Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/smxByqgHKkkgALbhsmjvbpOzFYg.roa
File: smxByqgHKkkgALbhsmjvbpOzFYg.roa (raw, json)
Hash identifier: 95dUm3n3K7MMwmnHic8mNlo0Lb/8eNRFEMcosl10C4E=
Subject key identifier: B2:6C:41:CA:A8:07:2A:49:20:00:B6:E1:B2:68:EF:6E:93:B3:15:88
Certificate issuer: /CN=43039a68130f19631e1527946e1e127db1e8f9d9
Certificate serial: 018BC60549820A17ABB3D806D0E8964A2FE7
Authority key identifier: 43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/smxByqgHKkkgALbhsmjvbpOzFYg.roa
Signing time: Mon 13 Nov 2023 00:11:57 +0000
ROA not before: Mon 13 Nov 2023 00:11:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/96 maxlen: 128
2001:67c:64::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:c6:05:49:82:0a:17:ab:b3:d8:06:d0:e8:96:4a:2f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43039a68130f19631e1527946e1e127db1e8f9d9
Validity
Not Before: Nov 13 00:11:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b26c41caa8072a492000b6e1b268ef6e93b31588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:db:59:63:12:71:e5:d8:69:26:66:e1:ca:1a:
7d:6b:3c:1d:cc:13:51:3c:3f:ea:b1:32:3b:26:fe:
b3:9d:d9:20:47:91:c7:1f:0a:a8:82:2f:96:36:4f:
46:ff:e0:59:ec:eb:9e:90:84:dd:84:c0:1d:c5:34:
4e:48:f8:ad:27:ee:56:0c:4d:f1:99:5f:8e:c1:54:
4e:e8:a9:50:3b:91:16:2f:0e:03:df:57:17:9a:76:
39:ae:d6:ce:52:66:fc:43:06:dd:5d:95:a4:50:a7:
8d:89:35:7a:c2:6e:dd:e7:58:70:14:89:aa:8a:11:
ba:62:5a:8d:2e:81:a0:e8:0a:50:50:60:26:62:42:
92:24:7f:7a:bc:39:5a:08:5d:ff:d7:c7:a0:01:ad:
b1:61:11:f1:6f:75:d9:4f:f0:14:3c:f5:6c:53:06:
5c:86:44:11:b4:74:c4:b2:7f:09:17:1a:09:5f:60:
b0:73:0b:2c:61:d0:29:07:e9:ef:4a:88:e4:69:0b:
d3:52:e2:77:dd:36:70:cf:c9:f5:1d:2d:80:d2:0c:
11:d5:9b:15:eb:27:f7:98:16:a9:d0:d4:bf:ef:1f:
58:9b:b1:e3:9f:84:77:b0:1f:3f:a0:de:9b:40:11:
93:8c:30:62:e6:bb:74:0d:48:7f:a8:3d:04:7c:85:
91:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:6C:41:CA:A8:07:2A:49:20:00:B6:E1:B2:68:EF:6E:93:B3:15:88
X509v3 Authority Key Identifier:
keyid:43:03:9A:68:13:0F:19:63:1E:15:27:94:6E:1E:12:7D:B1:E8:F9:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwOaaBMPGWMeFSeUbh4SfbHo-dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/smxByqgHKkkgALbhsmjvbpOzFYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f60178-991a-4261-96a0-dd5c300be54e/1/QwOaaBMPGWMeFSeUbh4SfbHo-dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
