Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/SM3-g7-u2szfQi55eOed53zV8gU.roa
File: SM3-g7-u2szfQi55eOed53zV8gU.roa (raw, json)
Hash identifier: aJsk+0MUDCUy7A6OsEgl3pSqn7z+Z5hY7QHBCQErZAk=
Subject key identifier: 48:CD:FE:83:BF:AE:DA:CC:DF:42:2E:79:78:E7:9D:E7:7C:D5:F2:05
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 0194258ED0CB70AC50EB8CF6EFB229D0ADE1
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/SM3-g7-u2szfQi55eOed53zV8gU.roa
Signing time: Thu 02 Jan 2025 05:48:24 +0000
ROA not before: Thu 02 Jan 2025 05:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202662
IP address blocks: 2a0e:aa07:e04d::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:d0:cb:70:ac:50:eb:8c:f6:ef:b2:29:d0:ad:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 2 05:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48cdfe83bfaedaccdf422e7978e79de77cd5f205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:82:3c:62:9a:2c:63:b9:52:df:26:88:29:33:
db:87:9b:9d:ac:60:2d:ad:a3:df:0c:63:0f:f5:38:
25:a7:51:3f:2c:32:91:49:96:c7:d2:5e:84:f0:10:
6a:42:3f:d6:4e:3a:cd:66:fa:f8:0c:d0:e8:c4:41:
7e:7d:85:8a:9c:b7:ed:a1:5d:bd:b3:a0:6d:6a:23:
0e:cd:6f:e0:4e:4e:6e:d9:44:25:a5:40:b5:ef:24:
6a:b3:9a:2a:65:8f:96:c9:e6:22:54:d4:62:c4:4b:
c5:73:6a:c1:3d:09:96:73:27:91:21:98:a0:48:d9:
0e:11:4b:67:09:84:ee:36:69:ea:4c:65:0c:c8:5d:
c6:ac:0e:eb:fa:11:4a:b8:f8:e4:55:ed:c1:44:96:
ae:ce:38:b9:bb:2d:19:53:9c:61:e4:dc:50:50:f7:
09:33:ed:83:af:7c:da:8e:db:4b:0c:c3:c0:cd:dc:
6e:c3:eb:d6:94:64:66:60:65:17:82:f2:07:ab:1a:
ef:45:a8:f4:42:e8:1f:d0:c0:50:6e:62:23:4d:bd:
b7:cd:db:4e:01:69:3d:f0:bc:7d:e4:47:e9:31:e9:
96:a0:5b:2e:4b:90:7b:e3:23:01:aa:4b:c5:ed:9f:
66:8b:23:d1:6c:0c:14:bb:80:18:d1:db:67:04:94:
a1:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:CD:FE:83:BF:AE:DA:CC:DF:42:2E:79:78:E7:9D:E7:7C:D5:F2:05
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/SM3-g7-u2szfQi55eOed53zV8gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e04d::/48
Signature Algorithm: sha256WithRSAEncryption
04:f7:e9:26:fc:d0:5e:6b:2e:e8:3b:b1:e9:17:54:97:c8:a0:
7d:7f:18:2e:64:2e:91:ee:39:5f:79:61:bd:0d:73:2e:69:b1:
6d:a1:34:32:52:e9:2d:1b:c8:7e:2f:f8:8b:73:87:74:47:e4:
32:6e:b6:66:89:48:35:f3:81:12:bd:4d:8d:08:04:4f:18:7c:
b5:49:89:f5:d0:b6:d8:3f:39:19:c9:76:c8:88:55:9a:d3:00:
7f:59:3a:db:8d:b4:1a:cf:34:eb:5c:fd:2e:c2:a2:13:37:d4:
ee:d2:50:2c:0c:c5:f9:c1:b4:e0:ed:6e:aa:74:65:6a:a3:fe:
6c:06:4a:f2:dc:63:30:4a:b0:ac:62:fa:15:4e:8d:69:67:f8:
eb:6c:77:f4:ef:dc:26:a6:aa:65:48:45:14:c0:28:c8:93:6c:
4f:e6:06:2c:5d:f2:6b:a1:65:8c:04:f5:57:15:1b:c6:9c:ec:
d0:f4:c4:7f:2b:be:56:8f:26:bc:2b:c5:32:cb:87:dc:3f:24:
30:78:4d:5e:63:d6:37:c4:ad:7c:d8:23:42:17:2c:9f:67:ca:
0c:3f:cf:d7:2c:75:1e:5d:55:22:7a:6b:67:b8:8f:17:70:47:
d0:d9:66:f7:df:98:9b:00:47:e8:ae:b1:8b:6e:5c:a7:62:00:
28:dd:0a:2b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQljtDLcKxQ64z277Ip0K3hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjUwMTAyMDU0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGNkZmU4M2JmYWVkYWNjZGY0MjJlNzk3OGU3OWRlNzdjZDVmMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4I8YposY7lS3yaIKTPbh5udrGAt
raPfDGMP9Tglp1E/LDKRSZbH0l6E8BBqQj/WTjrNZvr4DNDoxEF+fYWKnLftoV29
s6BtaiMOzW/gTk5u2UQlpUC17yRqs5oqZY+WyeYiVNRixEvFc2rBPQmWcyeRIZig
SNkOEUtnCYTuNmnqTGUMyF3GrA7r+hFKuPjkVe3BRJauzji5uy0ZU5xh5NxQUPcJ
M+2Dr3zajttLDMPAzdxuw+vWlGRmYGUXgvIHqxrvRaj0Qugf0MBQbmIjTb23zdtO
AWk98Lx95EfpMemWoFsuS5B74yMBqkvF7Z9miyPRbAwUu4AY0dtnBJShQwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFEjN/oO/rtrM30IueXjnned81fIFMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvU00zLWc3LXUyc3pmUWk1NWVPZWQ1M3pWOGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg6qB+BN
MA0GCSqGSIb3DQEBCwUAA4IBAQAE9+km/NBeay7oO7HpF1SXyKB9fxguZC6R7jlf
eWG9DXMuabFtoTQyUuktG8h+L/iLc4d0R+QybrZmiUg184ESvU2NCARPGHy1SYn1
0LbYPzkZyXbIiFWa0wB/WTrbjbQazzTrXP0uwqITN9Tu0lAsDMX5wbTg7W6qdGVq
o/5sBkry3GMwSrCsYvoVTo1pZ/jrbHf079wmpqplSEUUwCjIk2xP5gYsXfJroWWM
BPVXFRvGnOzQ9MR/K75Wjya8K8Uyy4fcPyQweE1eY9Y3xK182CNCFyyfZ8oMP8/X
LHUeXVUiemtnuI8XcEfQ2Wb335ibAEforrGLblynYgAo3Qor
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:42:49 2025 by rpki-client