Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ppnRDn5lP2Kyl81Fkl9LumwLzkw.roa
File: ppnRDn5lP2Kyl81Fkl9LumwLzkw.roa (raw, json)
Hash identifier: pv60eX5mfa7devkAHSdseydKlJ6wRueTLUVIKhw8OqQ=
Subject key identifier: A6:99:D1:0E:7E:65:3F:62:B2:97:CD:45:92:5F:4B:BA:6C:0B:CE:4C
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01947F6BEBE361A2C41DD529B37D50B1297C
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ppnRDn5lP2Kyl81Fkl9LumwLzkw.roa
Signing time: Sun 19 Jan 2025 16:36:06 +0000
ROA not before: Sun 19 Jan 2025 16:36:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47741
IP address blocks: 163.5.12.0/24 maxlen: 24
163.5.92.0/24 maxlen: 24
163.5.233.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:6b:eb:e3:61:a2:c4:1d:d5:29:b3:7d:50:b1:29:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 19 16:36:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a699d10e7e653f62b297cd45925f4bba6c0bce4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1e:56:f9:25:57:09:e7:3d:92:8e:16:59:ac:
1c:4a:8a:71:b5:12:37:86:b5:10:10:20:c3:db:26:
2c:3e:ef:df:b1:9f:54:87:f2:e1:ca:93:ed:32:ff:
51:a3:0b:d0:63:64:47:bf:dc:75:0f:d7:6f:e8:39:
77:fe:86:06:e4:d0:46:77:2e:3e:53:0d:c1:fb:2b:
22:00:d2:7b:0b:05:4d:a3:49:3c:57:d4:45:c7:af:
26:60:af:a1:69:43:bc:a5:61:d5:7c:50:fc:e7:a5:
00:5e:55:f9:f0:c0:7e:88:6a:05:36:43:2b:f0:f0:
69:34:4c:b8:35:9f:c9:e1:ae:12:88:53:86:aa:b1:
c7:1c:37:f6:e0:ec:b5:0a:19:1b:8f:1a:96:07:9f:
b7:d6:f0:b8:6f:dd:44:d3:d3:0a:62:ab:d6:0e:36:
58:de:56:a9:07:03:5a:ce:eb:bd:f5:eb:f2:6e:1c:
66:cd:42:f1:c9:0a:ee:cc:46:70:71:ca:bf:f9:cb:
76:99:f8:4a:9a:a2:bf:08:fa:6d:94:b2:d4:52:e8:
46:14:ac:5b:e6:28:05:c6:9f:05:05:29:36:e9:ab:
4c:5b:f7:3a:f3:d3:6f:7d:24:34:46:50:74:13:e9:
43:a1:83:60:7a:79:a1:98:59:81:1d:cf:44:4b:76:
ea:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:99:D1:0E:7E:65:3F:62:B2:97:CD:45:92:5F:4B:BA:6C:0B:CE:4C
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ppnRDn5lP2Kyl81Fkl9LumwLzkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.12.0/24
163.5.92.0/24
163.5.233.0/24
163.5.248.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:a5:c0:76:e7:c0:e8:52:78:9d:cb:7b:18:6b:26:99:44:66:
4e:eb:4b:2f:eb:76:9b:9f:63:df:6d:86:21:5f:ed:30:de:9d:
ef:d2:1b:d6:d1:79:ac:c1:25:d0:db:c2:42:61:f3:ed:fc:fb:
14:84:57:42:26:fb:0e:2c:9c:90:4a:4f:2c:c6:54:e3:4a:8b:
bf:2b:56:3a:64:3f:18:5f:87:ed:1a:77:28:f6:c8:07:68:83:
18:6b:8b:c4:8a:97:41:09:9d:40:35:94:88:c7:25:4f:a8:94:
a0:9a:82:9d:70:5a:28:0b:29:b7:75:f6:ca:c5:17:03:ef:80:
6d:62:e9:55:7a:82:a7:32:c7:ca:a8:c6:b0:d0:81:d3:78:a1:
40:a9:f5:fa:53:fc:80:b0:bf:5e:c6:29:b4:16:6f:55:6c:c9:
08:3a:b1:3f:1f:af:09:54:47:20:51:d9:37:fd:ed:2e:80:e2:
bc:52:df:73:f8:83:31:8d:98:b4:81:39:98:f9:99:73:79:ca:
61:ac:a4:b6:34:b8:fb:cc:48:2e:8a:32:10:18:66:96:9b:de:
95:18:3f:02:70:06:02:8f:6f:5f:61:6e:54:b1:2e:8d:b1:da:
a9:12:c8:e4:0c:10:50:64:8a:52:6d:e9:aa:d3:92:7a:00:d5:
a5:a9:ad:8e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZR/a+vjYaLEHdUps31QsSl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE5MTYzNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjk5ZDEwZTdlNjUzZjYyYjI5N2NkNDU5MjVmNGJiYTZjMGJjZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyh5W+SVXCec9ko4WWawcSopxtRI3
hrUQECDD2yYsPu/fsZ9Uh/LhypPtMv9RowvQY2RHv9x1D9dv6Dl3/oYG5NBGdy4+
Uw3B+ysiANJ7CwVNo0k8V9RFx68mYK+haUO8pWHVfFD856UAXlX58MB+iGoFNkMr
8PBpNEy4NZ/J4a4SiFOGqrHHHDf24Oy1ChkbjxqWB5+31vC4b91E09MKYqvWDjZY
3lapBwNazuu99evybhxmzULxyQruzEZwccq/+ct2mfhKmqK/CPptlLLUUuhGFKxb
5igFxp8FBSk26atMW/c689NvfSQ0RlB0E+lDoYNgenmhmFmBHc9ES3bqhwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKaZ0Q5+ZT9ispfNRZJfS7psC85MMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvcHBuUkRuNWxQMkt5bDgxRmtsOUx1bXdMemt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUMAwQA
owVcAwQAowXpAwQAowX4MA0GCSqGSIb3DQEBCwUAA4IBAQAMpcB258DoUnidy3sY
ayaZRGZO60sv63abn2PfbYYhX+0w3p3v0hvW0XmswSXQ28JCYfPt/PsUhFdCJvsO
LJyQSk8sxlTjSou/K1Y6ZD8YX4ftGnco9sgHaIMYa4vEipdBCZ1ANZSIxyVPqJSg
moKdcFooCym3dfbKxRcD74BtYulVeoKnMsfKqMaw0IHTeKFAqfX6U/yAsL9exim0
Fm9VbMkIOrE/H68JVEcgUdk3/e0ugOK8Ut9z+IMxjZi0gTmY+ZlzecphrKS2NLj7
zEguijIQGGaWm96VGD8CcAYCj29fYW5UsS6NsdqpEsjkDBBQZIpSbemq05J6ANWl
qa2O
-----END CERTIFICATE-----
Generated at Sun Apr 6 13:59:33 2025 by rpki-client