Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/SMQq7CRzdTMpOyBYbyD-3lmnAf8.roa
File: SMQq7CRzdTMpOyBYbyD-3lmnAf8.roa (raw, json)
Hash identifier: NUvlu4bhU491Hj0WQxuB3vUQkEUZUeQ7tnSRNTWGTcQ=
Subject key identifier: 48:C4:2A:EC:24:73:75:33:29:3B:20:58:6F:20:FE:DE:59:A7:01:FF
Certificate issuer: /CN=5873b598550df5bfdbc99a7a1e396c3495bda83b
Certificate serial: 019425FC38A12E302823198696BEF5A6F7F3
Authority key identifier: 58:73:B5:98:55:0D:F5:BF:DB:C9:9A:7A:1E:39:6C:34:95:BD:A8:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHO1mFUN9b_byZp6HjlsNJW9qDs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/SMQq7CRzdTMpOyBYbyD-3lmnAf8.roa
Signing time: Thu 02 Jan 2025 07:47:54 +0000
ROA not before: Thu 02 Jan 2025 07:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 559
IP address blocks: 130.82.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:38:a1:2e:30:28:23:19:86:96:be:f5:a6:f7:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5873b598550df5bfdbc99a7a1e396c3495bda83b
Validity
Not Before: Jan 2 07:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48c42aec24737533293b20586f20fede59a701ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:a7:dd:21:48:bb:a3:49:04:f5:f3:b9:be:87:
c6:5b:20:d0:2a:2c:26:c6:5a:32:69:35:c3:6e:90:
9b:e5:85:06:7a:7d:c1:04:8d:c9:ac:b7:4f:7f:85:
74:fe:74:02:be:0b:9d:bd:dc:24:91:24:a7:70:d6:
34:ff:6a:c5:fb:3c:48:4d:be:d9:62:f1:78:73:bf:
4f:94:7e:96:9e:ad:4a:d2:1b:f1:d6:47:ef:0a:71:
f0:af:3f:0e:06:e7:92:82:e6:ae:31:c1:8a:c0:f4:
d4:2d:b8:bf:bd:ff:8d:bb:1a:35:c7:b7:f6:44:ea:
ca:75:0a:c4:81:c3:e7:1c:7f:e9:8b:03:93:36:03:
3c:ce:9c:71:ac:c8:52:d8:7f:9c:e8:cb:64:f1:94:
29:57:ab:79:e8:f0:b1:6f:e2:a8:4d:eb:a9:70:65:
44:6e:1a:ec:2f:38:56:65:7d:3a:e7:c4:5c:4f:d5:
d4:ce:3d:f9:f8:55:82:42:d4:a1:e5:05:18:4f:f2:
d6:e5:3d:82:cc:13:7e:a6:e5:19:7c:97:b5:64:6e:
5a:ba:d7:9d:d4:47:00:9b:34:fd:f8:9e:9a:39:3a:
fa:bc:e1:3b:f1:bd:b0:3d:be:42:f4:3f:ef:06:71:
10:e7:44:cb:e1:a0:44:a9:e8:77:49:de:ea:fd:08:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:C4:2A:EC:24:73:75:33:29:3B:20:58:6F:20:FE:DE:59:A7:01:FF
X509v3 Authority Key Identifier:
keyid:58:73:B5:98:55:0D:F5:BF:DB:C9:9A:7A:1E:39:6C:34:95:BD:A8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHO1mFUN9b_byZp6HjlsNJW9qDs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/SMQq7CRzdTMpOyBYbyD-3lmnAf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/14238d-8591-471f-895b-1769d1994df6/1/WHO1mFUN9b_byZp6HjlsNJW9qDs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.82.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:e2:85:a3:4d:21:af:34:39:7e:36:30:7f:05:af:e5:69:0f:
