Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sm4emMKfhe1cCr5IvFEyRlNR_i0.roa
File: Sm4emMKfhe1cCr5IvFEyRlNR_i0.roa (raw, json)
Hash identifier: OF4xoLM3D+BFeEZkqQuoijtAORvFt1p+ag7WyKpQmNQ=
Subject key identifier: 4A:6E:1E:98:C2:9F:85:ED:5C:0A:BE:48:BC:51:32:46:53:51:FE:2D
Certificate issuer: /CN=72047be15b275902dcf617dc3d0e16dc1f308022
Certificate serial: 01854108EAC727821C5E645A19CCA96FB737
Authority key identifier: 72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sm4emMKfhe1cCr5IvFEyRlNR_i0.roa
Signing time: Fri 23 Dec 2022 22:09:41 +0000
ROA not before: Fri 23 Dec 2022 22:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:185:3dcc:d8f/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:41:08:ea:c7:27:82:1c:5e:64:5a:19:cc:a9:6f:b7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72047be15b275902dcf617dc3d0e16dc1f308022
Validity
Not Before: Dec 23 22:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a6e1e98c29f85ed5c0abe48bc5132465351fe2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:ba:8e:a0:20:d0:64:a5:89:bc:c6:bd:48:
ba:bf:91:35:db:f8:ee:f2:d7:7d:0b:af:39:5b:24:
d4:ee:30:5e:5e:ae:2f:4f:71:14:5f:09:df:3e:6b:
13:fd:a3:ab:3f:fa:05:ae:81:1a:dd:cc:53:da:da:
e7:ad:9e:48:ab:cc:37:ef:b7:01:a2:c5:c8:03:6f:
7e:6b:83:2e:61:f1:48:b4:b7:e9:ac:f1:df:f8:fc:
d3:1f:5a:a2:65:58:52:7b:13:08:10:3e:54:72:28:
02:ed:45:47:59:75:c1:44:e9:bf:d4:c9:2e:9f:e4:
a6:28:cb:55:4c:87:50:59:7f:49:62:36:87:86:b0:
68:bf:a2:99:32:6c:f1:70:b5:f0:86:e5:26:a0:69:
f1:9e:54:6e:de:7d:94:d7:27:0e:29:4b:f0:31:52:
1c:fd:11:31:f7:78:f4:5b:ed:cd:4b:b1:37:25:ad:
60:eb:5e:42:b6:5c:0a:61:11:90:92:3f:85:61:40:
d3:bc:06:47:61:01:59:9f:2d:41:d5:f7:ce:b0:40:
21:f4:57:c4:83:b6:e4:00:89:68:ce:b0:76:d0:7d:
d4:2d:ac:43:00:4e:20:68:22:d4:b8:12:49:a0:69:
55:23:bc:9f:7d:62:2f:5d:89:07:31:29:66:0a:74:
0b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6E:1E:98:C2:9F:85:ED:5C:0A:BE:48:BC:51:32:46:53:51:FE:2D
X509v3 Authority Key Identifier:
keyid:72:04:7B:E1:5B:27:59:02:DC:F6:17:DC:3D:0E:16:DC:1F:30:80:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgR74VsnWQLc9hfcPQ4W3B8wgCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/Sm4emMKfhe1cCr5IvFEyRlNR_i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/798447-21f4-45ab-99dc-1abe3ac10aa6/1/cgR74VsnWQLc9hfcPQ4W3B8wgCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
