Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/SW4Yp7z-czq3Wyk3SkqgTnWrKpk.roa
File: SW4Yp7z-czq3Wyk3SkqgTnWrKpk.roa (raw, json)
Hash identifier: YmIRklQ+efQc+b8RqPf+ZXpsg1COSPp4Bv5KKeWEZK8=
Subject key identifier: 49:6E:18:A7:BC:FE:73:3A:B7:5B:29:37:4A:4A:A0:4E:75:AB:2A:99
Certificate issuer: /CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Certificate serial: 01942368D4191AEE8F72F55100DB818BB94F
Authority key identifier: 57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/SW4Yp7z-czq3Wyk3SkqgTnWrKpk.roa
Signing time: Wed 01 Jan 2025 19:47:39 +0000
ROA not before: Wed 01 Jan 2025 19:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39700
IP address blocks: 185.42.72.0/22 maxlen: 24
2a01:5be0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:68:d4:19:1a:ee:8f:72:f5:51:00:db:81:8b:b9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57e2b86a33c9f97214536d8ca2919d7f3c3800ce
Validity
Not Before: Jan 1 19:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=496e18a7bcfe733ab75b29374a4aa04e75ab2a99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d2:7a:a2:c6:e4:b1:fe:90:8b:0e:7e:0b:d9:
11:6c:14:84:53:cc:18:a0:a4:24:a5:f6:d6:b0:71:
8b:48:ac:4b:c0:d7:4f:c2:f5:fc:5f:c1:de:17:57:
7e:01:af:a2:4d:53:ce:83:97:99:bb:13:b1:b8:81:
3f:ea:8d:0d:95:44:63:04:c6:76:2a:16:69:72:66:
7a:b6:5d:a0:c8:29:69:f5:ff:91:ac:07:db:81:f3:
8f:e0:6e:5b:ee:8a:48:9b:51:0f:1a:f6:b7:5f:19:
7b:25:f4:0c:d3:8d:da:46:b9:4d:5a:19:05:45:41:
11:eb:6b:46:21:24:79:45:c2:d3:4c:52:8c:18:eb:
1a:df:76:46:8f:05:8e:aa:48:a1:02:35:03:fc:8b:
f4:af:c6:c9:31:ca:36:91:97:87:49:85:5c:f2:91:
6f:5a:87:5b:65:2f:18:c3:2b:d6:d4:98:b5:4f:fe:
ac:7c:f5:59:9c:f5:1c:56:96:c9:af:07:37:69:9d:
c9:99:4b:ba:c1:fe:ca:49:af:60:44:ba:36:db:14:
ca:ef:d8:e9:85:9b:22:c8:3d:ab:98:d4:0a:55:9b:
e2:50:b6:5d:61:60:4d:fc:63:69:0c:db:5a:f2:67:
52:ea:b4:4d:7c:bc:51:a0:d0:a7:85:b6:cd:7c:b1:
a4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:6E:18:A7:BC:FE:73:3A:B7:5B:29:37:4A:4A:A0:4E:75:AB:2A:99
X509v3 Authority Key Identifier:
keyid:57:E2:B8:6A:33:C9:F9:72:14:53:6D:8C:A2:91:9D:7F:3C:38:00:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V-K4ajPJ-XIUU22MopGdfzw4AM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/SW4Yp7z-czq3Wyk3SkqgTnWrKpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/6149a5-c8de-4c61-beb7-2201203a0bab/1/V-K4ajPJ-XIUU22MopGdfzw4AM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.72.0/22
IPv6:
2a01:5be0::/32
