Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XYx6QXZtG6xNnaBdtTH9v3I-Zt0.roa
File: XYx6QXZtG6xNnaBdtTH9v3I-Zt0.roa (raw, json)
Hash identifier: 3Uyz3gr48c+CCTuIu44o/0okNvpWTRD8en+0/CYxXxQ=
Subject key identifier: 5D:8C:7A:41:76:6D:1B:AC:4D:9D:A0:5D:B5:31:FD:BF:72:3E:66:DD
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01959A4265B3B1B0E26F6EA7744EA9909282
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XYx6QXZtG6xNnaBdtTH9v3I-Zt0.roa
Signing time: Sat 15 Mar 2025 14:43:17 +0000
ROA not before: Sat 15 Mar 2025 14:43:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.30.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.66.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.131.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.142.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.164.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.170.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.209.0/24 maxlen: 24
163.5.216.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.225.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.229.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.246.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9a:42:65:b3:b1:b0:e2:6f:6e:a7:74:4e:a9:90:92:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Mar 15 14:43:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d8c7a41766d1bac4d9da05db531fdbf723e66dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b1:6f:d5:dd:e2:e0:b2:2d:b8:89:94:0e:f4:
10:7c:41:ee:61:9a:0a:c3:a6:9d:68:13:82:8d:bc:
07:2d:08:f8:62:7a:e9:af:92:d5:8d:89:ec:4b:3a:
3e:85:4d:19:76:b1:91:7d:c7:ba:32:6a:4d:44:85:
55:19:90:7a:5b:b0:9f:05:41:d4:e9:65:59:52:9f:
34:c4:cc:b0:00:00:ad:4f:bd:da:64:c6:10:da:90:
4f:be:8d:5a:73:d5:8d:fe:2c:f3:84:41:69:d6:fb:
bd:da:d6:a7:10:4d:3c:0c:0c:5a:41:46:55:1e:62:
8b:0d:34:b9:3a:ca:b9:a4:33:8a:f5:ae:a6:a8:c1:
04:6f:a9:0f:c8:3a:36:2a:97:97:f0:ab:b5:1a:49:
a6:55:c2:3f:ea:80:00:5f:68:d3:1d:b6:93:89:8e:
80:7f:d4:7a:2b:96:1c:b2:ad:45:58:65:cc:3d:34:
5b:a1:3c:ce:24:7a:8c:91:62:cb:54:6a:79:a5:18:
61:4d:be:6b:94:b8:ec:45:0e:22:d2:d8:93:3b:26:
89:c3:61:b5:5a:92:75:36:f4:6b:56:9c:e4:98:e7:
94:f8:b9:77:f5:28:f6:f7:9f:95:df:cd:e2:8c:76:
47:32:f5:0c:0d:12:07:d2:af:b1:98:32:cd:83:86:
8e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8C:7A:41:76:6D:1B:AC:4D:9D:A0:5D:B5:31:FD:BF:72:3E:66:DD
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/XYx6QXZtG6xNnaBdtTH9v3I-Zt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.30.0/23
163.5.34.0/24
163.5.46.0/24
163.5.59.0/24
163.5.66.0/24
163.5.73.0/24
163.5.86.0/24
163.5.97.0/24
163.5.112.0/23
163.5.118.0/23
163.5.121.0/24
163.5.128.0/23
163.5.131.0/24
163.5.138.0/23
163.5.142.0-163.5.144.255
163.5.146.0/24
163.5.151.0/24
163.5.156.0/24
163.5.158.0/24
163.5.160.0/24
163.5.162.0/24
163.5.164.0/24
163.5.167.0/24
