Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1oUuGsMdtzvhHFIX3DdQX0xZqAQ.roa
File: 1oUuGsMdtzvhHFIX3DdQX0xZqAQ.roa (raw, json)
Hash identifier: FysvwCKVpKRaz4vIb1i1ablVG4ZlmfaB8IfUa7wmL/k=
Subject key identifier: D6:85:2E:1A:C3:1D:B7:3B:E1:1C:52:17:DC:37:50:5F:4C:59:A8:04
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0193D50A9D41849CB0E5270F3C3A6E7FD13F
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1oUuGsMdtzvhHFIX3DdQX0xZqAQ.roa
Signing time: Tue 17 Dec 2024 14:34:22 +0000
ROA not before: Tue 17 Dec 2024 14:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47741
IP address blocks: 163.5.92.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d5:0a:9d:41:84:9c:b0:e5:27:0f:3c:3a:6e:7f:d1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 17 14:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6852e1ac31db73be11c5217dc37505f4c59a804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:d3:99:ad:8a:4f:b1:94:7c:e7:dc:0a:a0:62:
0d:16:e5:0d:b1:2b:3e:a2:e0:62:d4:54:bd:2f:ea:
8e:91:ab:79:e7:0c:2f:87:df:9f:8f:75:e0:2d:43:
12:76:ab:b4:53:24:4a:88:8c:db:d3:93:05:f5:23:
53:0e:b0:d0:63:f4:2e:a5:9d:a4:98:c7:7f:1c:46:
22:6b:03:0b:41:7f:fa:f4:0c:6a:df:49:7d:d8:1a:
59:97:a6:19:f6:ae:f2:44:14:d2:e4:40:33:86:8f:
e1:12:dc:75:9f:e4:a1:5d:19:22:7a:67:9b:94:8d:
89:35:5f:ba:be:e0:97:7b:88:20:14:73:08:94:22:
a5:10:8d:13:c9:06:d4:c4:84:51:5f:c5:36:29:40:
5d:c9:59:69:c7:f6:8c:28:17:59:87:d6:0a:19:9e:
db:25:12:5a:26:fb:fb:41:cd:c5:77:f3:0f:ee:fb:
fa:53:c8:f3:a7:c6:73:95:86:c0:e0:32:fa:d4:c4:
cb:e5:ba:8d:af:3c:b5:0a:50:56:ac:f3:04:0c:6d:
05:24:5c:0a:62:ea:fa:2d:25:5c:ae:9a:9f:ac:f1:
44:b9:b0:2d:7b:72:d8:50:86:f0:52:f5:99:21:f6:
f1:07:86:8e:4e:83:ef:d5:a4:54:16:65:4d:cc:76:
08:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:85:2E:1A:C3:1D:B7:3B:E1:1C:52:17:DC:37:50:5F:4C:59:A8:04
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/1oUuGsMdtzvhHFIX3DdQX0xZqAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.92.0/24
163.5.219.0/24
163.5.233.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
85:e6:ad:0b:3d:42:98:a4:4f:b8:d2:48:19:5b:5b:77:86:09:
e7:a8:18:e7:f2:82:8c:3c:68:81:2d:60:8d:3f:f4:e5:64:2d:
35:01:f9:83:4f:5d:80:77:5d:c8:e6:7a:71:6f:90:6d:ce:8b:
42:d0:f2:26:d5:cc:cb:92:1e:0f:c7:53:28:14:48:26:34:b5:
aa:96:cc:00:1f:6c:6f:e9:6b:5c:37:ea:8f:ea:c1:9d:45:44:
76:c6:ad:61:de:60:f3:57:68:93:b5:a6:29:4b:05:f1:36:9d:
92:40:45:b3:91:c4:3b:0d:21:b7:9b:09:ad:88:12:13:22:c5:
cd:30:6d:7b:54:af:04:18:69:05:2e:51:e1:80:14:bc:bc:f5:
23:7f:e5:4b:3b:0d:a4:32:3d:ab:71:bc:24:37:04:c3:c5:03:
cb:33:f0:05:a6:18:76:15:4a:fb:2f:71:16:e7:6d:7e:e7:be:
59:00:0c:a2:c4:af:89:79:07:38:58:a2:f9:ec:55:7a:18:cc:
c9:32:08:7b:3d:34:ce:d4:5b:c7:92:08:61:da:1c:b6:19:5c:
a3:02:e4:71:cb:6d:b0:0e:af:e2:8a:bb:d7:4d:9e:df:13:78:
ce:41:e7:19:66:4d:be:4b:42:f3:ec:3a:8d:d0:cf:e5:36:84:
af:e6:96:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZPVCp1BhJyw5ScPPDpuf9E/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjE3MTQzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjg1MmUxYWMzMWRiNzNiZTExYzUyMTdkYzM3NTA1ZjRjNTlhODA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNOZrYpPsZR859wKoGINFuUNsSs+
ouBi1FS9L+qOkat55wwvh9+fj3XgLUMSdqu0UyRKiIzb05MF9SNTDrDQY/QupZ2k
mMd/HEYiawMLQX/69Axq30l92BpZl6YZ9q7yRBTS5EAzho/hEtx1n+ShXRkiemeb
lI2JNV+6vuCXe4ggFHMIlCKlEI0TyQbUxIRRX8U2KUBdyVlpx/aMKBdZh9YKGZ7b
JRJaJvv7Qc3Fd/MP7vv6U8jzp8ZzlYbA4DL61MTL5bqNrzy1ClBWrPMEDG0FJFwK
Yur6LSVcrpqfrPFEubAte3LYUIbwUvWZIfbxB4aOToPv1aRUFmVNzHYIFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNaFLhrDHbc74RxSF9w3UF9MWagEMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvMW9VdUdzTWR0enZoSEZJWDNEZFFYMHhacUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowVcAwQA
owXbAwQAowXpAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQCF5q0LPUKYpE+40kgZ
W1t3hgnnqBjn8oKMPGiBLWCNP/TlZC01AfmDT12Ad13I5npxb5BtzotC0PIm1czL
kh4Px1MoFEgmNLWqlswAH2xv6WtcN+qP6sGdRUR2xq1h3mDzV2iTtaYpSwXxNp2S
QEWzkcQ7DSG3mwmtiBITIsXNMG17VK8EGGkFLlHhgBS8vPUjf+VLOw2kMj2rcbwk
NwTDxQPLM/AFphh2FUr7L3EW521+575ZAAyixK+JeQc4WKL57FV6GMzJMgh7PTTO
1FvHkghh2hy2GVyjAuRxy22wDq/iirvXTZ7fE3jOQecZZk2+S0Lz7DqN0M/lNoSv
5pZo
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:56:46 2025 by rpki-client