Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/BLIbcZ8gVGAjnHegyR2lqH6xAJM.roa
File: BLIbcZ8gVGAjnHegyR2lqH6xAJM.roa (raw, json)
Hash identifier: Bj27w9uQHRhZtkX+wPrDSZtYcxRX/Qm5XlGgHnKEj+g=
Subject key identifier: 04:B2:1B:71:9F:20:54:60:23:9C:77:A0:C9:1D:A5:A8:7E:B1:00:93
Certificate issuer: /CN=c9b232958097b5863eafd047bb315171eaa01fb7
Certificate serial: 0194228E087AFD24F29DBFBC07B874551812
Authority key identifier: C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/BLIbcZ8gVGAjnHegyR2lqH6xAJM.roa
Signing time: Wed 01 Jan 2025 15:48:41 +0000
ROA not before: Wed 01 Jan 2025 15:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12672
IP address blocks: 2a00:ff0:8888::/48 maxlen: 48
2a00:ff0:9999::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:08:7a:fd:24:f2:9d:bf:bc:07:b8:74:55:18:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b232958097b5863eafd047bb315171eaa01fb7
Validity
Not Before: Jan 1 15:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04b21b719f205460239c77a0c91da5a87eb10093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4a:86:09:ae:82:98:1b:b1:1c:3f:4e:6d:d2:
98:b7:50:8a:a5:41:9d:44:0f:8c:b2:a6:4a:61:1c:
76:fb:81:1d:63:03:e3:65:57:f0:21:76:14:3d:e4:
eb:c0:11:31:75:f7:aa:ad:e4:61:ce:67:9b:48:d2:
b8:5f:6a:69:e6:93:0e:d0:1e:e0:ae:bf:5e:bf:eb:
3d:e9:81:7c:29:0c:de:72:bf:0c:8e:a9:f1:65:af:
73:af:48:19:a8:19:77:0e:1d:e5:58:f0:df:67:7e:
95:db:20:f1:a1:a7:58:80:d4:9c:e3:3c:f1:5b:2a:
b0:77:c7:1b:88:db:4b:51:11:16:57:b7:80:a8:f7:
46:0c:40:cf:06:6d:a9:f5:67:4a:08:c6:85:e8:33:
5d:6f:28:1e:aa:49:68:67:78:f2:7c:7c:a8:7e:92:
11:cc:87:59:77:c8:66:2d:6c:05:ad:fe:c9:e1:dd:
4e:ef:a5:c8:09:e6:29:d4:27:81:24:30:cb:d9:5e:
d5:d4:39:5c:51:c8:b4:e1:83:47:55:87:20:7d:c5:
2f:9d:a7:77:4e:43:c0:6c:a0:b7:ae:e7:a9:47:d2:
02:31:dc:c0:be:9b:f0:51:c7:07:a3:c1:cf:69:06:
be:d0:98:4d:16:b6:6a:4b:ea:12:67:5d:f4:bc:a4:
fd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B2:1B:71:9F:20:54:60:23:9C:77:A0:C9:1D:A5:A8:7E:B1:00:93
X509v3 Authority Key Identifier:
keyid:C9:B2:32:95:80:97:B5:86:3E:AF:D0:47:BB:31:51:71:EA:A0:1F:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybIylYCXtYY-r9BHuzFRceqgH7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/BLIbcZ8gVGAjnHegyR2lqH6xAJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/f35432-cf99-4f19-a76e-07b7fef0858f/1/ybIylYCXtYY-r9BHuzFRceqgH7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ff0:8888::/48
2a00:ff0:9999::/48