Signature Algorithm: sha256WithRSAEncryption
96:75:30:46:06:9e:2a:8f:02:7c:c4:25:39:fe:4e:bd:fe:a0:
44:9f:2f:3c:96:36:9a:9c:d3:be:c7:62:a8:d3:c2:4b:b4:ac:
6b:00:79:85:1e:62:40:65:75:9e:bb:fc:70:16:f4:29:f0:c4:
d6:59:82:4b:35:65:eb:60:1b:51:80:71:4f:a4:e8:06:3d:f1:
e6:73:da:0a:e7:2d:79:a6:a1:e8:ca:94:d4:6e:9c:3b:ab:1e:
d0:ce:bb:0b:64:f7:8c:df:15:fb:5f:fb:79:1a:ad:dc:1d:1a:
bb:84:5f:e5:f8:d6:4f:c9:f8:55:51:44:de:4f:f5:cf:e6:69:
a5:40:01:d7:c9:01:54:be:da:08:a5:7a:95:23:95:7f:8e:2e:
c2:45:c9:38:9e:33:31:63:da:68:a2:14:6c:a8:bd:29:ad:0a:
84:86:ec:39:f0:53:32:a3:7f:93:d8:03:fb:32:51:fd:61:68:
d4:4f:2d:ea:cd:9e:aa:bc:cf:ba:c5:af:c5:a9:44:77:8b:ea:
b0:d4:14:47:93:fb:e5:ba:b8:cc:ef:0a:5c:cd:c5:07:d1:4c:
57:c4:17:9b:26:a3:45:58:06:5f:7c:c2:18:ee:de:c1:bd:0f:
49:be:61:be:1d:63:68:ba:c8:cc:21:f9:80:39:d2:38:a8:8a:
8e:3f:5c:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQjaNQZGu6PcvVRANuBi7lPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3ZTJiODZhMzNjOWY5NzIxNDUzNmQ4Y2EyOTE5ZDdmM2Mz
ODAwY2UwHhcNMjUwMTAxMTk0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTZlMThhN2JjZmU3MzNhYjc1YjI5Mzc0YTRhYTA0ZTc1YWIyYTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudJ6osbksf6Qiw5+C9kRbBSEU8wY
oKQkpfbWsHGLSKxLwNdPwvX8X8HeF1d+Aa+iTVPOg5eZuxOxuIE/6o0NlURjBMZ2
KhZpcmZ6tl2gyClp9f+RrAfbgfOP4G5b7opIm1EPGva3Xxl7JfQM043aRrlNWhkF
RUER62tGISR5RcLTTFKMGOsa33ZGjwWOqkihAjUD/Iv0r8bJMco2kZeHSYVc8pFv
WodbZS8YwyvW1Ji1T/6sfPVZnPUcVpbJrwc3aZ3JmUu6wf7KSa9gRLo22xTK79jp
hZsiyD2rmNQKVZviULZdYWBN/GNpDNta8mdS6rRNfLxRoNCnhbbNfLGkowIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEluGKe8/nM6t1spN0pKoE51qyqZMB8GA1UdIwQY
MBaAFFfiuGozyflyFFNtjKKRnX88OADOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjct
MjIwMTIwM2EwYmFiLzEvU1c0WXA3ei1jenEzV3lrM1NrcWdUbldyS3BrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi82MTQ5YTUtYzhkZS00YzYxLWJlYjctMjIwMTIwM2EwYmFi
LzEvVi1LNGFqUEotWElVVTIyTW9wR2Rmenc0QU00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSpIMA0E
AgACMAcDBQAqAVvgMA0GCSqGSIb3DQEBCwUAA4IBAQCWdTBGBp4qjwJ8xCU5/k69
/qBEny88ljaanNO+x2Ko08JLtKxrAHmFHmJAZXWeu/xwFvQp8MTWWYJLNWXrYBtR
gHFPpOgGPfHmc9oK5y15pqHoypTUbpw7qx7QzrsLZPeM3xX7X/t5Gq3cHRq7hF/l
+NZPyfhVUUTeT/XP5mmlQAHXyQFUvtoIpXqVI5V/ji7CRck4njMxY9poohRsqL0p
rQqEhuw58FMyo3+T2AP7MlH9YWjUTy3qzZ6qvM+6xa/FqUR3i+qw1BRHk/vlurjM
7wpczcUH0UxXxBebJqNFWAZffMIY7t7BvQ9JvmG+HWNousjMIfmAOdI4qIqOP1xN
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:13:36 2025 by rpki-client