Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/BlSKEWV8a0Pu0DQWSBEZ8E6j6Ig.roa
File: BlSKEWV8a0Pu0DQWSBEZ8E6j6Ig.roa (raw, json)
Hash identifier: E+fl2IDftOEsy56bvfa1HOBzyBMqnDbK6GEdF9F9KeI=
Subject key identifier: 06:54:8A:11:65:7C:6B:43:EE:D0:34:16:48:11:19:F0:4E:A3:E8:88
Certificate issuer: /CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Certificate serial: 01942067CE0F2A237ECC997B96D42DE6F326
Authority key identifier: 96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/BlSKEWV8a0Pu0DQWSBEZ8E6j6Ig.roa
Signing time: Wed 01 Jan 2025 05:47:41 +0000
ROA not before: Wed 01 Jan 2025 05:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55002
IP address blocks: 87.239.121.0/24 maxlen: 24
87.239.122.0/24 maxlen: 24
87.239.123.0/24 maxlen: 24
87.239.124.0/24 maxlen: 24
87.239.125.0/24 maxlen: 24
87.239.126.0/24 maxlen: 24
87.239.127.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:ce:0f:2a:23:7e:cc:99:7b:96:d4:2d:e6:f3:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969ceda5bf37901fe9e44f73b5bf82b687b34572
Validity
Not Before: Jan 1 05:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06548a11657c6b43eed03416481119f04ea3e888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:41:c1:f6:c0:37:aa:b8:ee:ad:96:de:b7:ad:
d0:db:d1:74:f2:8a:e4:a1:82:8c:33:d2:69:91:f8:
88:b6:9e:f2:be:28:c7:61:8e:0f:a8:15:e0:16:88:
fc:d3:eb:5e:49:9c:5c:5f:27:b9:6b:92:b3:56:79:
da:0d:7d:8b:08:44:09:9b:24:92:f3:92:42:2b:24:
f5:95:5d:a3:1f:2c:ab:72:3d:f6:28:b2:a7:7c:c7:
1c:b5:ed:5a:77:1c:81:24:39:7d:bf:d5:77:17:92:
84:55:bc:42:35:90:18:17:46:b5:0d:bc:e0:30:5e:
2a:1b:57:3a:d0:7b:b8:d6:db:c2:1e:c8:d8:ec:b8:
05:0d:f1:73:03:1b:20:da:6c:84:1e:a6:2b:93:e8:
57:31:0e:a8:c6:62:17:1c:76:81:cf:a7:cd:72:83:
e3:bf:8d:54:6c:f7:ae:de:3e:0d:5a:e6:9a:de:7a:
fb:ba:47:8c:da:56:16:de:59:7f:d1:69:68:bf:af:
38:88:e5:66:1e:5b:bb:e5:63:01:78:0a:a5:23:3b:
06:2d:11:56:e9:c4:8f:c9:b1:31:cc:8e:5c:42:d4:
e8:b2:eb:18:06:3d:99:89:2b:8e:e4:94:dd:21:e1:
f9:f9:45:dd:54:d7:06:ef:86:33:0d:89:87:85:f7:
42:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:54:8A:11:65:7C:6B:43:EE:D0:34:16:48:11:19:F0:4E:A3:E8:88
X509v3 Authority Key Identifier:
keyid:96:9C:ED:A5:BF:37:90:1F:E9:E4:4F:73:B5:BF:82:B6:87:B3:45:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lpztpb83kB_p5E9ztb-CtoezRXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/BlSKEWV8a0Pu0DQWSBEZ8E6j6Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/5cffd2-b568-4d55-a124-21fc9afc8ac1/1/lpztpb83kB_p5E9ztb-CtoezRXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.121.0-87.239.127.255
