Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/bqsYblKj7hcMS1s1tPb3Q-dO_OY.roa
File: bqsYblKj7hcMS1s1tPb3Q-dO_OY.roa (raw, json)
Hash identifier: C6NQjixTOIceoGsxhMeDSn6DTrvOtIxF3QPKT2AqmUU=
Subject key identifier: 6E:AB:18:6E:52:A3:EE:17:0C:4B:5B:35:B4:F6:F7:43:E7:4E:FC:E6
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 019421B20C1930CD3D4022DBDFC12D4CAD7A
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/bqsYblKj7hcMS1s1tPb3Q-dO_OY.roa
Signing time: Wed 01 Jan 2025 11:48:24 +0000
ROA not before: Wed 01 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25048
IP address blocks: 81.90.128.0/20 maxlen: 24
2a00:e20::/29 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:0c:19:30:cd:3d:40:22:db:df:c1:2d:4c:ad:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 1 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eab186e52a3ee170c4b5b35b4f6f743e74efce6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cc:40:16:87:be:cc:b0:ea:49:29:1d:39:70:
bd:bd:0b:80:f9:c5:b1:88:bd:fc:7d:de:c2:e9:5f:
76:e4:8f:5e:47:7a:ad:ed:dc:3d:69:fa:3b:67:e4:
c4:dc:28:98:fe:d8:0e:be:72:7c:0d:83:c9:f2:ec:
ba:3b:e0:09:ec:02:5e:90:69:ad:ec:e9:ce:0f:46:
b2:6c:f1:e1:15:d8:05:70:c4:10:ec:25:28:a4:f3:
37:a9:56:1a:5a:21:f9:44:d8:a9:7b:36:54:48:f1:
51:02:91:3c:60:4b:42:c0:6e:a4:ef:63:38:74:e7:
5a:58:67:02:18:dd:3a:7d:6e:d2:f3:72:3c:90:aa:
bc:43:14:ad:76:ce:a8:11:5c:48:ac:b6:ee:ff:89:
a4:5e:44:62:52:29:ad:3c:e4:59:f4:0b:1c:c7:fb:
43:b8:77:36:de:0d:91:8c:b3:5b:d1:2c:0e:4e:86:
de:d1:ad:c7:ce:38:9f:93:39:2c:6b:c6:89:46:81:
5b:70:99:1a:29:3a:96:ab:da:9e:f2:ca:c1:89:7e:
18:80:3a:ac:d6:1c:10:1b:17:45:9c:67:e7:61:94:
71:c9:a0:88:8b:6b:21:86:cf:46:0f:70:a1:7d:0c:
31:b5:5a:86:0a:81:14:dd:b1:10:3d:14:78:85:fa:
2b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:AB:18:6E:52:A3:EE:17:0C:4B:5B:35:B4:F6:F7:43:E7:4E:FC:E6
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/bqsYblKj7hcMS1s1tPb3Q-dO_OY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.128.0/20
IPv6:
2a00:e20::/29
Signature Algorithm: sha256WithRSAEncryption
09:d6:3c:01:ef:be:eb:1b:8d:eb:dd:83:68:24:19:32:ff:e8:
e0:9b:ac:b4:ba:02:80:a4:ca:7e:65:cc:0e:ca:9e:2b:91:2e:
8a:85:84:63:17:86:75:9f:97:75:95:a3:b8:e3:07:15:46:97:
04:fb:01:c3:b7:81:bc:b9:37:c6:57:2b:a6:a5:41:a8:76:c3:
e3:79:d6:0e:95:c1:7c:e7:52:c4:d9:e5:b2:ef:d2:2e:09:c4:
31:d7:4b:52:39:36:56:1a:2c:b7:f7:82:1d:d1:62:fb:bd:c0:
30:ff:0d:7a:93:d5:52:19:ab:a8:6d:90:4a:d0:91:41:64:2d:
85:ff:1f:a1:d6:e6:78:05:9e:3d:ca:b4:0c:bc:32:c4:6b:56:
21:75:94:44:03:ba:aa:88:85:ef:b2:2e:22:9d:49:1c:bc:ed:
06:b2:7d:be:d1:b3:2b:f6:eb:90:45:39:70:4f:2b:2d:f9:08:
ae:a1:b8:98:d4:11:09:82:42:af:17:16:af:d9:8c:eb:08:fa:
50:25:f5:6c:69:e2:4a:77:a5:cd:9c:7e:39:8e:36:00:57:d7:
4e:b5:7b:b0:6a:f2:7c:3c:95:8b:f8:28:d3:30:7d:79:c4:6e:
47:c4:16:57:86:32:2d:45:44:d9:2d:77:7c:1c:0d:02:8f:e7:
a7:8c:f8:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQhsgwZMM09QCLb38EtTK16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjUwMTAxMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWFiMTg2ZTUyYTNlZTE3MGM0YjViMzViNGY2Zjc0M2U3NGVmY2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncxAFoe+zLDqSSkdOXC9vQuA+cWx
iL38fd7C6V925I9eR3qt7dw9afo7Z+TE3CiY/tgOvnJ8DYPJ8uy6O+AJ7AJekGmt
7OnOD0aybPHhFdgFcMQQ7CUopPM3qVYaWiH5RNipezZUSPFRApE8YEtCwG6k72M4
dOdaWGcCGN06fW7S83I8kKq8QxStds6oEVxIrLbu/4mkXkRiUimtPORZ9Ascx/tD
uHc23g2RjLNb0SwOTobe0a3Hzjifkzksa8aJRoFbcJkaKTqWq9qe8srBiX4YgDqs
1hwQGxdFnGfnYZRxyaCIi2shhs9GD3ChfQwxtVqGCoEU3bEQPRR4hforpwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG6rGG5So+4XDEtbNbT290PnTvzmMB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEvYnFzWWJsS2o3aGNNUzFzMXRQYjNRLWRPX09ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQMqAA4gMA0GCSqGSIb3DQEBCwUAA4IBAQAJ1jwB777rG43r3YNoJBky
/+jgm6y0ugKApMp+ZcwOyp4rkS6KhYRjF4Z1n5d1laO44wcVRpcE+wHDt4G8uTfG
VyumpUGodsPjedYOlcF851LE2eWy79IuCcQx10tSOTZWGiy394Id0WL7vcAw/w16
k9VSGauobZBK0JFBZC2F/x+h1uZ4BZ49yrQMvDLEa1YhdZREA7qqiIXvsi4inUkc
vO0Gsn2+0bMr9uuQRTlwTyst+QiuobiY1BEJgkKvFxav2YzrCPpQJfVsaeJKd6XN
nH45jjYAV9dOtXuwavJ8PJWL+CjTMH15xG5HxBZXhjItRUTZLXd8HA0Cj+enjPgt
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:58:22 2025 by rpki-client