163.5.170.0/24
163.5.173.0/24
163.5.175.0/24
163.5.178.0/23
163.5.182.0/24
163.5.186.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.209.0/24
163.5.216.0/24
163.5.218.0/24
163.5.221.0/24
163.5.224.0/23
163.5.228.0/23
163.5.233.0/24
163.5.241.0/24
163.5.246.0/23
Signature Algorithm: sha256WithRSAEncryption
14:a0:37:14:db:f5:d2:9e:7d:8f:81:22:ea:47:26:9b:6a:22:
65:f6:6d:95:1b:37:47:04:8d:c7:a0:35:4a:8a:29:dc:1f:8d:
49:0b:93:97:b7:17:78:ab:02:cb:f8:5b:bc:e7:d3:3d:7f:e4:
7a:65:26:b8:a1:a9:06:3c:da:cf:c4:a0:78:00:8e:31:02:1c:
89:2e:64:0c:cf:e5:e2:1b:f0:07:8a:1b:c6:f8:58:ae:09:50:
2b:52:08:1f:7f:5c:ff:34:1e:ff:68:de:31:b4:0c:14:c2:b3:
53:5a:33:b9:18:1c:0c:c9:00:c2:1f:b6:6e:b4:c0:96:fe:2d:
76:a9:fe:77:18:a7:7b:80:07:cb:77:d1:cd:00:37:c6:c3:8f:
bf:1d:d4:de:42:be:fe:a6:e3:da:f4:47:fd:e1:97:ac:81:fd:
a1:a3:43:61:ab:28:ea:f2:09:b8:5d:34:24:5c:37:00:b1:2b:
84:16:9e:df:4a:df:b7:aa:5e:e2:f6:ff:de:16:64:5e:65:2a:
42:a9:d3:a8:51:7a:f5:87:8f:56:a1:88:03:a6:6e:fc:d5:45:
46:a2:44:39:71:88:19:38:a1:29:33:9b:7e:38:a9:40:98:06:
af:ad:64:fe:78:6c:12:1f:d0:00:1d:2e:23:4f:34:8a:14:87:
92:1c:18:4e
-----BEGIN CERTIFICATE-----
MIIGEzCCBPugAwIBAgISAZWaQmWzsbDib26ndE6pkJKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMzE1MTQ0MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDhjN2E0MTc2NmQxYmFjNGQ5ZGEwNWRiNTMxZmRiZjcyM2U2NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7Fv1d3i4LItuImUDvQQfEHuYZoK
w6adaBOCjbwHLQj4Ynrpr5LVjYnsSzo+hU0ZdrGRfce6MmpNRIVVGZB6W7CfBUHU
6WVZUp80xMywAACtT73aZMYQ2pBPvo1ac9WN/izzhEFp1vu92tanEE08DAxaQUZV
HmKLDTS5Osq5pDOK9a6mqMEEb6kPyDo2KpeX8Ku1GkmmVcI/6oAAX2jTHbaTiY6A
f9R6K5Ycsq1FWGXMPTRboTzOJHqMkWLLVGp5pRhhTb5rlLjsRQ4i0tiTOyaJw2G1
WpJ1NvRrVpzkmOeU+Ll39Sj295+V383ijHZHMvUMDRIH0q+xmDLNg4aOtwIDAQAB
o4IDHzCCAxswHQYDVR0OBBYEFF2MekF2bRusTZ2gXbUx/b9yPmbdMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvWFl4NlFYWnRHNnhObmFCZHRUSDl2M0ktWnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMwYIKwYBBQUHAQcBAf8EggEiMIIBHjCCARoEAgABMIIB
EgMEAKMFFgMEAaMFHgMEAKMFIgMEAKMFLgMEAKMFOwMEAKMFQgMEAKMFSQMEAKMF
VgMEAKMFYQMEAaMFcAMEAaMFdgMEAKMFeQMEAaMFgAMEAKMFgwMEAaMFijAMAwQB
owWOAwQAowWQAwQAowWSAwQAowWXAwQAowWcAwQAowWeAwQAowWgAwQAowWiAwQA
owWkAwQAowWnAwQAowWqAwQAowWtAwQAowWvAwQBowWyAwQAowW2AwQAowW6AwQA
owW9AwQAowW/AwQBowXIMAwDBACjBcsDBACjBc4DBACjBdEDBACjBdgDBACjBdoD
BACjBd0DBAGjBeADBAGjBeQDBACjBekDBACjBfEDBAGjBfYwDQYJKoZIhvcNAQEL
BQADggEBABSgNxTb9dKefY+BIupHJptqImX2bZUbN0cEjcegNUqKKdwfjUkLk5e3
F3irAsv4W7zn0z1/5HplJrihqQY82s/EoHgAjjECHIkuZAzP5eIb8AeKG8b4WK4J
UCtSCB9/XP80Hv9o3jG0DBTCs1NaM7kYHAzJAMIftm60wJb+LXap/ncYp3uAB8t3
0c0AN8bDj78d1N5Cvv6m49r0R/3hl6yB/aGjQ2GrKOryCbhdNCRcNwCxK4QWnt9K
37eqXuL2/94WZF5lKkKp06hRevWHj1ahiAOmbvzVRUaiRDlxiBk4oSkzm344qUCY
Bq+tZP54bBIf0AAdLiNPNIoUh5IcGE4=
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:00:17 2025 by rpki-client