Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cm0GYsIjERDtjrG9Nb0UPwoUXK0.roa
File: cm0GYsIjERDtjrG9Nb0UPwoUXK0.roa (raw, json)
Hash identifier: /phfF+nmMPubr+VtwRBc1+XIiAoYYO3dNX48kMSNK+M=
Subject key identifier: 72:6D:06:62:C2:23:11:10:ED:8E:B1:BD:35:BD:14:3F:0A:14:5C:AD
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194979D76D3FC9DD4D2764605535B392296
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cm0GYsIjERDtjrG9Nb0UPwoUXK0.roa
Signing time: Fri 24 Jan 2025 09:21:06 +0000
ROA not before: Fri 24 Jan 2025 09:21:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 163.5.17.0/24 maxlen: 24
163.5.25.0/24 maxlen: 24
163.5.35.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.44.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:97:9d:76:d3:fc:9d:d4:d2:76:46:05:53:5b:39:22:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 24 09:21:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=726d0662c2231110ed8eb1bd35bd143f0a145cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c6:1e:82:72:91:b4:f7:26:96:18:21:24:3e:
ad:40:50:79:95:3f:4e:b3:d8:71:e4:38:5e:9c:33:
7b:ad:75:fa:32:e1:c5:cd:fb:70:b6:3f:ba:72:04:
ed:c2:05:6b:52:40:b2:33:24:28:1e:9f:5d:ff:cb:
e1:df:44:fa:6f:bf:cd:d9:55:33:64:3f:3e:be:c3:
5e:dc:0d:91:1e:6d:2f:30:99:59:95:e0:56:49:ad:
54:6f:86:b6:74:a7:05:f2:87:c8:99:f6:28:e0:f2:
fc:39:bc:76:3d:9c:c6:f3:9f:c9:2a:c7:8d:df:6a:
1d:3a:ca:66:e7:c2:52:44:98:96:9f:c5:71:69:b4:
b5:7c:39:c1:82:df:2d:ab:f4:c1:98:6e:8d:7b:6f:
4a:e9:af:ca:34:99:ff:45:86:c3:81:a0:ee:e8:e4:
c6:57:46:86:aa:c2:89:30:0a:3b:ef:fb:99:0a:05:
36:e8:e7:28:f2:b3:6a:8d:c1:91:bb:27:3c:fa:80:
a1:1e:1b:a6:9f:f3:62:65:74:ff:c5:b2:36:95:19:
2d:88:44:40:73:c4:aa:54:eb:5d:bd:34:cd:37:e8:
9e:b3:b0:c4:89:41:1f:f3:b4:62:38:76:b3:56:ba:
ca:0f:3b:11:92:f9:0a:1d:0a:29:a1:42:1c:b1:ef:
c2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:6D:06:62:C2:23:11:10:ED:8E:B1:BD:35:BD:14:3F:0A:14:5C:AD
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/cm0GYsIjERDtjrG9Nb0UPwoUXK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.17.0/24
163.5.25.0/24
163.5.35.0/24
163.5.40.0/24
163.5.44.0/24
163.5.110.0/24
163.5.126.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
85:23:43:27:2a:81:26:8a:4d:f5:01:ba:72:a1:f0:41:a8:53:
b5:26:b0:2a:0f:9f:56:e2:05:50:7c:1f:ad:c5:95:c0:83:48:
c5:b9:bb:a4:2a:24:8e:5c:26:4f:3d:d3:f4:2c:ed:39:7d:fd:
e0:71:96:60:23:07:a0:40:f6:11:37:5d:3a:68:ca:25:02:71:
7c:e2:55:69:af:19:71:3f:fc:75:ad:a6:f2:05:19:23:0d:1f:
91:a2:77:6b:90:d0:fd:81:1b:c3:61:36:62:8c:d9:63:03:97:
0a:bf:f9:61:ac:30:26:f9:1a:79:84:cd:d2:2b:79:34:8e:4f:
67:d1:57:f7:6a:b5:03:0d:f2:b1:0b:29:93:10:63:c7:bc:52:
94:86:ee:34:45:d1:d9:d3:2e:84:9e:bd:13:cd:8e:f3:88:93:
4b:0c:23:eb:da:50:32:50:02:b1:1a:c2:78:d9:aa:a7:5e:1c:
be:e1:d1:e8:2c:c4:71:d1:34:04:50:97:dc:5a:4c:f1:1a:c7:
59:6d:5c:1c:26:1e:a1:3b:b1:43:be:31:93:fc:2d:9d:82:cb:
50:9b:c9:de:52:28:2d:7c:c7:87:2a:34:35:e7:4a:bf:8f:ae:
01:04:6c:d1:d1:1d:e6:95:f9:e4:eb:5e:2a:47:af:f8:d6:3d:
60:02:3d:af
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZSXnXbT/J3U0nZGBVNbOSKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTI0MDkyMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjZkMDY2MmMyMjMxMTEwZWQ4ZWIxYmQzNWJkMTQzZjBhMTQ1Y2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusYegnKRtPcmlhghJD6tQFB5lT9O
s9hx5DhenDN7rXX6MuHFzftwtj+6cgTtwgVrUkCyMyQoHp9d/8vh30T6b7/N2VUz
ZD8+vsNe3A2RHm0vMJlZleBWSa1Ub4a2dKcF8ofImfYo4PL8Obx2PZzG85/JKseN
32odOspm58JSRJiWn8VxabS1fDnBgt8tq/TBmG6Ne29K6a/KNJn/RYbDgaDu6OTG
V0aGqsKJMAo77/uZCgU26Oco8rNqjcGRuyc8+oChHhumn/NiZXT/xbI2lRktiERA
c8SqVOtdvTTNN+ies7DEiUEf87RiOHazVrrKDzsRkvkKHQopoUIcse/CpQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFHJtBmLCIxEQ7Y6xvTW9FD8KFFytMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvY20wR1lzSWpFUkR0anJHOU5iMFVQd29VWEswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowURAwQA
owUZAwQAowUjAwQAowUoAwQAowUsAwQAowVuAwQAowV+AwQAowX9MA0GCSqGSIb3
DQEBCwUAA4IBAQCFI0MnKoEmik31AbpyofBBqFO1JrAqD59W4gVQfB+txZXAg0jF
ubukKiSOXCZPPdP0LO05ff3gcZZgIwegQPYRN106aMolAnF84lVprxlxP/x1raby
BRkjDR+RondrkND9gRvDYTZijNljA5cKv/lhrDAm+Rp5hM3SK3k0jk9n0Vf3arUD
DfKxCymTEGPHvFKUhu40RdHZ0y6Enr0TzY7ziJNLDCPr2lAyUAKxGsJ42aqnXhy+
4dHoLMRx0TQEUJfcWkzxGsdZbVwcJh6hO7FDvjGT/C2dgstQm8neUigtfMeHKjQ1
50q/j64BBGzR0R3mlfnk614qR6/41j1gAj2v
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:33:53 2025 by rpki-client