Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/brNmAJ74kjHdLErlfBZsmbC5iVE.roa
File: brNmAJ74kjHdLErlfBZsmbC5iVE.roa (raw, json)
Hash identifier: CJskhh16LhKU+qaCaoU3iwj5gQJJQUFTe1Ycnyjsvmg=
Subject key identifier: 6E:B3:66:00:9E:F8:92:31:DD:2C:4A:E5:7C:16:6C:99:B0:B9:89:51
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A1AE39ABBB7C3BBC375A5214747D2
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/brNmAJ74kjHdLErlfBZsmbC5iVE.roa
Signing time: Wed 01 Jan 2025 19:49:03 +0000
ROA not before: Wed 01 Jan 2025 19:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.34.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.89.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.211.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.221.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.245.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1a:e3:9a:bb:b7:c3:bb:c3:75:a5:21:47:47:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6eb366009ef89231dd2c4ae57c166c99b0b98951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:f1:40:10:df:1e:df:1d:ff:e1:88:90:c9:3d:
86:d0:1b:19:fc:81:f8:d1:80:9d:0a:1e:db:d4:43:
c0:d6:ad:29:17:69:ee:b6:a9:76:ea:d5:82:ed:10:
22:de:19:15:91:7e:34:4c:5e:14:90:08:60:2b:08:
bd:32:ea:4f:92:30:14:33:75:f6:d0:a3:e4:ae:af:
17:ff:86:bc:0a:b3:bb:94:ee:78:01:37:6c:da:09:
ea:3d:21:19:dc:ce:29:b3:7d:7b:51:53:e2:39:c8:
51:f3:07:21:7e:13:5f:ad:d8:9c:39:28:a7:62:88:
46:81:6b:f1:3d:f3:f5:d8:0f:6d:6c:b3:0e:f5:de:
19:da:a3:d8:40:35:f8:72:78:e2:28:d8:6e:a0:9a:
c8:9b:3f:55:0c:63:7e:f5:0c:f5:14:13:40:35:25:
a9:83:ee:6f:41:8d:8f:5c:c3:9f:89:23:ab:da:22:
f8:5a:6f:e4:bb:f7:64:e6:ed:5b:0e:14:fd:ac:7b:
11:0f:ef:88:7d:ae:02:64:a3:44:ac:ed:b7:d1:5b:
f3:92:b1:d4:55:af:a7:cf:26:9b:6c:4f:6b:cf:8d:
35:97:9a:62:7c:41:d5:99:b1:e7:69:7a:f7:ae:5b:
32:65:dc:b1:05:94:47:93:42:b8:09:80:8c:11:69:
8d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:B3:66:00:9E:F8:92:31:DD:2C:4A:E5:7C:16:6C:99:B0:B9:89:51
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/brNmAJ74kjHdLErlfBZsmbC5iVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.34.0/24
163.5.59.0/24
163.5.73.0/24
163.5.89.0/24
163.5.110.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.211.0-163.5.212.255
163.5.218.0/24
163.5.221.0/24
163.5.224.0/24
163.5.228.0/24
163.5.241.0/24
163.5.245.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
98:15:3f:8f:a3:37:92:b1:76:b5:c0:32:85:b9:0c:58:e2:a3:
f7:90:72:c6:e1:85:7c:a3:39:70:83:b0:2b:85:ed:73:4b:ca:
f9:70:d2:25:d9:13:e2:a0:96:a1:74:88:c4:72:af:4d:53:65:
f3:21:1d:3b:97:90:d5:ab:a8:86:3c:13:52:11:69:df:aa:4e:
11:c4:00:0f:48:5c:bd:bc:c4:19:06:c4:43:62:8f:27:d9:45:
1b:b9:31:85:c1:19:85:30:e9:63:eb:e7:d3:ac:29:ed:b6:a4:
fc:b3:b1:ba:6e:51:c8:0f:d1:1c:d3:68:aa:e2:91:10:54:5e:
64:d5:35:a7:99:e1:21:b3:5f:d2:b0:00:f4:d0:3c:20:8e:ab:
97:a1:ed:fe:61:f5:05:76:44:f9:79:21:fe:99:20:30:ed:e9:
dd:10:a9:2c:76:a1:e7:e8:86:72:3c:b7:d1:2d:ea:61:46:fc:
45:a3:75:8a:26:cb:83:cd:07:55:af:54:dc:a7:37:99:0c:fe:
68:e4:3c:7e:8e:48:8d:7b:b3:dd:88:81:c7:99:22:9e:33:d3:
6e:25:bd:68:bb:78:47:0e:b8:28:31:20:b0:35:42:6d:0f:0e:
3a:31:95:18:cf:b4:9d:b6:0b:f3:2b:6e:d1:3f:64:83:1e:ad:
95:70:46:c3
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAZQjahrjmru3w7vDdaUhR0fSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWIzNjYwMDllZjg5MjMxZGQyYzRhZTU3YzE2NmM5OWIwYjk4OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9fFAEN8e3x3/4YiQyT2G0BsZ/IH4
0YCdCh7b1EPA1q0pF2nutql26tWC7RAi3hkVkX40TF4UkAhgKwi9MupPkjAUM3X2
0KPkrq8X/4a8CrO7lO54ATds2gnqPSEZ3M4ps317UVPiOchR8wchfhNfrdicOSin
YohGgWvxPfP12A9tbLMO9d4Z2qPYQDX4cnjiKNhuoJrImz9VDGN+9Qz1FBNANSWp
g+5vQY2PXMOfiSOr2iL4Wm/ku/dk5u1bDhT9rHsRD++Ifa4CZKNErO230VvzkrHU
Va+nzyabbE9rz401l5pifEHVmbHnaXr3rlsyZdyxBZRHk0K4CYCMEWmNOwIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFG6zZgCe+JIx3SxK5XwWbJmwuYlRMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvYnJObUFKNzRrakhkTEVybGZCWnNtYkM1aVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBACj
BR4DBACjBSIDBACjBTsDBACjBUkDBACjBVkwDAMEAaMFbgMEAaMFcAMEAaMFdgME
AKMFeQMEAKMFfgMEAaMFgAMEAaMFigMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFngME
AKMFoAMEAKMFpwMEAKMFrwMEAKMFsgMEAKMFtgMEAKMFvQMEAKMFvwMEAaMFyDAM
AwQAowXLAwQAowXOMAwDBACjBdMDBACjBdQDBACjBdoDBACjBd0DBACjBeADBACj
BeQDBACjBfEDBACjBfUDBACjBfoDBACjBf0wDQYJKoZIhvcNAQELBQADggEBAJgV
P4+jN5KxdrXAMoW5DFjio/eQcsbhhXyjOXCDsCuF7XNLyvlw0iXZE+KglqF0iMRy
r01TZfMhHTuXkNWrqIY8E1IRad+qThHEAA9IXL28xBkGxENijyfZRRu5MYXBGYUw
6WPr59OsKe22pPyzsbpuUcgP0RzTaKrikRBUXmTVNaeZ4SGzX9KwAPTQPCCOq5eh
7f5h9QV2RPl5If6ZIDDt6d0QqSx2oefohnI8t9Et6mFG/EWjdYomy4PNB1WvVNyn
N5kM/mjkPH6OSI17s92IgceZIp4z024lvWi7eEcOuCgxILA1Qm0PDjoxlRjPtJ22
C/MrbtE/ZIMerZVwRsM=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:55:39 2025 by rpki-client