8c:07:82:d9:0e:87:63:9a:d2:03:08:a0:4b:69:91:13:c2:56:
55:1e:60:6c:56:ca:c3:be:88:bb:6f:91:22:31:43:e1:a8:18:
c3:c0:76:9b:16:e5:50:62:c3:6a:84:08:47:ff:72:d4:fa:71:
da:6e:4a:3f:48:4a:cb:10:f3:c5:5e:8c:9d:b6:0c:d5:10:b6:
7a:e3:6f:1b:e8:5b:a7:b2:38:ab:1f:dd:36:8f:cb:ac:5c:60:
61:c7:44:41:b3:81:d3:2c:65:6b:9e:05:25:13:12:2b:63:e9:
7e:fb:f1:0e:ae:be:d3:ed:e8:b0:f2:a6:67:f1:70:d5:dd:0c:
ba:87:7b:cd:47:b1:f2:80:be:49:4e:6f:a2:d6:5a:c0:78:93:
27:7c:20:23:09:38:6e:74:aa:71:b9:86:a3:a0:ad:fe:c2:cc:
6f:06:94:32:7d:09:5e:48:c3:c7:af:56:d5:cf:96:1d:d8:f7:
b5:ab:05:15:62:8f:07:bf:59:96:67:76:5b:72:12:b1:df:a4:
7d:b9:9e:83:4e:92:5f:8a:47:ad:54:cd:7d:f1:4a:a7:27:2d:
81:c1:1f:e0:25:98:c8:2a:31:9d:e1:4d:65:e2:9a:3d:88:cd:
1c:3f:65:ae:45:ca:c3:5d:9d:90:63:39:c6:a1:c9:67:6c:5a:
cb:a4:da:d3
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVBCOrHJ4IcXmRaGcypb7c3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDQ3YmUxNWIyNzU5MDJkY2Y2MTdkYzNkMGUxNmRjMWYz
MDgwMjIwHhcNMjIxMjIzMjIwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZlMWU5OGMyOWY4NWVkNWMwYWJlNDhiYzUxMzI0NjUzNTFmZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqa6jqAg0GSlibzGvUi6v5E12/ju
8td9C685WyTU7jBeXq4vT3EUXwnfPmsT/aOrP/oFroEa3cxT2trnrZ5Iq8w377cB
osXIA29+a4MuYfFItLfprPHf+PzTH1qiZVhSexMIED5UcigC7UVHWXXBROm/1Mku
n+SmKMtVTIdQWX9JYjaHhrBov6KZMmzxcLXwhuUmoGnxnlRu3n2U1ycOKUvwMVIc
/REx93j0W+3NS7E3Ja1g615CtlwKYRGQkj+FYUDTvAZHYQFZny1B1ffOsEAh9FfE
g7bkAIlozrB20H3ULaxDAE4gaCLUuBJJoGlVI7yffWIvXYkHMSlmCnQL2QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFEpuHpjCn4XtXAq+SLxRMkZTUf4tMB8GA1UdIwQY
MBaAFHIEe+FbJ1kC3PYX3D0OFtwfMIAiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMt
MWFiZTNhYzEwYWE2LzEvU200ZW1NS2ZoZTFjQ3I1SXZGRXlSbE5SX2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83OTg0NDctMjFmNC00NWFiLTk5ZGMtMWFiZTNhYzEwYWE2
LzEvY2dSNzRWc25XUUxjOWhmY1BRNFczQjh3Z0NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAIwHgtkOh2Oa0gMIoEtp
kRPCVlUeYGxWysO+iLtvkSIxQ+GoGMPAdpsW5VBiw2qECEf/ctT6cdpuSj9ISssQ
88VejJ22DNUQtnrjbxvoW6eyOKsf3TaPy6xcYGHHREGzgdMsZWueBSUTEitj6X77
8Q6uvtPt6LDypmfxcNXdDLqHe81HsfKAvklOb6LWWsB4kyd8ICMJOG50qnG5hqOg
rf7CzG8GlDJ9CV5Iw8evVtXPlh3Y97WrBRVijwe/WZZndltyErHfpH25noNOkl+K
R61UzX3xSqcnLYHBH+AlmMgqMZ3hTWXimj2IzRw/Za5FysNdnZBjOcahyWdsWsuk
2tM=
-----END CERTIFICATE-----
Generated at Thu May 1 07:16:07 2025 by rpki-client