Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/14IkHR-Olrd1dMJfnyvRzyhZ6Co.roa
File: 14IkHR-Olrd1dMJfnyvRzyhZ6Co.roa (raw, json)
Hash identifier: nXKnoQCB6L8skfiQXfDYy69EU41YJRz8H0Wb8ADMIkY=
Subject key identifier: D7:82:24:1D:1F:8E:96:B7:75:74:C2:5F:9F:2B:D1:CF:28:59:E8:2A
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193B9FF65B9CFCB0C34E2E5393E27A5D054
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/14IkHR-Olrd1dMJfnyvRzyhZ6Co.roa
Signing time: Thu 12 Dec 2024 08:32:22 +0000
ROA not before: Thu 12 Dec 2024 08:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 163.5.25.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b9:ff:65:b9:cf:cb:0c:34:e2:e5:39:3e:27:a5:d0:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 12 08:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d782241d1f8e96b77574c25f9f2bd1cf2859e82a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:53:67:b0:0e:dc:cc:0f:cf:79:39:4e:15:5a:
84:16:14:a1:2c:86:7c:8b:af:4a:e5:45:97:cb:6b:
29:88:c5:61:fa:0a:a0:e3:d3:5c:c4:1a:07:06:01:
c2:14:09:bb:2f:b9:34:9c:57:94:cd:5e:0c:e7:81:
64:d7:5a:f4:a0:86:c5:40:da:88:fc:a5:aa:37:19:
9e:ed:27:8f:51:b0:8e:ba:2f:b6:de:9d:8f:e6:d3:
16:cd:ef:07:b6:bf:7b:5e:a1:cb:9b:ab:08:d4:7c:
8e:d6:7f:82:41:0a:63:24:3d:6c:71:26:b0:ba:11:
d2:51:cc:76:3b:dc:71:21:cd:db:b7:51:48:12:a7:
c0:28:41:fd:1f:b0:d5:3c:2f:0a:40:8a:9b:7b:67:
51:04:37:eb:6d:c1:8c:19:cd:a1:ac:cd:d2:87:27:
e4:75:19:93:06:e2:cf:53:7d:50:ce:70:88:60:19:
44:19:50:ab:52:83:66:5c:65:7f:54:7b:41:ee:27:
d3:e0:d3:f2:44:b0:0e:47:6e:54:8f:14:7f:99:3e:
b5:cd:63:2c:28:c6:07:3e:dc:a1:75:2a:f8:c9:0a:
b9:f9:30:03:a0:52:90:16:40:5e:0a:55:58:c0:fa:
ac:14:27:bd:69:18:05:17:11:83:dd:74:e8:2c:64:
c0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:82:24:1D:1F:8E:96:B7:75:74:C2:5F:9F:2B:D1:CF:28:59:E8:2A
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/14IkHR-Olrd1dMJfnyvRzyhZ6Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.25.0/24
163.5.30.0/24
163.5.40.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.160.0/24
163.5.162.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.218.0/24
163.5.224.0/24
163.5.228.0/24
163.5.233.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6b:c5:92:b5:87:06:32:a0:51:e6:e6:10:70:f9:29:a4:da:
22:a6:95:69:51:65:40:ba:13:46:d0:99:29:f6:7c:db:8b:ea:
60:36:11:a7:0d:41:c2:83:da:ff:b1:fe:70:bc:c1:40:28:6b:
30:db:d7:15:72:b3:d5:ab:26:47:9b:47:c4:36:67:e0:e6:44:
f4:3d:95:96:ee:cb:33:9b:ce:12:f0:5a:22:8a:69:21:48:39:
5c:0e:6a:3b:06:71:a3:bd:3a:8b:13:67:aa:c9:11:2a:25:bf:
69:79:38:c7:36:39:5e:9f:00:66:c8:d0:34:75:64:87:cd:c8:
d7:a6:dc:33:fc:c2:bf:be:5f:0c:02:d5:62:cb:14:ad:17:3a:
ef:63:38:53:6e:f3:9a:d7:a7:29:7d:d6:80:63:9e:e7:8d:c1:
be:96:25:fd:6c:df:b1:74:a5:4c:07:97:70:0e:fe:6c:38:8c:
ce:7a:f3:72:01:86:45:f2:34:c3:88:18:9e:80:8b:9d:64:bd:
78:75:c8:50:58:a3:89:13:37:48:38:e0:be:31:93:ac:dc:3d:
43:59:a6:30:20:44:d4:84:bc:b5:10:d3:44:54:78:37:af:f1:
f7:ff:58:80:75:e5:37:b5:a3:78:68:75:a5:93:f9:9c:74:1e:
02:d9:fb:b0
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZO5/2W5z8sMNOLlOT4npdBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjEyMDgzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzgyMjQxZDFmOGU5NmI3NzU3NGMyNWY5ZjJiZDFjZjI4NTllODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lNnsA7czA/PeTlOFVqEFhShLIZ8
i69K5UWXy2spiMVh+gqg49NcxBoHBgHCFAm7L7k0nFeUzV4M54Fk11r0oIbFQNqI
/KWqNxme7SePUbCOui+23p2P5tMWze8Htr97XqHLm6sI1HyO1n+CQQpjJD1scSaw
uhHSUcx2O9xxIc3bt1FIEqfAKEH9H7DVPC8KQIqbe2dRBDfrbcGMGc2hrM3Shyfk
dRmTBuLPU31QznCIYBlEGVCrUoNmXGV/VHtB7ifT4NPyRLAOR25UjxR/mT61zWMs
KMYHPtyhdSr4yQq5+TADoFKQFkBeClVYwPqsFCe9aRgFFxGD3XToLGTA7wIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFNeCJB0fjpa3dXTCX58r0c8oWegqMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMTRJa0hSLU9scmQxZE1KZm55dlJ6eWhaNkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBACj
BRkDBACjBR4DBACjBSgDBACjBTsDBACjBUkDBACjBVkwDAMEAaMFbgMEAaMFcAME
AaMFdgMEAKMFeQMEAKMFfgMEAaMFgAMEAaMFigMEAKMFjwMEAKMFkgMEAKMFlwME
AKMFoAMEAKMFogMEAKMFpwMEAKMFrwMEAKMFsgMEAKMFtgMEAKMFvQMEAKMFvwME
AaMFyDAMAwQAowXLAwQAowXOAwQAowXaAwQAowXgAwQAowXkAwQAowXpAwQAowXx
AwQAowX6AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQAXa8WStYcGMqBR5uYQcPkp
pNoippVpUWVAuhNG0Jkp9nzbi+pgNhGnDUHCg9r/sf5wvMFAKGsw29cVcrPVqyZH
m0fENmfg5kT0PZWW7sszm84S8FoiimkhSDlcDmo7BnGjvTqLE2eqyREqJb9peTjH
NjlenwBmyNA0dWSHzcjXptwz/MK/vl8MAtViyxStFzrvYzhTbvOa16cpfdaAY57n
jcG+liX9bN+xdKVMB5dwDv5sOIzOevNyAYZF8jTDiBiegIudZL14dchQWKOJEzdI
OOC+MZOs3D1DWaYwIETUhLy1ENNEVHg3r/H3/1iAdeU3taN4aHWlk/mcdB4C2fuw
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:00 2025 by rpki-client