Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/smZrnk_Yoz0MEPZqDKnYUoP-Opw.roa
File: smZrnk_Yoz0MEPZqDKnYUoP-Opw.roa (raw, json)
Hash identifier: 24G5yjs0ZUoqUy4OoFHxczQzhAIkELffXisqhuw+2DI=
Subject key identifier: B2:66:6B:9E:4F:D8:A3:3D:0C:10:F6:6A:0C:A9:D8:52:83:FE:3A:9C
Certificate issuer: /CN=be37c70f1c67eca1775a709c9235d6a2f55516b8
Certificate serial: 019425215492DB9A73722F8E6F41FB55BE8C
Authority key identifier: BE:37:C7:0F:1C:67:EC:A1:77:5A:70:9C:92:35:D6:A2:F5:55:16:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vjfHDxxn7KF3WnCckjXWovVVFrg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/smZrnk_Yoz0MEPZqDKnYUoP-Opw.roa
Signing time: Thu 02 Jan 2025 03:48:48 +0000
ROA not before: Thu 02 Jan 2025 03:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16019
IP address blocks: 185.95.118.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:54:92:db:9a:73:72:2f:8e:6f:41:fb:55:be:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be37c70f1c67eca1775a709c9235d6a2f55516b8
Validity
Not Before: Jan 2 03:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2666b9e4fd8a33d0c10f66a0ca9d85283fe3a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:55:a0:69:94:58:9d:cd:f7:6a:8d:45:cc:a0:
24:6d:52:97:c3:4c:a1:36:c3:25:f9:5d:e6:34:4d:
35:81:0d:10:e7:50:6a:36:44:2d:0b:36:4e:cc:a7:
25:fc:2e:1f:73:8c:62:16:73:da:35:95:ce:dd:22:
f5:3e:8e:1c:d7:90:93:fb:2f:13:07:49:3d:ce:61:
6a:31:22:d6:1b:1c:eb:9a:6d:63:fb:02:b4:33:e0:
61:47:a6:18:bb:79:e8:5b:dd:6d:9c:25:ef:bd:65:
58:c1:26:58:06:b8:57:41:93:48:fd:d4:ac:87:a2:
7a:9b:7f:51:49:91:68:a9:d7:bc:8d:82:a4:4b:b9:
e7:91:d6:76:c3:01:d3:0c:46:45:da:03:7e:24:cb:
46:8f:bf:54:67:b4:94:eb:ee:0f:4d:19:6f:0b:8c:
fc:0d:16:e9:f0:08:f2:fe:94:d2:2c:69:92:1c:d3:
46:61:56:20:16:22:40:5b:c4:ea:11:e9:60:40:c2:
24:c5:6b:e1:98:31:0c:64:86:77:06:f6:9b:e9:7f:
d8:eb:25:b9:a2:71:76:76:92:3e:42:74:64:bf:90:
52:3e:6e:2d:ba:d5:a6:91:50:1d:61:40:8b:4d:3c:
08:0f:25:8b:b6:2b:87:49:e5:b0:70:18:cd:3f:9c:
5b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:66:6B:9E:4F:D8:A3:3D:0C:10:F6:6A:0C:A9:D8:52:83:FE:3A:9C
X509v3 Authority Key Identifier:
keyid:BE:37:C7:0F:1C:67:EC:A1:77:5A:70:9C:92:35:D6:A2:F5:55:16:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vjfHDxxn7KF3WnCckjXWovVVFrg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/smZrnk_Yoz0MEPZqDKnYUoP-Opw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/973431-5ae4-4521-9454-c8eb08ce9089/1/vjfHDxxn7KF3WnCckjXWovVVFrg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.118.0/23
