Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gD73q5Yb5ASUXTFNFWZ0VP-jh1M.roa
File: gD73q5Yb5ASUXTFNFWZ0VP-jh1M.roa (raw, json)
Hash identifier: nB8z+HYbBnqJneCAIa82X5KeWrcxLeQxLToHipfbr88=
Subject key identifier: 80:3E:F7:AB:96:1B:E4:04:94:5D:31:4D:15:66:74:54:FF:A3:87:53
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194DB0E7B602C0A888A138026059DAA4811
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gD73q5Yb5ASUXTFNFWZ0VP-jh1M.roa
Signing time: Thu 06 Feb 2025 11:39:06 +0000
ROA not before: Thu 06 Feb 2025 11:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.62.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:db:0e:7b:60:2c:0a:88:8a:13:80:26:05:9d:aa:48:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 6 11:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=803ef7ab961be404945d314d15667454ffa38753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1b:04:43:69:3b:15:08:26:6a:39:5f:a3:00:
94:47:50:3e:e5:85:6e:91:6c:ca:0d:6d:5d:f5:10:
6e:c8:59:9f:af:36:81:1e:c9:e0:85:6d:14:03:8e:
0d:90:68:ea:96:9f:2d:2c:4f:ff:06:6b:25:ed:71:
37:0f:ad:c1:2f:a9:7b:50:14:e8:df:16:3b:bb:72:
b0:3d:0f:da:09:9b:d7:1a:b3:83:77:b3:86:8b:33:
85:78:06:32:9c:9d:4e:d7:95:87:32:99:34:4d:ff:
86:ee:b0:f6:74:bf:cc:f2:f0:b8:de:6f:fe:a2:e9:
14:d1:df:6a:91:1d:2d:18:79:8b:3f:de:80:ec:6b:
42:a0:64:37:90:bb:93:27:ca:ee:62:1b:91:42:8e:
b1:d1:ce:bd:60:f7:96:b9:df:0c:07:8a:2d:63:79:
43:76:01:27:ba:ed:24:69:b0:5d:cd:bc:7f:2c:b0:
57:1f:c6:89:02:ce:b4:47:a2:c5:23:98:f6:5a:cd:
a1:df:e2:bc:9d:a4:5c:40:ca:98:5c:c7:f4:a1:51:
d0:7d:32:32:b2:40:df:64:b3:8a:fd:52:d0:fe:fb:
0f:4f:35:5a:d7:33:48:e7:4a:94:21:44:e4:e1:ff:
6f:79:06:09:42:df:08:1e:3e:55:9d:cb:6f:0e:c7:
d7:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:3E:F7:AB:96:1B:E4:04:94:5D:31:4D:15:66:74:54:FF:A3:87:53
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/gD73q5Yb5ASUXTFNFWZ0VP-jh1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.62.0/24
163.5.149.0/24
163.5.187.0/24
Signature Algorithm: sha256WithRSAEncryption
24:1c:34:07:39:ba:69:ae:00:5f:ff:e0:45:e6:6f:df:c4:84:
5a:53:aa:12:da:a1:d0:7b:7f:c2:14:26:e1:7d:6c:81:40:29:
d9:c1:71:0a:36:e1:fb:44:73:2e:2f:b2:e0:5b:8b:5a:c1:50:
7f:b9:eb:f7:71:2b:8b:5b:ef:82:bc:8f:3b:3a:f5:67:74:ee:
90:d2:39:cd:12:7c:3d:0d:5c:9d:92:a7:07:79:68:a8:ab:bd:
58:dd:87:12:21:0f:6b:8a:89:77:04:e0:4d:dd:29:53:b4:ac:
76:27:b7:a1:02:59:37:23:10:6f:17:d2:8a:f3:bf:bc:b7:40:
f9:bf:30:af:0e:0f:e2:d8:a8:34:2f:91:65:1f:9d:cd:1a:ba:
e0:7a:69:19:a1:7b:de:e7:24:08:84:a8:70:3f:9f:ca:83:9e:
3a:1b:24:e8:86:d9:c4:b3:e5:ba:78:19:a9:f7:94:0c:db:51:
da:b8:ff:65:8f:a7:99:2f:60:d5:07:4d:67:a3:7d:32:89:83:
f3:14:80:f8:02:5f:23:ba:f2:fe:77:a5:cb:c0:1f:55:02:0e:
37:a7:1d:2d:a9:3c:04:05:92:0e:3c:76:c1:23:ba:f4:dc:96:
3c:4a:10:1f:8d:da:c1:45:5f:35:5c:e6:2c:ef:39:f8:51:22:
ab:68:35:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTbDntgLAqIihOAJgWdqkgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjA2MTEzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDNlZjdhYjk2MWJlNDA0OTQ1ZDMxNGQxNTY2NzQ1NGZmYTM4NzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRsEQ2k7FQgmajlfowCUR1A+5YVu
kWzKDW1d9RBuyFmfrzaBHsnghW0UA44NkGjqlp8tLE//Bmsl7XE3D63BL6l7UBTo
3xY7u3KwPQ/aCZvXGrODd7OGizOFeAYynJ1O15WHMpk0Tf+G7rD2dL/M8vC43m/+
oukU0d9qkR0tGHmLP96A7GtCoGQ3kLuTJ8ruYhuRQo6x0c69YPeWud8MB4otY3lD
dgEnuu0kabBdzbx/LLBXH8aJAs60R6LFI5j2Ws2h3+K8naRcQMqYXMf0oVHQfTIy
skDfZLOK/VLQ/vsPTzVa1zNI50qUIUTk4f9veQYJQt8IHj5VnctvDsfXTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIA+96uWG+QElF0xTRVmdFT/o4dTMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvZ0Q3M3E1WWI1QVNVWFRGTkZXWjBWUC1qaDFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowU+AwQA
owWVAwQAowW7MA0GCSqGSIb3DQEBCwUAA4IBAQAkHDQHObpprgBf/+BF5m/fxIRa
U6oS2qHQe3/CFCbhfWyBQCnZwXEKNuH7RHMuL7LgW4tawVB/uev3cSuLW++CvI87
OvVndO6Q0jnNEnw9DVydkqcHeWioq71Y3YcSIQ9riol3BOBN3SlTtKx2J7ehAlk3
IxBvF9KK87+8t0D5vzCvDg/i2Kg0L5FlH53NGrrgemkZoXve5yQIhKhwP5/Kg546
GyTohtnEs+W6eBmp95QM21HauP9lj6eZL2DVB01no30yiYPzFID4Al8juvL+d6XL
wB9VAg43px0tqTwEBZIOPHbBI7r03JY8ShAfjdrBRV81XOYs7zn4USKraDUH
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:30:05 2025 by rpki-client