Signature Algorithm: sha256WithRSAEncryption
72:4f:dd:1a:73:55:e9:1c:8f:ce:ac:37:c0:54:59:05:99:86:
99:73:d0:03:3e:31:16:0b:5b:92:9a:73:e0:a3:ca:21:91:5b:
42:da:b4:2d:d3:f7:90:e2:6e:c4:d7:08:15:89:25:15:3e:44:
79:ec:ea:ce:d9:c8:c6:00:48:0f:7e:d2:15:54:e4:f0:89:75:
00:a0:dd:c1:bd:49:ba:07:79:cc:56:29:28:ef:c9:c1:ec:7e:
57:88:9a:99:d8:60:e2:0e:c4:b7:24:89:01:1f:45:0d:30:34:
e5:a8:ea:73:59:9a:2f:69:ad:1a:c4:ba:66:2f:bd:95:c1:9a:
2e:1c:17:c7:d9:f8:2d:e1:91:2b:d0:1d:df:57:a5:e0:11:1e:
ec:e3:2f:7e:3c:79:43:c6:f0:db:0c:53:46:60:bc:dd:f6:81:
a4:03:54:03:01:fd:ea:3b:3b:3f:f8:4b:0a:d3:51:4a:ae:87:
d8:8c:f8:a4:f1:bf:e3:29:19:11:a2:21:28:33:b6:2a:64:dc:
a1:6c:bc:3e:bc:42:7d:a9:ec:35:04:ec:a6:9e:65:ad:00:ef:
2a:95:5d:37:b5:ec:fb:98:e2:7b:3e:ee:a0:2d:51:6b:39:48:
65:36:5e:e8:18:72:78:90:65:d9:bf:e9:5e:36:c7:5a:15:ba:
f0:81:c4:82
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQgZ84PKiN+zJl7ltQt5vMmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2OWNlZGE1YmYzNzkwMWZlOWU0NGY3M2I1YmY4MmI2ODdi
MzQ1NzIwHhcNMjUwMTAxMDU0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU0OGExMTY1N2M2YjQzZWVkMDM0MTY0ODExMTlmMDRlYTNlODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEHB9sA3qrjurZbet63Q29F08ork
oYKMM9JpkfiItp7yvijHYY4PqBXgFoj80+teSZxcXye5a5KzVnnaDX2LCEQJmySS
85JCKyT1lV2jHyyrcj32KLKnfMccte1adxyBJDl9v9V3F5KEVbxCNZAYF0a1Dbzg
MF4qG1c60Hu41tvCHsjY7LgFDfFzAxsg2myEHqYrk+hXMQ6oxmIXHHaBz6fNcoPj
v41UbPeu3j4NWuaa3nr7ukeM2lYW3ll/0Wlov684iOVmHlu75WMBeAqlIzsGLRFW
6cSPybExzI5cQtTosusYBj2ZiSuO5JTdIeH5+UXdVNcG74YzDYmHhfdC4wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAZUihFlfGtD7tA0FkgRGfBOo+iIMB8GA1UdIwQY
MBaAFJac7aW/N5Af6eRPc7W/graHs0VyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQt
MjFmYzlhZmM4YWMxLzEvQmxTS0VXVjhhMFB1MERRV1NCRVo4RTZqNklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS81Y2ZmZDItYjU2OC00ZDU1LWExMjQtMjFmYzlhZmM4YWMx
LzEvbHB6dHBiODNrQl9wNUU5enRiLUN0b2V6UlhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABX73kD
BAdX7wAwDQYJKoZIhvcNAQELBQADggEBAHJP3RpzVekcj86sN8BUWQWZhplz0AM+
MRYLW5Kac+CjyiGRW0LatC3T95DibsTXCBWJJRU+RHns6s7ZyMYASA9+0hVU5PCJ
dQCg3cG9SboHecxWKSjvycHsfleImpnYYOIOxLckiQEfRQ0wNOWo6nNZmi9prRrE
umYvvZXBmi4cF8fZ+C3hkSvQHd9XpeARHuzjL348eUPG8NsMU0ZgvN32gaQDVAMB
/eo7Oz/4SwrTUUquh9iM+KTxv+MpGRGiISgztipk3KFsvD68Qn2p7DUE7KaeZa0A
7yqVXTe17PuY4ns+7qAtUWs5SGU2XugYcniQZdm/6V42x1oVuvCBxII=
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:42:21 2025 by rpki-client