Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_lxXLSIUFCSkPMqSzW5TbkAzEQ8.roa
File: _lxXLSIUFCSkPMqSzW5TbkAzEQ8.roa (raw, json)
Hash identifier: V04pYE43Uwz1ZalKg/wF91wEnddy4PyXU3Nl8oXpMv0=
Subject key identifier: FE:5C:57:2D:22:14:14:24:A4:3C:CA:92:CD:6E:53:6E:40:33:11:0F
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01938D84CD6C9F78E9D8223ECA2EFC11559D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_lxXLSIUFCSkPMqSzW5TbkAzEQ8.roa
Signing time: Tue 03 Dec 2024 17:15:11 +0000
ROA not before: Tue 03 Dec 2024 17:15:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.86.0/24 maxlen: 24
163.5.97.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8d:84:cd:6c:9f:78:e9:d8:22:3e:ca:2e:fc:11:55:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Dec 3 17:15:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe5c572d22141424a43cca92cd6e536e4033110f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7a:51:45:dd:27:71:dc:40:65:ba:e3:6a:bb:
b5:cd:52:bc:d7:a0:5a:34:13:26:00:80:41:91:1c:
d4:bf:b9:e4:e3:4b:a7:e0:64:85:ee:3f:fa:e4:f8:
f3:af:6e:67:66:97:82:f1:28:09:0b:47:22:98:7e:
2e:dc:eb:f9:c7:8c:e0:77:a1:46:a2:0b:ea:83:53:
d8:91:32:42:7e:74:72:2e:bb:bc:ca:f3:71:b8:9c:
b4:6f:c4:4a:4c:b2:6f:f4:2a:c6:03:34:eb:10:1d:
b0:9c:13:14:b8:e6:0d:4e:df:42:db:b9:60:eb:35:
f5:06:f8:45:05:bb:cf:d9:07:7a:03:4e:db:00:81:
11:84:0f:b1:7d:c6:c9:6e:df:7a:15:ee:f5:71:27:
43:ae:3e:47:d4:df:da:e4:e2:a9:52:f1:76:9e:b5:
d7:6b:bd:40:c9:3a:a7:d9:74:5e:fb:c8:df:e8:06:
63:bd:ca:a6:5b:57:6a:80:93:69:b7:f9:d6:c7:14:
56:ad:94:7f:a4:2e:bc:9a:93:8e:b8:97:1d:61:dc:
59:10:9e:58:fc:c7:78:e0:1b:11:67:1a:35:38:59:
ff:4c:7a:65:00:15:12:16:7a:12:89:ec:b1:8a:af:
25:5a:95:41:59:58:de:fa:fa:7a:79:35:5a:aa:d3:
73:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:5C:57:2D:22:14:14:24:A4:3C:CA:92:CD:6E:53:6E:40:33:11:0F
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/_lxXLSIUFCSkPMqSzW5TbkAzEQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.86.0/24
163.5.97.0/24
163.5.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:7a:ac:91:c0:ee:36:e4:e3:0c:1e:e1:d2:2d:52:fa:a5:af:
14:d9:f5:38:06:b2:e4:71:c4:bf:00:70:dd:7a:27:a8:1e:ce:
66:79:b6:a2:e0:7a:3a:6b:48:18:b8:10:5c:35:95:6d:18:86:
4e:b8:6b:cd:80:1a:23:b2:28:b0:f0:80:74:a5:24:f6:f6:06:
53:f8:3b:9a:0d:97:64:94:49:07:91:cd:0a:d2:50:2c:21:d9:
b3:83:66:e5:65:0a:89:6e:a4:ac:c2:ed:02:05:18:45:15:f7:
48:53:7b:0d:1c:60:72:08:25:d4:1f:ed:0d:5d:9d:ce:7f:af:
8a:cb:d7:23:da:62:29:d4:b5:61:c8:2c:12:77:70:d4:4a:23:
36:75:69:0d:c3:73:1b:8b:ec:9b:79:15:a4:42:dc:b5:58:55:
44:b3:52:07:dc:c7:c8:b1:62:0f:bf:bf:77:93:3e:ac:ec:01:
08:5e:16:6c:3c:37:ec:79:4d:e9:7d:b7:a3:5e:d9:94:e0:4b:
02:71:fc:c8:e8:8a:ed:46:a5:e3:86:65:43:9b:7d:3c:da:a6:
6a:1e:10:19:b6:33:d1:a4:52:32:a8:3e:58:48:13:65:e7:11:
a9:f0:db:0e:8d:06:73:ba:a8:69:f6:a0:49:e8:6c:e5:0b:69:
2e:f7:a6:ca
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZONhM1sn3jp2CI+yi78EVWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMjAzMTcxNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTVjNTcyZDIyMTQxNDI0YTQzY2NhOTJjZDZlNTM2ZTQwMzMxMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3pRRd0ncdxAZbrjaru1zVK816Ba
NBMmAIBBkRzUv7nk40un4GSF7j/65Pjzr25nZpeC8SgJC0cimH4u3Ov5x4zgd6FG
ogvqg1PYkTJCfnRyLru8yvNxuJy0b8RKTLJv9CrGAzTrEB2wnBMUuOYNTt9C27lg
6zX1BvhFBbvP2Qd6A07bAIERhA+xfcbJbt96Fe71cSdDrj5H1N/a5OKpUvF2nrXX
a71AyTqn2XRe+8jf6AZjvcqmW1dqgJNpt/nWxxRWrZR/pC68mpOOuJcdYdxZEJ5Y
/Md44BsRZxo1OFn/THplABUSFnoSieyxiq8lWpVBWVje+vp6eTVaqtNzsQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP5cVy0iFBQkpDzKks1uU25AMxEPMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvX2x4WExTSVVGQ1NrUE1xU3pXNVRia0F6RVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUpAwQA
owVWAwQAowVhAwQAowWvMA0GCSqGSIb3DQEBCwUAA4IBAQAMeqyRwO425OMMHuHS
LVL6pa8U2fU4BrLkccS/AHDdeieoHs5mebai4Ho6a0gYuBBcNZVtGIZOuGvNgBoj
siiw8IB0pST29gZT+DuaDZdklEkHkc0K0lAsIdmzg2blZQqJbqSswu0CBRhFFfdI
U3sNHGByCCXUH+0NXZ3Of6+Ky9cj2mIp1LVhyCwSd3DUSiM2dWkNw3Mbi+ybeRWk
Qty1WFVEs1IH3MfIsWIPv793kz6s7AEIXhZsPDfseU3pfbejXtmU4EsCcfzI6Irt
RqXjhmVDm3082qZqHhAZtjPRpFIyqD5YSBNl5xGp8NsOjQZzuqhp9qBJ6GzlC2ku
96bK
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:31:38 2025 by rpki-client