Signature Algorithm: sha256WithRSAEncryption
75:59:42:ac:33:89:83:0c:9a:04:a0:63:90:9e:41:5f:af:8b:
f9:57:78:bf:43:76:ef:f5:7f:b6:bb:d7:46:5c:bd:22:61:a2:
3f:00:47:f4:5f:82:75:e0:e0:02:76:5f:bb:36:52:76:af:52:
85:c4:55:3c:0a:f5:08:17:5f:2b:d0:98:80:2b:9b:d6:32:12:
cc:b5:a9:d6:06:9c:7c:71:01:e4:a4:44:7d:df:a0:f6:30:35:
4f:ae:af:09:a7:c5:fb:b6:ba:09:10:21:0e:57:b5:53:3b:e7:
a4:f7:e0:5f:23:7a:fa:7f:b9:fc:df:84:43:ea:04:0a:9a:61:
3c:de:76:2e:8f:ed:0a:e5:4f:e6:7c:d8:7d:cb:08:a4:09:d9:
b2:b7:d1:01:b1:e6:71:4e:c5:09:26:d0:0e:55:fa:bd:1d:81:
19:9f:0a:7d:74:83:46:8a:b7:66:0c:83:b9:11:3e:b5:00:31:
60:9c:f7:e7:9d:89:3d:3a:37:04:15:ba:4e:aa:50:ca:82:72:
35:eb:58:1b:e4:3d:bf:4b:76:48:48:27:ac:50:24:82:fb:f2:
d6:19:96:9d:37:b8:e2:46:cb:14:c8:ef:b3:19:df:eb:cc:26:
a8:cb:62:bd:88:ce:b5:c6:93:6a:ea:48:42:15:ef:8e:e6:99:
a6:d2:f5:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIVSS25pzci+Ob0H7Vb6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlMzdjNzBmMWM2N2VjYTE3NzVhNzA5YzkyMzVkNmEyZjU1
NTE2YjgwHhcNMjUwMTAyMDM0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY2NmI5ZTRmZDhhMzNkMGMxMGY2NmEwY2E5ZDg1MjgzZmUzYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFWgaZRYnc33ao1FzKAkbVKXw0yh
NsMl+V3mNE01gQ0Q51BqNkQtCzZOzKcl/C4fc4xiFnPaNZXO3SL1Po4c15CT+y8T
B0k9zmFqMSLWGxzrmm1j+wK0M+BhR6YYu3noW91tnCXvvWVYwSZYBrhXQZNI/dSs
h6J6m39RSZFoqde8jYKkS7nnkdZ2wwHTDEZF2gN+JMtGj79UZ7SU6+4PTRlvC4z8
DRbp8Ajy/pTSLGmSHNNGYVYgFiJAW8TqEelgQMIkxWvhmDEMZIZ3Bvab6X/Y6yW5
onF2dpI+QnRkv5BSPm4tutWmkVAdYUCLTTwIDyWLtiuHSeWwcBjNP5xbKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLJma55P2KM9DBD2agyp2FKD/jqcMB8GA1UdIwQY
MBaAFL43xw8cZ+yhd1pwnJI11qL1VRa4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmpmSER4eG43S0YzV25DY2tqWFdvdlZWRnJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS85NzM0MzEtNWFlNC00NTIxLTk0NTQt
YzhlYjA4Y2U5MDg5LzEvc21acm5rX1lvejBNRVBacURLbllVb1AtT3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS85NzM0MzEtNWFlNC00NTIxLTk0NTQtYzhlYjA4Y2U5MDg5
LzEvdmpmSER4eG43S0YzV25DY2tqWFdvdlZWRnJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuV92MA0G
CSqGSIb3DQEBCwUAA4IBAQB1WUKsM4mDDJoEoGOQnkFfr4v5V3i/Q3bv9X+2u9dG
XL0iYaI/AEf0X4J14OACdl+7NlJ2r1KFxFU8CvUIF18r0JiAK5vWMhLMtanWBpx8
cQHkpER936D2MDVPrq8Jp8X7troJECEOV7VTO+ek9+BfI3r6f7n834RD6gQKmmE8
3nYuj+0K5U/mfNh9ywikCdmyt9EBseZxTsUJJtAOVfq9HYEZnwp9dINGirdmDIO5
ET61ADFgnPfnnYk9OjcEFbpOqlDKgnI161gb5D2/S3ZISCesUCSC+/LWGZadN7ji
RssUyO+zGd/rzCaoy2K9iM61xpNq6khCFe+O5pmm0vWj
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:51:21 2025 by rpki-client