Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BLE50oiwfy0PvlmcGQF1EgpH-Ds.roa
File: BLE50oiwfy0PvlmcGQF1EgpH-Ds.roa (raw, json)
Hash identifier: PB+oTOSbBOkEMG1mvckLFODwf5nxd+9ZP4x8BfP1KWw=
Subject key identifier: 04:B1:39:D2:88:B0:7F:2D:0F:BE:59:9C:19:01:75:12:0A:47:F8:3B
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019421B2384D9F6B21AE1BEB3AB23B6A536F
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BLE50oiwfy0PvlmcGQF1EgpH-Ds.roa
Signing time: Wed 01 Jan 2025 11:48:35 +0000
ROA not before: Wed 01 Jan 2025 11:48:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44364
IP address blocks: 2a09:cc0::/48 maxlen: 48
2a09:1240::/48 maxlen: 48
2a09:4740::/48 maxlen: 48
2a09:47c0::/48 maxlen: 48
2a09:9cc0::/48 maxlen: 48
2a09:9d40::/48 maxlen: 48
2a09:9dc0::/48 maxlen: 48
2a09:9e40::/48 maxlen: 48
2a09:a080::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:38:4d:9f:6b:21:ae:1b:eb:3a:b2:3b:6a:53:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 11:48:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04b139d288b07f2d0fbe599c190175120a47f83b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ea:48:36:d2:6d:45:1d:ec:5d:85:8e:90:e5:
ad:a7:97:94:a2:82:32:e7:22:4b:04:50:a3:65:6b:
94:0e:e6:ee:3b:e1:13:e5:e0:c8:8e:45:68:38:7f:
d8:de:7c:ab:a6:0a:b0:74:69:a0:a8:5d:d1:cc:1b:
05:40:94:2f:cb:98:32:20:8a:bb:37:ea:cf:5b:ad:
7f:25:8a:b1:b6:a2:19:fe:67:f1:dc:3e:fe:97:cd:
d3:89:74:a7:3b:15:fc:63:b3:68:6b:20:0c:5e:05:
41:ce:28:64:5c:9c:a9:96:73:e9:fd:4f:98:6f:06:
8e:60:6f:0c:61:de:c3:75:72:02:01:bf:7d:67:f0:
91:c7:6c:68:37:eb:a1:36:37:3f:4d:6e:10:77:6b:
ad:78:dc:16:e1:e4:22:67:41:a3:c9:0a:7c:2a:bd:
47:37:f2:4c:6b:1f:06:b8:a0:41:5c:13:c0:a8:0b:
76:e6:e2:7e:35:f9:a2:92:54:ee:eb:65:cf:d5:52:
bb:a2:b2:a8:82:0e:f1:f0:36:67:e8:75:f7:c9:4a:
3b:c0:82:6f:cd:63:00:c0:d0:b4:c5:d6:57:a4:18:
1d:86:a0:69:e0:8a:6a:ee:d4:77:f0:c7:af:07:f6:
ce:b2:a8:ce:76:35:f2:35:f9:de:49:8e:39:eb:0d:
13:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B1:39:D2:88:B0:7F:2D:0F:BE:59:9C:19:01:75:12:0A:47:F8:3B
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/BLE50oiwfy0PvlmcGQF1EgpH-Ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:cc0::/48
2a09:1240::/48
2a09:4740::/48
2a09:47c0::/48
2a09:9cc0::/48
2a09:9d40::/48
2a09:9dc0::/48
2a09:9e40::/48
2a09:a080::/48
Signature Algorithm: sha256WithRSAEncryption
9f:c2:6c:5f:f0:fb:08:d2:33:bf:2a:3e:43:bf:78:2d:12:bc:
70:40:4f:9a:b1:64:d4:5d:11:c3:50:3a:02:c6:f1:c7:0d:a8:
35:05:24:ed:7b:4f:3a:01:33:0c:e4:33:f2:d8:5e:3d:b0:28:
ef:02:4a:8c:58:65:c0:36:07:3d:df:c9:d3:52:2d:c6:53:81:
f2:94:9b:c3:5f:a0:c1:32:f7:0e:f5:62:86:29:3e:8f:8c:df:
33:3b:e1:6e:93:c7:53:03:4e:02:a2:df:d4:d1:08:62:8b:99:
b5:85:15:ce:2b:9e:d2:82:98:2f:e3:62:3c:e4:54:9a:ad:8e:
65:a6:84:ea:75:d0:23:cf:9f:ac:17:0c:5c:7b:d8:2d:33:d0:
20:57:f0:8f:1f:cd:9c:1f:42:f5:38:28:3c:10:f2:ab:e0:a4:
d7:e6:e3:24:9a:c7:48:26:d4:ec:bc:f5:3b:f7:4a:4b:cd:4a:
79:af:46:b9:a8:42:b1:a5:07:e9:1d:83:ff:66:10:c8:83:ad:
a1:39:c4:9c:6d:91:78:d9:da:d4:22:0c:20:93:07:6c:84:db:
aa:2d:6c:b7:58:10:e5:31:f7:73:6e:30:36:ad:2c:e1:f3:25:
c3:11:a4:93:c9:a9:bc:3c:6f:bc:92:72:74:ea:18:a4:08:ed:
f4:81:98:81
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQhsjhNn2shrhvrOrI7alNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwMTAxMTE0ODM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGIxMzlkMjg4YjA3ZjJkMGZiZTU5OWMxOTAxNzUxMjBhNDdmODNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+pINtJtRR3sXYWOkOWtp5eUooIy
5yJLBFCjZWuUDubuO+ET5eDIjkVoOH/Y3nyrpgqwdGmgqF3RzBsFQJQvy5gyIIq7
N+rPW61/JYqxtqIZ/mfx3D7+l83TiXSnOxX8Y7NoayAMXgVBzihkXJyplnPp/U+Y
bwaOYG8MYd7DdXICAb99Z/CRx2xoN+uhNjc/TW4Qd2uteNwW4eQiZ0GjyQp8Kr1H
N/JMax8GuKBBXBPAqAt25uJ+NfmiklTu62XP1VK7orKogg7x8DZn6HX3yUo7wIJv
zWMAwNC0xdZXpBgdhqBp4Ipq7tR38MevB/bOsqjOdjXyNfneSY456w0TmQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFASxOdKIsH8tD75ZnBkBdRIKR/g7MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvQkxFNTBvaXdmeTBQdmxtY0dRRjFFZ3BILURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgkMwAAA
AwcAKgkSQAAAAwcAKglHQAAAAwcAKglHwAAAAwcAKgmcwAAAAwcAKgmdQAAAAwcA
KgmdwAAAAwcAKgmeQAAAAwcAKgmggAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCfwmxf
8PsI0jO/Kj5Dv3gtErxwQE+asWTUXRHDUDoCxvHHDag1BSTte086ATMM5DPy2F49
sCjvAkqMWGXANgc938nTUi3GU4HylJvDX6DBMvcO9WKGKT6PjN8zO+Fuk8dTA04C
ot/U0Qhii5m1hRXOK57Sgpgv42I85FSarY5lpoTqddAjz5+sFwxce9gtM9AgV/CP
H82cH0L1OCg8EPKr4KTX5uMkmsdIJtTsvPU790pLzUp5r0a5qEKxpQfpHYP/ZhDI
g62hOcScbZF42drUIgwgkwdshNuqLWy3WBDlMfdzbjA2rSzh8yXDEaSTyam8PG+8
knJ06hikCO30gZiB
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:37:34 2025 by rpki-client