Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9aRkRaVy5akY_1Mm2bMYTTqlask.roa
File: 9aRkRaVy5akY_1Mm2bMYTTqlask.roa (raw, json)
Hash identifier: n3YMCJdILHsoH0OeYVyszRyfEuA4V5naw3TkGRPYuik=
Subject key identifier: F5:A4:64:45:A5:72:E5:A9:18:FF:53:26:D9:B3:18:4D:3A:A5:6A:C9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01947F6A1807A6616BC28F5EDEC52F9E23C3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9aRkRaVy5akY_1Mm2bMYTTqlask.roa
Signing time: Sun 19 Jan 2025 16:34:06 +0000
ROA not before: Sun 19 Jan 2025 16:34:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.31.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:6a:18:07:a6:61:6b:c2:8f:5e:de:c5:2f:9e:23:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 19 16:34:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5a46445a572e5a918ff5326d9b3184d3aa56ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4c:0e:29:d5:83:e9:79:95:8a:3b:4d:56:4c:
79:36:b7:00:4c:e4:3d:b1:28:ef:1c:6b:a3:f3:e0:
0b:3a:82:b7:96:e6:f1:76:ef:18:18:d7:d6:f6:b4:
5c:42:07:76:93:c4:f3:c5:2f:77:d2:a6:19:6d:d0:
31:01:6f:5b:78:38:b7:36:b4:17:47:b1:8a:ec:61:
75:72:bb:86:d8:c2:14:ff:e5:33:a4:1e:83:7e:c0:
07:05:d4:dc:0f:de:82:b0:55:6f:52:ce:eb:83:4d:
14:74:b1:5c:d8:a4:d5:07:57:60:7a:b3:32:1f:dd:
e8:90:9e:5f:65:81:de:9b:a1:c7:47:23:45:f8:eb:
0f:2b:db:67:19:fd:26:08:73:f9:c9:b2:3b:eb:ac:
74:26:21:80:93:b9:a4:f8:8e:7f:6f:28:a9:cc:88:
a2:47:76:0e:0a:a3:53:5f:24:3b:fe:31:cc:31:b4:
d2:34:dc:68:84:e8:6d:36:2b:5f:48:33:1f:1b:c6:
b9:c0:28:5d:e0:43:66:89:97:90:8f:6a:72:6e:56:
be:ab:21:15:fb:92:81:2b:d4:4b:27:8a:9b:c3:65:
62:d7:40:0b:e1:22:a3:13:b7:e5:82:4e:fe:47:dd:
15:3a:1e:c2:41:21:8d:93:55:ab:33:1e:b4:b5:fe:
d4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A4:64:45:A5:72:E5:A9:18:FF:53:26:D9:B3:18:4D:3A:A5:6A:C9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/9aRkRaVy5akY_1Mm2bMYTTqlask.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.31.0/24
163.5.46.0/24
163.5.62.0/24
163.5.149.0/24
163.5.187.0/24
163.5.209.0/24
Signature Algorithm: sha256WithRSAEncryption
55:b6:eb:97:61:48:59:0a:61:9b:51:cc:e2:74:eb:de:0c:19:
8a:74:ef:af:0a:dc:85:d1:fc:51:b9:85:4e:60:02:98:0e:a9:
c8:65:99:3d:7b:2d:e3:00:f5:f9:34:6f:59:0c:32:1a:28:c6:
cb:cf:5d:2d:aa:00:80:25:ae:3e:7c:ce:0d:0a:92:77:4a:b8:
b5:04:27:cb:f1:9a:1c:6a:13:1c:b8:f3:52:47:56:dc:19:df:
e9:34:fb:9c:c1:bc:bd:b7:8d:c8:9c:10:69:71:03:37:92:f5:
36:f5:ef:40:33:fe:87:f1:06:32:27:6a:6d:5b:56:82:65:e1:
d1:94:59:bc:68:53:38:8f:59:bb:d0:40:3c:38:ab:49:31:2f:
41:95:77:8a:76:f8:14:89:53:b3:06:a5:32:65:d8:ec:7a:91:
5e:e6:c8:94:80:a2:c8:51:af:4e:8f:e4:f1:83:b8:45:a9:b0:
91:dd:99:71:88:0f:59:a5:9c:0d:d6:f8:1d:de:12:ee:db:ec:
3b:24:36:74:2c:64:04:cc:32:42:70:11:0b:e0:4c:b1:84:34:
f8:51:96:10:4e:ae:46:73:ae:38:6a:96:e4:c4:6e:c2:5a:6e:
8d:8d:95:1e:1f:dd:8d:68:05:d1:51:65:b6:42:45:c4:e8:7c:
47:e2:33:24
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZR/ahgHpmFrwo9e3sUvniPDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE5MTYzNDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWE0NjQ0NWE1NzJlNWE5MThmZjUzMjZkOWIzMTg0ZDNhYTU2YWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkwOKdWD6XmVijtNVkx5NrcATOQ9
sSjvHGuj8+ALOoK3lubxdu8YGNfW9rRcQgd2k8TzxS930qYZbdAxAW9beDi3NrQX
R7GK7GF1cruG2MIU/+UzpB6DfsAHBdTcD96CsFVvUs7rg00UdLFc2KTVB1dgerMy
H93okJ5fZYHem6HHRyNF+OsPK9tnGf0mCHP5ybI766x0JiGAk7mk+I5/byipzIii
R3YOCqNTXyQ7/jHMMbTSNNxohOhtNitfSDMfG8a5wChd4ENmiZeQj2pybla+qyEV
+5KBK9RLJ4qbw2Vi10AL4SKjE7flgk7+R90VOh7CQSGNk1WrMx60tf7U9QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPWkZEWlcuWpGP9TJtmzGE06pWrJMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvOWFSa1JhVnk1YWtZXzFNbTJiTVlUVHFsYXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAowUfAwQA
owUuAwQAowU+AwQAowWVAwQAowW7AwQAowXRMA0GCSqGSIb3DQEBCwUAA4IBAQBV
tuuXYUhZCmGbUczidOveDBmKdO+vCtyF0fxRuYVOYAKYDqnIZZk9ey3jAPX5NG9Z
DDIaKMbLz10tqgCAJa4+fM4NCpJ3Sri1BCfL8ZocahMcuPNSR1bcGd/pNPucwby9
t43InBBpcQM3kvU29e9AM/6H8QYyJ2ptW1aCZeHRlFm8aFM4j1m70EA8OKtJMS9B
lXeKdvgUiVOzBqUyZdjsepFe5siUgKLIUa9Oj+Txg7hFqbCR3ZlxiA9ZpZwN1vgd
3hLu2+w7JDZ0LGQEzDJCcBEL4EyxhDT4UZYQTq5Gc644apbkxG7CWm6NjZUeH92N
aAXRUWW2QkXE6HxH4jMk
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:03:26 2025 by rpki-client