Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HeqdKBpQwkQvbIZjJbIwVTbYMTQ.roa
File: HeqdKBpQwkQvbIZjJbIwVTbYMTQ.roa (raw, json)
Hash identifier: 4/YoCjVGH/M8GkqrCmCXYNDTRghCQZzo2VndlDDYawI=
Subject key identifier: 1D:EA:9D:28:1A:50:C2:44:2F:6C:86:63:25:B2:30:55:36:D8:31:34
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0195CCC223ADE5E9D265A9A0BFD6EC833EA3
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HeqdKBpQwkQvbIZjJbIwVTbYMTQ.roa
Signing time: Tue 25 Mar 2025 10:03:49 +0000
ROA not before: Tue 25 Mar 2025 10:03:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56339
IP address blocks: 163.5.0.0/24 maxlen: 24
163.5.2.0/24 maxlen: 24
163.5.3.0/24 maxlen: 24
163.5.4.0/24 maxlen: 24
163.5.5.0/24 maxlen: 24
163.5.10.0/24 maxlen: 24
163.5.11.0/24 maxlen: 24
163.5.20.0/24 maxlen: 24
163.5.21.0/24 maxlen: 24
163.5.23.0/24 maxlen: 24
163.5.24.0/24 maxlen: 24
163.5.42.0/24 maxlen: 24
163.5.45.0/24 maxlen: 24
163.5.48.0/24 maxlen: 24
163.5.50.0/24 maxlen: 24
163.5.52.0/24 maxlen: 24
163.5.55.0/24 maxlen: 24
163.5.57.0/24 maxlen: 24
163.5.68.0/24 maxlen: 24
163.5.69.0/24 maxlen: 24
163.5.80.0/24 maxlen: 24
163.5.81.0/24 maxlen: 24
163.5.85.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:cc:c2:23:ad:e5:e9:d2:65:a9:a0:bf:d6:ec:83:3e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 25 10:03:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dea9d281a50c2442f6c866325b2305536d83134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1f:99:b7:61:75:bd:57:91:d0:ec:70:f0:46:
69:ba:6a:4e:f0:26:ce:7d:57:12:76:9a:97:03:c9:
e2:12:e1:82:51:34:55:00:6e:7e:5f:e1:ee:8b:ff:
f4:8b:ab:9a:f1:9d:51:8f:44:2f:d7:de:27:f5:29:
1e:9e:75:8e:e5:b5:f6:27:9e:03:b0:92:4f:13:d8:
e7:1d:ff:c8:ee:53:44:cf:64:5e:d6:a5:2b:36:80:
a3:4a:fd:e9:00:6e:e8:46:0c:ac:33:b9:e5:92:87:
0d:58:96:dd:ff:3a:f4:94:62:8b:ea:53:28:4a:10:
db:f4:ed:c5:6f:1e:23:5f:a4:03:56:2a:18:89:ee:
4d:6c:53:fd:f3:13:12:e8:07:99:d0:1d:6d:bb:da:
06:b6:c6:c5:74:61:2b:5a:8a:c7:60:b9:df:e9:ec:
a6:69:f9:1b:7b:c2:39:2e:c3:93:d4:6a:cf:9e:0f:
f3:2b:aa:83:3b:31:7f:63:5f:23:b1:5c:6d:9f:96:
de:3b:04:80:58:09:03:be:62:7e:08:92:e3:5f:bd:
59:ed:8a:25:65:44:d4:9c:d1:59:b8:a4:c6:f7:a5:
76:33:d2:49:a2:91:8c:8d:3a:01:6b:42:5f:8f:97:
76:fe:4a:b7:08:4d:41:8b:a9:35:1f:80:d9:36:68:
ae:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EA:9D:28:1A:50:C2:44:2F:6C:86:63:25:B2:30:55:36:D8:31:34
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/HeqdKBpQwkQvbIZjJbIwVTbYMTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.0.0/24
