Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rW3PJCnT_OETW5P67g75vPzcGzU.roa
File: rW3PJCnT_OETW5P67g75vPzcGzU.roa (raw, json)
Hash identifier: A9SyM9pKqer2VshcTB6I9fzq0z2wn3tavMHZ4uOv+oo=
Subject key identifier: AD:6D:CF:24:29:D3:FC:E1:13:5B:93:FA:EE:0E:F9:BC:FC:DC:1B:35
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01947F6DC2B86C761632A24D0B820775E03E
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rW3PJCnT_OETW5P67g75vPzcGzU.roa
Signing time: Sun 19 Jan 2025 16:38:07 +0000
ROA not before: Sun 19 Jan 2025 16:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 163.5.25.0/24 maxlen: 24
163.5.33.0/24 maxlen: 24
163.5.40.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.145.0/24 maxlen: 24
163.5.165.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:6d:c2:b8:6c:76:16:32:a2:4d:0b:82:07:75:e0:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 19 16:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad6dcf2429d3fce1135b93faee0ef9bcfcdc1b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:47:41:37:7e:a4:9b:40:64:9b:a3:9d:70:
8e:09:43:ee:06:68:cd:16:41:5f:21:df:51:cd:40:
c3:17:af:73:3d:95:0d:f5:31:2c:0a:3e:ac:05:76:
af:65:01:37:04:f6:78:95:24:26:64:6f:7d:46:29:
78:fd:64:3c:23:76:4b:bb:70:c3:1b:9c:45:4d:b5:
68:3c:d8:12:0e:f9:a7:98:49:73:d6:1d:72:18:2d:
49:5c:44:27:be:fb:b5:32:b3:02:63:1d:4d:40:47:
58:df:fb:95:d4:5b:d7:1c:e7:24:b5:b7:2d:da:32:
87:46:e7:c4:c6:f5:41:a3:b9:c3:a8:96:f5:ba:b1:
11:7d:e8:05:93:69:0e:d1:40:02:e8:31:92:83:bc:
ad:49:65:0c:7d:b0:4c:6b:d1:49:1d:5d:24:cc:e1:
f2:24:71:b2:93:3d:11:96:1c:f9:69:c3:8c:22:b1:
d8:72:37:11:08:97:45:d1:d4:f5:c9:ca:35:8d:8d:
1e:40:1c:e0:6d:bc:98:f2:fd:aa:fb:f8:8c:7e:79:
da:0c:28:6c:ff:97:ae:15:dc:34:7a:71:fb:e4:62:
a4:ad:a9:5b:c8:c7:c7:a7:b9:c7:8c:a5:7e:b8:99:
d2:e6:3e:0b:1c:2e:39:ef:a3:16:17:53:d8:50:b1:
e7:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:6D:CF:24:29:D3:FC:E1:13:5B:93:FA:EE:0E:F9:BC:FC:DC:1B:35
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/rW3PJCnT_OETW5P67g75vPzcGzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.25.0/24
163.5.33.0/24
163.5.40.0/24
163.5.111.0/24
163.5.128.0/24
163.5.145.0/24
163.5.165.0/24
163.5.250.0/24
Signature Algorithm: sha256WithRSAEncryption
29:33:01:45:b3:d1:5e:d9:f1:5e:48:41:dd:00:bb:2f:d3:83:
c0:e5:1e:a9:e2:f6:59:0a:c9:2a:ec:f7:a0:3b:a8:0a:09:33:
6a:2b:33:24:5d:09:f4:08:cc:b5:8e:55:a6:b6:29:be:ae:ed:
e0:55:ca:12:c6:f2:e7:70:c7:7e:5a:f9:46:63:2e:47:98:d0:
1b:85:f5:d3:ec:4f:d2:7f:6b:72:25:aa:68:41:b4:88:aa:96:
b8:f5:cb:9c:e4:bd:c0:fa:db:a4:a0:6c:1f:dc:8b:ef:f1:26:
3c:5c:dc:bc:38:79:34:e8:dc:6e:9f:f2:99:41:48:d3:66:08:
68:10:dd:f1:2b:a5:fe:36:c6:42:cb:a8:04:fb:79:b0:00:55:
1a:d3:07:74:47:92:10:11:1e:fc:aa:5d:9a:fb:71:7a:b7:99:
ef:4c:56:b4:8a:68:c8:ff:89:35:2b:02:94:02:4e:4e:74:51:
ab:1e:44:b9:93:0b:3a:29:de:58:9b:f3:38:1a:70:53:d2:31:
8b:b0:f3:f4:ff:39:f3:04:2a:58:be:6f:7a:3d:e9:60:d8:17:
ea:01:0a:0a:e8:9c:b5:bc:5f:12:e9:b1:5f:39:a1:71:fb:81:
1e:40:07:97:77:56:3e:60:66:0a:73:1f:1a:2d:12:a2:37:55:
aa:99:49:3a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZR/bcK4bHYWMqJNC4IHdeA+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTE5MTYzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDZkY2YyNDI5ZDNmY2UxMTM1YjkzZmFlZTBlZjliY2ZjZGMxYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/ZHQTd+pJtAZJujnXCOCUPuBmjN
FkFfId9RzUDDF69zPZUN9TEsCj6sBXavZQE3BPZ4lSQmZG99Ril4/WQ8I3ZLu3DD
G5xFTbVoPNgSDvmnmElz1h1yGC1JXEQnvvu1MrMCYx1NQEdY3/uV1FvXHOcktbct
2jKHRufExvVBo7nDqJb1urERfegFk2kO0UAC6DGSg7ytSWUMfbBMa9FJHV0kzOHy
JHGykz0Rlhz5acOMIrHYcjcRCJdF0dT1yco1jY0eQBzgbbyY8v2q+/iMfnnaDChs
/5euFdw0enH75GKkralbyMfHp7nHjKV+uJnS5j4LHC4576MWF1PYULHnJwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFK1tzyQp0/zhE1uT+u4O+bz83Bs1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvclczUEpDblRfT0VUVzVQNjdnNzV2UHpjR3pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAowUZAwQA
owUhAwQAowUoAwQAowVvAwQAowWAAwQAowWRAwQAowWlAwQAowX6MA0GCSqGSIb3
DQEBCwUAA4IBAQApMwFFs9Fe2fFeSEHdALsv04PA5R6p4vZZCskq7PegO6gKCTNq
KzMkXQn0CMy1jlWmtim+ru3gVcoSxvLncMd+WvlGYy5HmNAbhfXT7E/Sf2tyJapo
QbSIqpa49cuc5L3A+tukoGwf3Ivv8SY8XNy8OHk06Nxun/KZQUjTZghoEN3xK6X+
NsZCy6gE+3mwAFUa0wd0R5IQER78ql2a+3F6t5nvTFa0imjI/4k1KwKUAk5OdFGr
HkS5kws6Kd5Ym/M4GnBT0jGLsPP0/znzBCpYvm96Pelg2BfqAQoK6Jy1vF8S6bFf
OaFx+4EeQAeXd1Y+YGYKcx8aLRKiN1WqmUk6
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:52:45 2025 by rpki-client