bc:d3:8b:5e:f7:48:da:bf:b6:98:33:bb:ef:ad:1e:fa:58:0b:
90:bb:73:c6:2b:51:9a:ea:95:0e:a2:75:68:34:2e:30:3f:60:
ca:da:38:27:84:6c:47:28:4e:a8:15:be:2d:61:d0:e7:09:d0:
eb:80:a4:54:26:b6:93:bd:54:3e:53:10:92:e8:3c:12:9a:ee:
6b:b0:4d:92:bf:bc:bf:51:10:58:28:54:95:31:01:3f:79:23:
37:d0:c2:84:93:bd:43:3f:2f:6e:b1:46:bc:66:18:90:32:9b:
bb:7e:7b:de:5b:cc:4e:0a:3c:cc:d7:2d:fb:64:8e:ab:93:d6:
b8:1e:7d:64:35:af:80:08:94:df:a6:69:56:45:0f:90:21:24:
00:ee:7d:fe:b3:f4:8e:c4:1b:d7:a5:97:cd:98:07:bb:72:92:
f8:ea:14:8e:f4:54:63:31:cb:91:17:20:a8:2b:f5:9c:3a:25:
b7:71:9f:89:a7:37:f4:36:f0:c4:21:a1:42:4d:78:75:33:34:
42:0e:39:ce:de:41:94:7d:40:5d:54:cc:54:d1:a1:e7:e6:e3:
37:98:3c:66:95:a8:51:aa:5a:1d:ad:29:02:52:9b:35:fb:26:
d8:b4:77:a3
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQl/DihLjAoIxmGlr71pvfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NzNiNTk4NTUwZGY1YmZkYmM5OWE3YTFlMzk2YzM0OTVi
ZGE4M2IwHhcNMjUwMTAyMDc0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGM0MmFlYzI0NzM3NTMzMjkzYjIwNTg2ZjIwZmVkZTU5YTcwMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA76fdIUi7o0kE9fO5vofGWyDQKiwm
xloyaTXDbpCb5YUGen3BBI3JrLdPf4V0/nQCvgudvdwkkSSncNY0/2rF+zxITb7Z
YvF4c79PlH6Wnq1K0hvx1kfvCnHwrz8OBueSguauMcGKwPTULbi/vf+Nuxo1x7f2
ROrKdQrEgcPnHH/piwOTNgM8zpxxrMhS2H+c6Mtk8ZQpV6t56PCxb+KoTeupcGVE
bhrsLzhWZX0658RcT9XUzj35+FWCQtSh5QUYT/LW5T2CzBN+puUZfJe1ZG5auted
1EcAmzT9+J6aOTr6vOE78b2wPb5C9D/vBnEQ50TL4aBEqeh3Sd7q/Qh8rwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFEjEKuwkc3UzKTsgWG8g/t5ZpwH/MB8GA1UdIwQY
MBaAFFhztZhVDfW/28maeh45bDSVvag7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0hPMW1GVU45Yl9ieVpwNkhqbHNOSlc5cURzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xNDIzOGQtODU5MS00NzFmLTg5NWIt
MTc2OWQxOTk0ZGY2LzEvU01RcTdDUnpkVE1wT3lCWWJ5RC0zbG1uQWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xNDIzOGQtODU5MS00NzFmLTg5NWItMTc2OWQxOTk0ZGY2
LzEvV0hPMW1GVU45Yl9ieVpwNkhqbHNOSlc5cURzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAglIwDQYJ
KoZIhvcNAQELBQADggEBACXihaNNIa80OX42MH8Fr+VpD7zTi173SNq/tpgzu++t
HvpYC5C7c8YrUZrqlQ6idWg0LjA/YMraOCeEbEcoTqgVvi1h0OcJ0OuApFQmtpO9
VD5TEJLoPBKa7muwTZK/vL9REFgoVJUxAT95IzfQwoSTvUM/L26xRrxmGJAym7t+
e95bzE4KPMzXLftkjquT1rgefWQ1r4AIlN+maVZFD5AhJADuff6z9I7EG9ell82Y
B7tykvjqFI70VGMxy5EXIKgr9Zw6Jbdxn4mnN/Q28MQhoUJNeHUzNEIOOc7eQZR9
QF1UzFTRoefm4zeYPGaVqFGqWh2tKQJSmzX7Jti0d6M=
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:54:43 2025 by rpki-client