Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/xqVIR9iu2cFhHcPjZPUVhLb6shg.roa
File: xqVIR9iu2cFhHcPjZPUVhLb6shg.roa (raw, json)
Hash identifier: ABCjuDWOkAsqiPFFEdParPCG0TLUSuL+hpvPFXmWWLY=
Subject key identifier: C6:A5:48:47:D8:AE:D9:C1:61:1D:C3:E3:64:F5:15:84:B6:FA:B2:18
Certificate issuer: /CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Certificate serial: 0A92CE7F
Authority key identifier: 50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/xqVIR9iu2cFhHcPjZPUVhLb6shg.roa
Signing time: Mon 07 Mar 2022 13:00:34 +0000
ROA not before: Mon 07 Mar 2022 13:00:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 2a09:be43::/32 maxlen: 32
2a09:be47::/32 maxlen: 48
2a09:be41::/32 maxlen: 48
2a09:be44::/32 maxlen: 48
2a09:be42::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177393279 (0xa92ce7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50b90a5e158ba0908fdc83cc4243fe40c6dab423
Validity
Not Before: Mar 7 13:00:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6a54847d8aed9c1611dc3e364f51584b6fab218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7d:96:ad:00:a6:19:80:5b:35:42:e3:00:ca:
e9:b8:64:7d:dd:a8:a0:82:1f:c2:6c:0f:a9:33:85:
d6:a8:b3:73:5a:36:09:47:c8:aa:48:3f:ec:39:9a:
28:0d:71:3e:f1:97:bc:a8:6b:1e:ec:8d:68:57:ee:
be:c6:a6:45:1a:2f:68:45:5d:12:84:11:9d:a3:20:
58:69:81:6a:54:6b:85:36:55:d0:08:d3:18:5f:10:
70:27:c3:09:ee:68:8d:24:7c:5f:ed:36:8f:7a:82:
9f:ac:18:c3:a2:84:27:63:cf:1c:8a:4b:92:1b:34:
d4:d8:16:b0:a6:2e:70:38:82:2e:df:fe:28:be:76:
ca:20:ef:ca:f0:8b:11:43:6f:14:54:ca:08:f3:22:
db:07:f8:5c:9b:fc:9e:4c:a8:79:fe:18:b8:93:92:
85:e6:a4:1b:e6:c2:37:23:3f:83:0b:7b:62:38:31:
61:36:b0:b4:48:9a:fe:45:81:db:1e:fb:64:04:94:
e7:7d:70:d2:a9:52:90:be:3b:69:8d:51:b3:26:b8:
c5:f5:18:1a:89:18:0a:5a:99:6e:6b:bd:f6:9f:96:
ec:33:9d:c4:ae:69:8a:6f:0a:1a:66:a3:95:fe:5d:
d6:79:6b:27:59:2d:f8:38:c3:a0:3c:13:cf:b5:e2:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:A5:48:47:D8:AE:D9:C1:61:1D:C3:E3:64:F5:15:84:B6:FA:B2:18
X509v3 Authority Key Identifier:
keyid:50:B9:0A:5E:15:8B:A0:90:8F:DC:83:CC:42:43:FE:40:C6:DA:B4:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ULkKXhWLoJCP3IPMQkP-QMbatCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/xqVIR9iu2cFhHcPjZPUVhLb6shg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/72d226-c3b0-41f3-b4db-83fd7382ff13/1/ULkKXhWLoJCP3IPMQkP-QMbatCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:be41::-2a09:be44:ffff:ffff:ffff:ffff:ffff:ffff
2a09:be47::/32
Signature Algorithm: sha256WithRSAEncryption
