Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PB-SM2btichtCuIKI4tWNxvr66M.roa
File: PB-SM2btichtCuIKI4tWNxvr66M.roa (raw, json)
Hash identifier: u/heJeg2kUGhqaOE3G/S4JMBBLZG5zlcgj4J9nP+AQA=
Subject key identifier: 3C:1F:92:33:66:ED:89:C8:6D:0A:E2:0A:23:8B:56:37:1B:EB:EB:A3
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 018536F3935F95698E3396A85FD3CABD20B2
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PB-SM2btichtCuIKI4tWNxvr66M.roa
Signing time: Wed 21 Dec 2022 23:10:10 +0000
ROA not before: Wed 21 Dec 2022 23:10:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:f3:93:5f:95:69:8e:33:96:a8:5f:d3:ca:bd:20:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 21 23:10:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c1f923366ed89c86d0ae20a238b56371bebeba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ed:81:e5:9f:9f:3c:dc:ce:28:f6:ea:dc:2d:
a1:d8:1f:3d:9d:3b:9f:7a:10:46:e7:cf:5c:20:e8:
7c:09:08:ba:2e:c0:af:f8:9b:49:83:73:ef:f4:1d:
1a:69:a0:b5:8a:40:94:d5:4f:b7:48:c9:f2:0f:dd:
d5:08:08:28:34:97:7d:8e:65:12:41:e7:1d:96:83:
20:a3:a3:2a:91:a5:62:b0:5a:7c:ee:50:9d:80:95:
4d:b8:ab:1a:d7:ad:92:26:42:49:2d:90:92:b4:e3:
7a:63:d4:87:9c:e0:9b:d6:22:7c:af:65:a6:d9:13:
cf:e9:f9:51:82:73:81:39:2f:76:c1:b8:f7:71:2f:
87:86:91:99:50:48:2b:a7:c8:c8:c5:af:44:ed:28:
d8:55:a5:c2:a3:67:96:c1:3a:a9:25:aa:cb:2c:a6:
0b:66:67:62:48:09:6e:5e:49:d7:ee:03:f0:57:3d:
9a:72:02:81:d7:b1:89:de:19:57:b5:bb:2d:b9:9c:
a5:4a:b0:11:ef:b3:2d:1c:96:d8:d4:86:38:2c:0c:
22:7e:fd:d4:fb:1e:2b:1f:3c:9e:14:df:9f:79:cf:
b2:72:0f:53:93:51:2b:a8:56:de:5b:f9:5e:ac:aa:
51:91:58:de:28:d6:da:ff:06:17:18:cd:de:8d:b1:
6b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:1F:92:33:66:ED:89:C8:6D:0A:E2:0A:23:8B:56:37:1B:EB:EB:A3
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/PB-SM2btichtCuIKI4tWNxvr66M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
5c:ca:e2:5f:6d:80:7b:45:db:52:92:08:80:b6:16:07:20:fd:
cc:2a:9a:ed:09:ca:c8:5b:ea:a4:ea:23:9f:ed:c4:d8:08:3a:
c9:78:48:18:50:54:f2:af:43:61:64:06:ff:71:ba:e7:ba:db:
eb:5c:75:23:c9:ca:e0:8b:d4:02:81:5d:40:4a:9c:95:fb:8b:
d2:e3:f6:98:d9:3b:de:21:23:ac:7c:ab:07:a9:7e:4f:b8:07:
37:ca:db:bc:3d:f0:9c:63:81:e8:f4:c7:d5:75:37:bc:4a:e6:
03:83:f3:56:32:cc:b3:c2:40:c7:72:a1:bc:0a:18:1f:8b:88:
d6:6e:e4:80:40:83:39:e2:15:f7:e8:1b:8b:7d:cc:d5:89:2a:
35:0a:66:e3:3c:70:41:ad:31:a8:89:08:ba:4a:1c:11:b3:dc:
ee:54:73:bc:cd:eb:ec:1c:4b:02:80:1f:6c:e5:7c:1b:40:82:
bf:4f:7d:f5:a8:76:8b:12:81:4f:0d:87:14:03:7c:92:9c:06:
d6:4d:46:bb:66:e4:82:cd:71:2d:a7:4b:73:15:51:22:4b:65:
e7:f0:98:ba:a4:40:17:c3:46:a2:00:43:c8:be:d2:6f:4d:28:
21:93:97:15:f5:d6:6d:09:0d:19:ed:a4:b6:95:8e:ca:52:66:
bc:99:1c:e9
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYU285NflWmOM5aoX9PKvSCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIxMjMxMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzFmOTIzMzY2ZWQ4OWM4NmQwYWUyMGEyMzhiNTYzNzFiZWJlYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuu2B5Z+fPNzOKPbq3C2h2B89nTuf
ehBG589cIOh8CQi6LsCv+JtJg3Pv9B0aaaC1ikCU1U+3SMnyD93VCAgoNJd9jmUS
QecdloMgo6MqkaVisFp87lCdgJVNuKsa162SJkJJLZCStON6Y9SHnOCb1iJ8r2Wm
2RPP6flRgnOBOS92wbj3cS+HhpGZUEgrp8jIxa9E7SjYVaXCo2eWwTqpJarLLKYL
ZmdiSAluXknX7gPwVz2acgKB17GJ3hlXtbstuZylSrAR77MtHJbY1IY4LAwifv3U
+x4rHzyeFN+fec+ycg9Tk1ErqFbeW/lerKpRkVjeKNba/wYXGM3ejbFrqwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDwfkjNm7YnIbQriCiOLVjcb6+ujMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvUEItU00yYnRpY2h0Q3VJS0k0dFdOeHZyNjZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAFzK4l9tgHtF21KSCIC2
Fgcg/cwqmu0Jyshb6qTqI5/txNgIOsl4SBhQVPKvQ2FkBv9xuue62+tcdSPJyuCL
1AKBXUBKnJX7i9Lj9pjZO94hI6x8qwepfk+4BzfK27w98Jxjgej0x9V1N7xK5gOD
81YyzLPCQMdyobwKGB+LiNZu5IBAgzniFffoG4t9zNWJKjUKZuM8cEGtMaiJCLpK
HBGz3O5Uc7zN6+wcSwKAH2zlfBtAgr9PffWodosSgU8NhxQDfJKcBtZNRrtm5ILN
cS2nS3MVUSJLZefwmLqkQBfDRqIAQ8i+0m9NKCGTlxX11m0JDRntpLaVjspSZryZ
HOk=
-----END CERTIFICATE-----
Generated at Wed Apr 30 18:07:36 2025 by rpki-client