Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SEM4VbcNmzIxRFWqcWL3m_5pNpQ.roa
File: SEM4VbcNmzIxRFWqcWL3m_5pNpQ.roa (raw, json)
Hash identifier: /DVKl25en+CrCXua9JkgN0pM6vPVvWPuWXwVqS2d1rI=
Subject key identifier: 48:43:38:55:B7:0D:9B:32:31:44:55:AA:71:62:F7:9B:FE:69:36:94
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 0185B10B097C101D20238F255B24D0BD2895
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SEM4VbcNmzIxRFWqcWL3m_5pNpQ.roa
Signing time: Sat 14 Jan 2023 16:09:28 +0000
ROA not before: Sat 14 Jan 2023 16:09:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b1:0b:09:7c:10:1d:20:23:8f:25:5b:24:d0:bd:28:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Jan 14 16:09:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48433855b70d9b32314455aa7162f79bfe693694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8b:a5:de:48:26:c8:11:6c:74:25:6b:a0:77:
d8:b6:83:4b:62:29:b3:5a:a1:70:0b:37:51:73:a8:
65:af:ed:92:bd:86:13:d2:be:bb:b9:fb:00:3b:ca:
c5:1c:f9:79:bb:b9:33:66:d1:b0:d4:e1:d3:b7:1f:
0e:a9:da:5c:6b:92:8b:9d:b7:21:a1:e0:c2:1f:d7:
59:b7:44:bb:00:ee:de:3b:7a:25:20:48:94:43:77:
13:9a:43:e9:5c:1a:24:7b:76:bb:c5:6d:2f:28:c1:
c6:3f:90:5d:47:0e:43:4e:ca:8a:5e:dd:b4:ef:0c:
11:54:05:e8:35:16:e7:95:de:ec:0d:86:e2:60:36:
c4:ea:7a:19:16:30:2f:17:a4:2f:ca:00:ae:6d:05:
d6:16:16:b0:fa:d2:25:ca:2b:3a:7f:af:a5:1f:c3:
81:d7:89:74:eb:38:92:5c:fd:57:cd:e6:38:f9:8e:
91:be:40:b1:f1:b0:05:42:81:3a:ac:cd:01:65:dc:
1c:c0:83:a3:d1:e4:34:e9:de:13:94:00:e8:a0:bf:
82:5b:46:0a:22:87:14:17:0d:b5:29:33:64:a1:55:
fa:59:28:9f:1e:37:76:61:a0:ad:48:e2:e9:55:c4:
6f:04:0c:52:af:93:b9:b8:64:4a:91:fd:aa:c0:86:
7e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:43:38:55:B7:0D:9B:32:31:44:55:AA:71:62:F7:9B:FE:69:36:94
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/SEM4VbcNmzIxRFWqcWL3m_5pNpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
14:25:27:33:b5:eb:11:9f:04:ce:cd:de:a5:4a:97:ae:4e:54:
7e:16:6d:89:a8:b3:3e:7a:a0:38:42:1b:70:a2:86:77:c7:ea:
d9:cb:14:fa:58:f4:4c:a5:1b:b2:a5:a4:03:2e:4f:24:15:e0:
e7:ba:61:9a:76:63:14:38:e6:0f:6b:ee:95:17:83:7f:9e:c9:
42:c6:55:71:b4:0d:da:00:b0:48:48:82:21:55:e7:d5:ea:a9:
9d:de:ce:ea:6f:f1:eb:08:3e:c3:18:13:f9:8b:f1:3e:99:c0:
e5:9b:72:24:3a:32:19:aa:09:4c:65:f2:36:f0:32:36:10:07:
9f:30:59:6f:b0:97:fd:bd:ad:1d:83:67:aa:0d:9b:10:3f:a8:
1f:07:63:a0:85:b1:35:57:3c:c8:35:a0:22:64:3b:60:de:e2:
c8:3c:d4:5a:a9:b6:1b:dc:ed:48:9c:dc:a3:3e:e5:f1:30:a0:
99:c1:9a:5a:ae:2c:60:59:85:b4:93:6c:71:1b:48:88:24:3a:
54:ad:a9:ce:2e:88:f3:37:0b:6e:26:3b:75:00:78:e5:ea:74:
c9:c2:30:34:42:ab:77:47:8b:7d:d1:83:6b:5c:15:34:78:b0:
74:9b:64:99:13:61:48:25:f5:ae:47:85:2e:e7:ce:75:15:a6:
f1:16:3f:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYWxCwl8EB0gI48lWyTQvSiVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjMwMTE0MTYwOTI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODQzMzg1NWI3MGQ5YjMyMzE0NDU1YWE3MTYyZjc5YmZlNjkzNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4ul3kgmyBFsdCVroHfYtoNLYimz
WqFwCzdRc6hlr+2SvYYT0r67ufsAO8rFHPl5u7kzZtGw1OHTtx8Oqdpca5KLnbch
oeDCH9dZt0S7AO7eO3olIEiUQ3cTmkPpXBoke3a7xW0vKMHGP5BdRw5DTsqKXt20
7wwRVAXoNRbnld7sDYbiYDbE6noZFjAvF6QvygCubQXWFhaw+tIlyis6f6+lH8OB
14l06ziSXP1XzeY4+Y6RvkCx8bAFQoE6rM0BZdwcwIOj0eQ06d4TlADooL+CW0YK
IocUFw21KTNkoVX6WSifHjd2YaCtSOLpVcRvBAxSr5O5uGRKkf2qwIZ+jQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEhDOFW3DZsyMURVqnFi95v+aTaUMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU0VNNFZiY05tekl4UkZXcWNXTDNtXzVwTnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBABQlJzO16xGfBM7N3qVK
l65OVH4WbYmosz56oDhCG3CihnfH6tnLFPpY9EylG7KlpAMuTyQV4Oe6YZp2YxQ4
5g9r7pUXg3+eyULGVXG0DdoAsEhIgiFV59XqqZ3ezupv8esIPsMYE/mL8T6ZwOWb
ciQ6MhmqCUxl8jbwMjYQB58wWW+wl/29rR2DZ6oNmxA/qB8HY6CFsTVXPMg1oCJk
O2De4sg81Fqpthvc7Uic3KM+5fEwoJnBmlquLGBZhbSTbHEbSIgkOlStqc4uiPM3
C24mO3UAeOXqdMnCMDRCq3dHi33Rg2tcFTR4sHSbZJkTYUgl9a5HhS7nznUVpvEW
P0Y=
-----END CERTIFICATE-----
Generated at Wed Apr 30 17:42:46 2025 by rpki-client