Signature Algorithm: sha256WithRSAEncryption
8f:8a:21:06:8e:c8:9c:ac:39:90:f3:06:9e:a1:ad:b4:07:b2:
fa:56:d4:d2:32:cd:25:6b:a6:3e:4c:2f:2e:3b:4f:c8:61:93:
4c:c2:96:52:bf:b9:12:36:f2:d9:a7:48:24:ad:6e:f7:cb:2a:
56:64:9b:eb:fe:97:29:9e:d7:9b:88:50:46:3b:ab:b8:e4:cf:
dd:c4:42:f2:a1:9d:cc:2a:53:c4:b5:fd:9b:3a:79:40:c1:df:
1c:c0:f9:bb:28:af:fa:8a:3e:6e:0e:2d:67:65:b0:83:ea:5b:
7b:a4:02:1d:46:7e:9c:c0:1c:e8:11:6f:ac:74:95:e2:05:79:
9b:19:09:14:e6:39:4e:48:52:38:c8:be:1c:fb:93:52:b9:f0:
1b:26:90:1b:bc:4c:8e:c0:a1:ad:70:05:43:b9:4b:56:7f:17:
a6:83:d6:2c:f2:0d:90:f8:91:4d:1a:cd:f2:5a:74:cf:18:05:
2d:35:67:05:ca:f5:5a:a3:fe:17:a2:77:93:63:f5:3b:6d:d4:
64:65:60:f7:c3:e4:ad:f1:ae:27:2b:4c:93:67:7b:7a:62:0f:
17:31:99:ef:fe:fd:53:49:ef:d5:0e:78:73:ba:69:b3:74:87:
ac:52:6d:ac:b0:13:70:d8:af:1b:d9:f2:27:59:fe:bf:88:fa:
b8:e4:4b:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijgh6/STynb+8B7h0VRgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YjIzMjk1ODA5N2I1ODYzZWFmZDA0N2JiMzE1MTcxZWFh
MDFmYjcwHhcNMjUwMTAxMTU0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGIyMWI3MTlmMjA1NDYwMjM5Yzc3YTBjOTFkYTVhODdlYjEwMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUqGCa6CmBuxHD9ObdKYt1CKpUGd
RA+MsqZKYRx2+4EdYwPjZVfwIXYUPeTrwBExdfeqreRhzmebSNK4X2pp5pMO0B7g
rr9ev+s96YF8KQzecr8MjqnxZa9zr0gZqBl3Dh3lWPDfZ36V2yDxoadYgNSc4zzx
Wyqwd8cbiNtLUREWV7eAqPdGDEDPBm2p9WdKCMaF6DNdbygeqkloZ3jyfHyofpIR
zIdZd8hmLWwFrf7J4d1O76XICeYp1CeBJDDL2V7V1DlcUci04YNHVYcgfcUvnad3
TkPAbKC3ruepR9ICMdzAvpvwUccHo8HPaQa+0JhNFrZqS+oSZ130vKT9WwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFASyG3GfIFRgI5x3oMkdpah+sQCTMB8GA1UdIwQY
MBaAFMmyMpWAl7WGPq/QR7sxUXHqoB+3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUt
MDdiN2ZlZjA4NThmLzEvQkxJYmNaOGdWR0FqbkhlZ3lSMmxxSDZ4QUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS9mMzU0MzItY2Y5OS00ZjE5LWE3NmUtMDdiN2ZlZjA4NThm
LzEveWJJeWxZQ1h0WVktcjlCSHV6RlJjZXFnSDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgAP8IiI
AwcAKgAP8JmZMA0GCSqGSIb3DQEBCwUAA4IBAQCPiiEGjsicrDmQ8waeoa20B7L6
VtTSMs0la6Y+TC8uO0/IYZNMwpZSv7kSNvLZp0gkrW73yypWZJvr/pcpntebiFBG
O6u45M/dxELyoZ3MKlPEtf2bOnlAwd8cwPm7KK/6ij5uDi1nZbCD6lt7pAIdRn6c
wBzoEW+sdJXiBXmbGQkU5jlOSFI4yL4c+5NSufAbJpAbvEyOwKGtcAVDuUtWfxem
g9Ys8g2Q+JFNGs3yWnTPGAUtNWcFyvVao/4XoneTY/U7bdRkZWD3w+St8a4nK0yT
Z3t6Yg8XMZnv/v1TSe/VDnhzummzdIesUm2ssBNw2K8b2fInWf6/iPq45Eu2
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:32:27 2025 by rpki-client on console.sobornost.net