07:40:75:45:ff:97:bd:50:2f:e7:e7:1c:b9:d0:6d:9e:81:b5:
ef:a4:49:47:ca:15:1d:2a:3e:3b:81:00:a6:10:03:73:cb:8d:
9b:73:df:5c:24:28:5c:1b:f5:99:51:3d:10:21:93:11:ce:05:
a1:07:fa:7f:d5:0d:d7:15:58:13:e4:78:7c:38:1c:3d:ae:0e:
b0:91:9e:26:94:75:9d:fb:e2:e0:9e:34:94:40:eb:be:7a:78:
48:29:20:60:b2:40:d0:98:3a:61:a4:14:8a:1c:ad:24:b6:29:
13:d6:22:b3:aa:23:bd:44:68:88:1d:54:70:0a:29:a2:cc:36:
fd:41:cb:77:9b:9c:c9:f5:f9:9d:da:2f:a3:36:b3:16:ae:d1:
92:45:42:a7:7a:56:e9:a0:14:b1:d3:98:4c:5a:86:96:37:ad:
b4:8a:bc:a9:55:67:3e:76:5c:c0:e5:58:1f:8f:f4:5e:7b:df:
7d:f6:69:31:3a:57:29:f5:31:91:b7:c0:fe:cd:dd:49:ba:b6:
39:ed:a7:3e:c6:7c:4f:d1:c1:45:da:eb:8d:ca:d6:4f:1c:f0:
36:ee:19:ca:52:c8:f5:d0:15:f4:a9:5b:ce:41:de:93:38:7b:
18:a0:51:6d:25:f2:e8:87:7b:34:c9:f1:7f:a7:c7:2f:22:fa:
26:33:50:a7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYvGBUmCChers9gG0OiWSi/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDM5YTY4MTMwZjE5NjMxZTE1Mjc5NDZlMWUxMjdkYjFl
OGY5ZDkwHhcNMjMxMTEzMDAxMTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjZjNDFjYWE4MDcyYTQ5MjAwMGI2ZTFiMjY4ZWY2ZTkzYjMxNTg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ttZYxJx5dhpJmbhyhp9azwdzBNR
PD/qsTI7Jv6zndkgR5HHHwqogi+WNk9G/+BZ7OuekITdhMAdxTROSPitJ+5WDE3x
mV+OwVRO6KlQO5EWLw4D31cXmnY5rtbOUmb8QwbdXZWkUKeNiTV6wm7d51hwFImq
ihG6YlqNLoGg6ApQUGAmYkKSJH96vDlaCF3/18egAa2xYRHxb3XZT/AUPPVsUwZc
hkQRtHTEsn8JFxoJX2CwcwssYdApB+nvSojkaQvTUuJ33TZwz8n1HS2A0gwR1ZsV
6yf3mBap0NS/7x9Ym7Hjn4R3sB8/oN6bQBGTjDBi5rt0DUh/qD0EfIWRrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLJsQcqoBypJIAC24bJo726TsxWIMB8GA1UdIwQY
MBaAFEMDmmgTDxljHhUnlG4eEn2x6PnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAt
ZGQ1YzMwMGJlNTRlLzEvc214QnlxZ0hLa2tnQUxiaHNtanZicE96RllnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mNjAxNzgtOTkxYS00MjYxLTk2YTAtZGQ1YzMwMGJlNTRl
LzEvUXdPYWFCTVBHV01lRlNlVWJoNFNmYkhvLWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAAdAdUX/l71QL+fnHLnQ
bZ6Bte+kSUfKFR0qPjuBAKYQA3PLjZtz31wkKFwb9ZlRPRAhkxHOBaEH+n/VDdcV
WBPkeHw4HD2uDrCRniaUdZ374uCeNJRA6756eEgpIGCyQNCYOmGkFIocrSS2KRPW
IrOqI71EaIgdVHAKKaLMNv1By3ebnMn1+Z3aL6M2sxau0ZJFQqd6VumgFLHTmExa
hpY3rbSKvKlVZz52XMDlWB+P9F573332aTE6Vyn1MZG3wP7N3Um6tjntpz7GfE/R
wUXa643K1k8c8DbuGcpSyPXQFfSpW85B3pM4exigUW0l8uiHezTJ8X+nxy8i+iYz
UKc=
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:12:47 2025 by rpki-client