ca:60:a1:9a:20:8a:71:92:ff:2c:86:
70:dc:73:59:ed:2d:4e:2d:08:b1:00:72:e7:d8:65:
eb:18:ee:f0:ef:bb:08:65:bc:c0:7e:41:d3:f1:97:
87:2f:1e:d7:0f:85:5a:71:e9:a3:ba:a3:1b:f0:4d:
7b:cc:7e:ac:b6:e6:b8:ac:f4:16:ad:9b:03:85:99:
2c:ab:77:fe:d7:42:a6:4d:8d:6a:f6:3f:14:0b:ad:
26:c7:92:bf:06:17:2b:6e:69:b8:49:16:10:4e:17:
1a:88:c9:bf:cc:05:0c:8d:51:83:53:a4:89:20:67:
45:62:f2:9e:61:7e:67:ff:6e:22:dd:d6:ef:90:5f:
48:25:d7:34:a3:ce:99:9f:0c:6d:51:0b:72:2f:c7:
ae:2a:95:62:09:eb:97:8c:06:ba:ee:e0:02:ab:eb:
35:95:9f:37:b9:70:79:81:f2:0a:9b:29:7c:39:2b:
f1:55:35:0f:86:f7:c0:99:79:ff:8a:f4:8d:5c:8e:
cb:b1:6d:4e:51:33:ff:eb:46:fc:93:c3:aa:97:5d:
47:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5A:6D:36:D1:6D:5D:7F:47:B5:CD:48:F0:B3:E9:9F:DD:50:EB:7D
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/l1ptNtFtXX9Htc1I8LPpn91Q630.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be40:4200::/40
Signature Algorithm: sha256WithRSAEncryption
70:82:8f:98:62:0b:6c:20:6e:04:d0:16:90:be:60:51:9c:c9:
6e:9f:8e:0b:63:65:1a:38:6b:c7:3a:dc:cf:b0:01:e1:f4:7e:
2c:68:e3:fc:49:98:86:7b:4f:7a:fb:23:27:bd:6c:2c:1a:6d:
fc:2c:9b:9f:14:a8:ca:1a:57:29:7c:5e:93:61:68:10:77:02:
e3:84:ca:df:fa:e2:78:0d:71:9b:90:ac:f4:b9:28:ba:65:a5:
ba:e8:ab:b7:f2:1a:a6:d5:78:f1:9e:ac:7a:ac:ce:cf:59:c3:
c9:08:d8:a7:53:cb:89:71:1a:1c:fd:64:37:9a:be:0f:60:55:
da:fe:fe:c6:80:e1:9a:6a:48:31:d2:3b:70:93:c7:6f:36:87:
d2:33:01:c1:2a:a7:8e:27:11:12:99:35:27:07:92:2d:e1:42:
4b:a3:d4:e1:a6:c5:c8:d4:99:e4:2b:6b:e2:b5:13:39:5e:af:
01:1a:82:c5:05:0f:12:32:03:a1:a7:fd:07:59:84:77:57:99:
51:88:22:8d:33:d7:fc:45:c7:e2:fb:40:6c:84:eb:b8:3f:66:
b5:d9:73:9f:78:fb:e7:0c:47:1c:df:f3:4d:52:be:c9:f2:8b:
a4:6b:63:17:ba:54:f0:86:ef:9b:8d:4e:0a:f3:66:93:cd:07:
f4:1d:ef:04
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECfS2zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDEw
MTA5NTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc1YTZkMzZkMTZk
NWQ3ZjQ3YjVjZDQ4ZjBiM2U5OWZkZDUwZWI3ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9i0e0bIku+c8x1ThdHgtDZhG2P7aTAUeL/u7SOCFu6ux+n
ZTlY8MGoOE7V448hAspgoZoginGS/yyGcNxzWe0tTi0IsQBy59hl6xju8O+7CGW8
wH5B0/GXhy8e1w+FWnHpo7qjG/BNe8x+rLbmuKz0Fq2bA4WZLKt3/tdCpk2NavY/
FAutJseSvwYXK25puEkWEE4XGojJv8wFDI1Rg1OkiSBnRWLynmF+Z/9uIt3W75Bf
SCXXNKPOmZ8MbVELci/HriqVYgnrl4wGuu7gAqvrNZWfN7lweYHyCpspfDkr8VU1
D4b3wJl5/4r0jVyOy7FtTlEz/+tG/JPDqpddR+sCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSXWm020W1df0e1zUjws+mf3VDrfTAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L2wxcHROdEZ0WFg5SHRjMUk4TFBwbjkxUTYzMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoJvkBCMA0GCSqGSIb3DQEBCwUA
A4IBAQBwgo+YYgtsIG4E0BaQvmBRnMlun44LY2UaOGvHOtzPsAHh9H4saOP8SZiG
e096+yMnvWwsGm38LJufFKjKGlcpfF6TYWgQdwLjhMrf+uJ4DXGbkKz0uSi6ZaW6
6Ku38hqm1Xjxnqx6rM7PWcPJCNinU8uJcRoc/WQ3mr4PYFXa/v7GgOGaakgx0jtw
k8dvNofSMwHBKqeOJxESmTUnB5It4UJLo9ThpsXI1JnkK2vitRM5Xq8BGoLFBQ8S
MgOhp/0HWYR3V5lRiCKNM9f8Rcfi+0BshOu4P2a12XOfePvnDEcc3/NNUr7J8ouk
a2MXulTwhu+bjU4K82aTzQf0He8E
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:01 2025 by rpki-client