Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/442rNyDabqbvohdb02qAUWBEPIM.roa
File: 442rNyDabqbvohdb02qAUWBEPIM.roa (raw, json)
Hash identifier: HzgJGYrNIrL49TVGMSZYGdOReND7N1ZbgO/CkbFid3A=
Subject key identifier: E3:8D:AB:37:20:DA:6E:A6:EF:A2:17:5B:D3:6A:80:51:60:44:3C:83
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A464BEB76932DB0E30D3F20C51E1D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/442rNyDabqbvohdb02qAUWBEPIM.roa
Signing time: Wed 01 Jan 2025 19:49:14 +0000
ROA not before: Wed 01 Jan 2025 19:49:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211373
IP address blocks: 163.5.103.0/24 maxlen: 24
163.5.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:46:4b:eb:76:93:2d:b0:e3:0d:3f:20:c5:1e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e38dab3720da6ea6efa2175bd36a805160443c83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:56:15:17:aa:ea:cb:b7:31:26:40:ff:ec:63:
21:bd:1d:23:f8:3e:79:2c:07:e8:e8:1e:b9:19:2f:
b0:99:4d:17:b0:2f:a6:09:7c:9d:c5:5a:46:b2:f1:
02:c8:b1:ce:e9:81:9f:ab:c0:82:0e:72:1b:93:e4:
1d:61:3d:cf:60:ac:95:1b:51:1c:79:45:0f:4a:63:
08:e7:97:1e:17:89:c4:36:a4:11:02:e0:77:c5:9e:
71:7c:a5:23:61:0b:f6:6c:b5:7d:01:b2:ab:11:c2:
ee:0c:cc:ef:79:4c:6f:ea:7d:67:3b:3b:3d:d9:98:
37:4d:96:f6:b3:c4:5d:f9:31:74:e5:92:ca:7e:75:
9d:2f:ed:8a:f7:79:fa:59:f6:0d:3e:0a:7a:49:03:
6c:56:1a:a5:b0:3d:36:80:b9:c4:14:9e:b6:d7:b4:
42:03:1e:90:52:f9:2d:d4:b3:e0:ba:b8:fa:af:79:
81:7d:c8:4f:59:96:fa:bb:a2:55:74:70:7a:6f:e9:
da:18:a4:93:5a:cf:68:53:77:1b:9d:98:b4:37:fd:
df:20:8b:37:c5:e8:64:cf:c9:94:c2:5f:19:64:99:
fb:9b:db:2e:30:51:6d:15:e9:41:44:2f:46:de:d6:
59:7a:9a:07:0d:85:ce:c2:bf:cf:05:e1:f7:b8:4f:
00:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:8D:AB:37:20:DA:6E:A6:EF:A2:17:5B:D3:6A:80:51:60:44:3C:83
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/442rNyDabqbvohdb02qAUWBEPIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.103.0/24
163.5.152.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:89:3b:37:76:7b:41:67:29:30:96:23:a4:49:0d:ed:94:db:
b6:f0:c4:51:1b:cf:ab:d5:90:f4:e7:4c:a9:dc:65:f0:65:50:
75:f3:8d:19:79:20:23:4d:72:49:c6:6b:24:99:fa:f3:57:ac:
1e:0a:b6:a3:12:ba:5e:b2:04:58:d9:b7:a4:72:90:d1:0c:03:
ec:c4:77:69:c2:aa:d4:b3:d5:5d:39:d1:04:23:ef:06:bd:4f:
53:41:b4:4a:0b:fe:b4:91:5f:9c:14:67:79:39:53:bb:10:08:
75:72:29:6f:04:24:bf:69:27:e1:df:b5:75:d5:a9:9e:3e:9b:
98:8e:03:62:46:ae:eb:6e:e6:2d:ff:a4:b8:6a:c1:be:63:68:
f2:1a:3a:4d:88:cd:96:b5:bb:69:7d:70:24:4b:03:30:d8:68:
49:d7:a3:4f:e8:57:e8:4d:2f:94:72:79:72:7c:a2:5b:ba:d3:
99:a5:54:83:ef:d9:0c:62:e3:f1:d8:d5:8c:7b:01:5e:9d:b6:
e2:ae:38:12:26:c6:cc:0f:d5:2c:e5:97:89:d0:0b:c9:ee:e7:
bb:5d:b3:bf:9a:a3:2f:01:e3:2e:5b:1a:7f:96:b1:4a:e3:d7:
4c:ed:14:8a:60:c7:dd:55:38:46:37:46:47:8d:7e:90:0b:4b:
e5:68:7a:c1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjakZL63aTLbDjDT8gxR4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzhkYWIzNzIwZGE2ZWE2ZWZhMjE3NWJkMzZhODA1MTYwNDQzYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1YVF6rqy7cxJkD/7GMhvR0j+D55
LAfo6B65GS+wmU0XsC+mCXydxVpGsvECyLHO6YGfq8CCDnIbk+QdYT3PYKyVG1Ec
eUUPSmMI55ceF4nENqQRAuB3xZ5xfKUjYQv2bLV9AbKrEcLuDMzveUxv6n1nOzs9
2Zg3TZb2s8Rd+TF05ZLKfnWdL+2K93n6WfYNPgp6SQNsVhqlsD02gLnEFJ6217RC
Ax6QUvkt1LPgurj6r3mBfchPWZb6u6JVdHB6b+naGKSTWs9oU3cbnZi0N/3fIIs3
xehkz8mUwl8ZZJn7m9suMFFtFelBRC9G3tZZepoHDYXOwr/PBeH3uE8A6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOONqzcg2m6m76IXW9NqgFFgRDyDMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvNDQyck55RGFicWJ2b2hkYjAycUFVV0JFUElNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAowVnAwQA
owWYMA0GCSqGSIb3DQEBCwUAA4IBAQCoiTs3dntBZykwliOkSQ3tlNu28MRRG8+r
1ZD050yp3GXwZVB1840ZeSAjTXJJxmskmfrzV6weCrajErpesgRY2bekcpDRDAPs
xHdpwqrUs9VdOdEEI+8GvU9TQbRKC/60kV+cFGd5OVO7EAh1cilvBCS/aSfh37V1
1amePpuYjgNiRq7rbuYt/6S4asG+Y2jyGjpNiM2WtbtpfXAkSwMw2GhJ16NP6Ffo
TS+UcnlyfKJbutOZpVSD79kMYuPx2NWMewFenbbirjgSJsbMD9Us5ZeJ0AvJ7ue7
XbO/mqMvAeMuWxp/lrFK49dM7RSKYMfdVThGN0ZHjX6QC0vlaHrB
-----END CERTIFICATE-----
Generated at Wed Apr 9 18:14:05 2025 by rpki-client