163.5.2.0-163.5.5.255
163.5.10.0/23
163.5.20.0/23
163.5.23.0-163.5.24.255
163.5.42.0/24
163.5.45.0/24
163.5.48.0/24
163.5.50.0/24
163.5.52.0/24
163.5.55.0/24
163.5.57.0/24
163.5.68.0/23
163.5.80.0/23
163.5.85.0/24
Signature Algorithm: sha256WithRSAEncryption
14:b2:1c:64:dd:28:a8:69:e7:3e:3a:c4:c0:91:ea:7e:3b:19:
2c:5d:78:d4:4d:c1:d5:8e:43:bf:5a:fc:7c:2a:8a:a9:f9:aa:
b0:69:8e:d2:c4:5a:70:22:02:93:0e:45:52:d1:92:73:20:10:
cb:98:fd:fc:65:b2:7e:10:58:4b:ff:c7:9b:a5:15:03:d3:7d:
72:3c:ed:10:37:86:22:30:d8:9b:9d:ad:f3:05:53:6f:6c:68:
c2:45:6f:a6:c6:c3:d9:2b:97:a6:9d:de:4d:5f:c7:04:ec:de:
bd:97:e5:f2:d1:e7:b3:1b:d5:db:59:e0:13:a5:a3:a9:37:74:
f6:e5:5c:8d:bd:8e:93:1e:86:05:48:3a:f5:b4:7b:9b:b0:81:
1d:97:24:00:f6:4f:1c:7f:b5:9b:04:18:1c:24:30:cb:a1:6c:
65:29:8a:58:11:bb:90:fb:ee:b8:95:03:f2:ef:ae:4b:ab:c7:
9c:99:d3:61:10:5e:30:2c:da:14:79:0a:84:ba:2d:52:eb:5f:
08:a6:9b:4c:a1:2b:27:73:f7:e3:10:27:01:31:05:82:79:3c:
2d:e9:54:f3:8c:71:68:66:b5:76:be:c0:53:33:da:52:93:38:
d2:3a:fd:76:9f:8c:ae:74:be:47:ea:d0:93:2c:ab:3e:67:e9:
cf:df:91:8a
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZXMwiOt5enSZamgv9bsgz6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzI1MTAwMzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGVhOWQyODFhNTBjMjQ0MmY2Yzg2NjMyNWIyMzA1NTM2ZDgzMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsB+Zt2F1vVeR0Oxw8EZpumpO8CbO
fVcSdpqXA8niEuGCUTRVAG5+X+Hui//0i6ua8Z1Rj0Qv194n9SkennWO5bX2J54D
sJJPE9jnHf/I7lNEz2Re1qUrNoCjSv3pAG7oRgysM7nlkocNWJbd/zr0lGKL6lMo
ShDb9O3Fbx4jX6QDVioYie5NbFP98xMS6AeZ0B1tu9oGtsbFdGErWorHYLnf6eym
afkbe8I5LsOT1GrPng/zK6qDOzF/Y18jsVxtn5beOwSAWAkDvmJ+CJLjX71Z7Yol
ZUTUnNFZuKTG96V2M9JJopGMjToBa0Jfj5d2/kq3CE1Bi6k1H4DZNmiuPQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFB3qnSgaUMJEL2yGYyWyMFU22DE0MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvSGVxZEtCcFF3a1F2YklaakpiSXdWVGJZTVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAKMFADAM
AwQBowUCAwQBowUEAwQBowUKAwQBowUUMAwDBACjBRcDBACjBRgDBACjBSoDBACj
BS0DBACjBTADBACjBTIDBACjBTQDBACjBTcDBACjBTkDBAGjBUQDBAGjBVADBACj
BVUwDQYJKoZIhvcNAQELBQADggEBABSyHGTdKKhp5z46xMCR6n47GSxdeNRNwdWO
Q79a/Hwqiqn5qrBpjtLEWnAiApMORVLRknMgEMuY/fxlsn4QWEv/x5ulFQPTfXI8
7RA3hiIw2JudrfMFU29saMJFb6bGw9krl6ad3k1fxwTs3r2X5fLR57Mb1dtZ4BOl
o6k3dPblXI29jpMehgVIOvW0e5uwgR2XJAD2Txx/tZsEGBwkMMuhbGUpilgRu5D7
7riVA/Lvrkurx5yZ02EQXjAs2hR5CoS6LVLrXwimm0yhKydz9+MQJwExBYJ5PC3p
VPOMcWhmtXa+wFMz2lKTONI6/XafjK50vkfq0JMsqz5n6c/fkYo=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:52:24 2025 by rpki-client