23:34:ba:4c:88:db:4e:a8:31:13:dd:9e:2e:a2:2c:4d:f1:59:
fa:6f:8b:64:53:54:33:04:aa:a7:75:9e:b7:1f:85:09:2b:14:
26:e2:67:92:ad:ef:75:de:db:54:a8:61:8f:a0:bd:b5:1b:9e:
a8:a0:b9:cb:48:47:ac:8d:7b:d9:b1:56:4c:64:25:15:17:22:
b0:f5:8a:75:61:ed:37:0b:a0:02:ae:5c:fb:5b:b5:ef:3d:32:
4a:1b:be:48:12:58:da:8e:9c:5b:b0:b7:90:98:73:3b:f2:14:
7f:2c:14:c5:1e:d8:91:34:59:22:4c:78:d4:70:1a:93:a5:6c:
08:97:d6:9b:dd:06:c2:a1:e7:ca:e4:fd:b7:1c:1f:db:6d:db:
48:07:3e:d7:0b:bb:af:0b:00:6c:e0:b3:42:c5:97:f9:82:a9:
29:47:55:4d:08:91:a2:82:e5:f1:96:5b:dd:27:f7:9b:1f:f0:
10:52:a0:e2:9f:bb:bb:be:68:36:98:8f:f4:12:46:56:0f:e5:
55:3f:31:cf:c4:ef:c5:a5:3a:a8:e2:e4:27:8e:7e:d4:04:32:
42:bb:e2:46:95:25:95:52:bc:fd:a2:6e:25:56:cd:8a:4d:95:
6c:81:27:19:f7:a5:a5:4c:c8:a0:63:87:4d:57:7e:2b:8e:9d:
fd:71:93:37
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIECpLOfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MGI5MGE1ZTE1OGJhMDkwOGZkYzgzY2M0MjQzZmU0MGM2ZGFiNDIzMB4XDTIyMDMw
NzEzMDAzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZhNTQ4NDdkOGFl
ZDljMTYxMWRjM2UzNjRmNTE1ODRiNmZhYjIxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKt9lq0AphmAWzVC4wDK6bhkfd2ooIIfwmwPqTOF1qizc1o2
CUfIqkg/7DmaKA1xPvGXvKhrHuyNaFfuvsamRRovaEVdEoQRnaMgWGmBalRrhTZV
0AjTGF8QcCfDCe5ojSR8X+02j3qCn6wYw6KEJ2PPHIpLkhs01NgWsKYucDiCLt/+
KL52yiDvyvCLEUNvFFTKCPMi2wf4XJv8nkyoef4YuJOSheakG+bCNyM/gwt7Yjgx
YTawtEia/kWB2x77ZASU531w0qlSkL47aY1Rsya4xfUYGokYClqZbmu99p+W7DOd
xK5pim8KGmajlf5d1nlrJ1kt+DjDoDwTz7XiLTcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTGpUhH2K7ZwWEdw+Nk9RWEtvqyGDAfBgNVHSMEGDAWgBRQuQpeFYugkI/c
g8xCQ/5Axtq0IzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VMa0tYaFdMb0pDUDNJUE1Ra1AtUU1iYXRDTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvNzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8x
L3hxVklSOWl1MmNGaEhjUGpaUFVWaExiNnNoZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
NzJkMjI2LWMzYjAtNDFmMy1iNGRiLTgzZmQ3MzgyZmYxMy8xL1VMa0tYaFdMb0pD
UDNJUE1Ra1AtUU1iYXRDTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wHQQCAAIwFzAOAwUAKgm+QQMFACoJvkQDBQAqCb5H
MA0GCSqGSIb3DQEBCwUAA4IBAQAjNLpMiNtOqDET3Z4uoixN8Vn6b4tkU1QzBKqn
dZ63H4UJKxQm4meSre913ttUqGGPoL21G56ooLnLSEesjXvZsVZMZCUVFyKw9Yp1
Ye03C6ACrlz7W7XvPTJKG75IEljajpxbsLeQmHM78hR/LBTFHtiRNFkiTHjUcBqT
pWwIl9ab3QbCoefK5P23HB/bbdtIBz7XC7uvCwBs4LNCxZf5gqkpR1VNCJGiguXx
llvdJ/ebH/AQUqDin7u7vmg2mI/0EkZWD+VVPzHPxO/FpTqo4uQnjn7UBDJCu+JG
lSWVUrz9om4lVs2KTZVsgScZ96WlTMigY4dNV34rjp39cZM3
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:23:11 2025 by rpki-client