Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/s9NCIPSxOLbD80a8ZBU7u-5g5-k.roa
File: s9NCIPSxOLbD80a8ZBU7u-5g5-k.roa (raw, json)
Hash identifier: bW/Kk/u3Q9b1iX6bZsQpJquZWMCNeUN6twjevFD/CdI=
Subject key identifier: B3:D3:42:20:F4:B1:38:B6:C3:F3:46:BC:64:15:3B:BB:EE:60:E7:E9
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019523059438122799CB5052FE09C0D58868
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/s9NCIPSxOLbD80a8ZBU7u-5g5-k.roa
Signing time: Thu 20 Feb 2025 11:02:02 +0000
ROA not before: Thu 20 Feb 2025 11:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 163.5.47.0/24 maxlen: 24
163.5.156.0/24 maxlen: 24
163.5.186.0/24 maxlen: 24
163.5.220.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:23:05:94:38:12:27:99:cb:50:52:fe:09:c0:d5:88:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Feb 20 11:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3d34220f4b138b6c3f346bc64153bbbee60e7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b2:39:e9:c5:62:7c:1a:bc:7b:61:2c:b0:69:
82:75:aa:e5:20:25:10:d9:f9:0c:ac:c8:03:00:21:
09:2e:09:91:78:41:32:8d:ea:d8:b1:25:5d:d9:6e:
5d:12:bb:8b:04:9d:b1:1e:95:91:ef:91:fd:70:8b:
1b:58:aa:6c:c0:f1:20:d2:a9:88:9d:2a:59:d9:0c:
2b:37:66:8c:ce:b9:b9:7f:e6:81:23:d8:a7:ea:4f:
c5:bc:16:fc:92:7a:7e:34:42:35:49:26:8a:9e:d7:
5e:ac:1d:25:ef:2d:e8:9a:2b:f3:8f:ce:b2:9d:34:
2d:3e:81:f4:86:58:fd:a2:7a:9d:cd:bc:46:1b:30:
3d:7a:36:38:40:89:19:0e:29:59:3d:f4:8f:b0:6f:
f2:55:58:9d:70:88:2a:31:f5:17:a0:eb:95:c4:85:
30:1f:83:f1:1e:c5:bf:24:e1:01:e3:65:c2:46:09:
42:88:00:c7:d5:e1:89:7a:d6:4e:6e:88:1c:78:7b:
50:06:e9:9b:53:cf:c7:e0:38:26:d3:d5:07:0e:f6:
08:a0:01:63:64:bd:51:b8:54:50:7c:1e:3c:81:b0:
d1:89:6d:77:d4:a8:f5:60:db:af:1e:9f:36:95:76:
28:38:cc:c8:ee:b5:be:4b:55:d5:e0:23:ba:11:94:
aa:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:D3:42:20:F4:B1:38:B6:C3:F3:46:BC:64:15:3B:BB:EE:60:E7:E9
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/s9NCIPSxOLbD80a8ZBU7u-5g5-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.47.0/24
163.5.156.0/24
163.5.186.0/24
163.5.220.0/24
Signature Algorithm: sha256WithRSAEncryption
16:c4:7c:c0:3d:1b:1d:ed:d7:4d:3c:18:27:db:61:c6:95:5f:
86:01:e9:ce:b9:71:eb:cc:48:54:cf:eb:ca:a5:e3:9a:20:20:
b1:2f:4d:70:d7:da:71:cf:71:4e:8e:01:d6:c3:dd:eb:0a:ba:
9f:e7:3d:4b:38:e1:7e:55:35:d5:83:81:89:40:a9:d4:29:44:
62:fa:e1:7f:6b:cf:51:b4:cf:6e:1a:33:e2:6f:34:c1:20:c6:
67:6b:96:85:b8:6b:66:e4:12:36:53:d9:ef:a5:13:ce:73:6c:
a7:21:e4:d5:0b:f7:54:ef:7b:6d:bf:05:71:13:ce:b9:43:95:
e1:01:4d:a4:dd:8c:d0:3e:17:33:28:90:1d:3c:1a:c4:ba:9c:
68:6d:c8:08:bc:03:2e:82:d4:14:6b:ed:a5:48:a6:36:df:19:
98:c0:0f:84:d1:2a:7a:27:3e:e2:75:44:c4:10:97:9c:3d:eb:
ce:a2:23:35:2d:d2:39:f6:0d:db:9a:88:9d:0c:b1:84:10:c4:
4c:67:46:ae:e0:e8:8e:75:45:2b:42:f0:f6:c5:b4:71:b3:6f:
62:49:60:9c:fe:1f:a7:3f:2d:4b:92:73:99:df:84:0c:6e:13:
8b:98:7d:ff:13:e3:60:52:83:0b:46:8b:22:bf:f5:1a:3d:99:
e7:0b:4f:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZUjBZQ4EieZy1BS/gnA1YhoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMjIwMTEwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2QzNDIyMGY0YjEzOGI2YzNmMzQ2YmM2NDE1M2JiYmVlNjBlN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrI56cVifBq8e2EssGmCdarlICUQ
2fkMrMgDACEJLgmReEEyjerYsSVd2W5dEruLBJ2xHpWR75H9cIsbWKpswPEg0qmI
nSpZ2QwrN2aMzrm5f+aBI9in6k/FvBb8knp+NEI1SSaKntderB0l7y3omivzj86y
nTQtPoH0hlj9onqdzbxGGzA9ejY4QIkZDilZPfSPsG/yVVidcIgqMfUXoOuVxIUw
H4PxHsW/JOEB42XCRglCiADH1eGJetZObogceHtQBumbU8/H4Dgm09UHDvYIoAFj
ZL1RuFRQfB48gbDRiW131Kj1YNuvHp82lXYoOMzI7rW+S1XV4CO6EZSqAwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLPTQiD0sTi2w/NGvGQVO7vuYOfpMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvczlOQ0lQU3hPTGJEODBhOFpCVTd1LTVnNS1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAowUvAwQA
owWcAwQAowW6AwQAowXcMA0GCSqGSIb3DQEBCwUAA4IBAQAWxHzAPRsd7ddNPBgn
22HGlV+GAenOuXHrzEhUz+vKpeOaICCxL01w19pxz3FOjgHWw93rCrqf5z1LOOF+
VTXVg4GJQKnUKURi+uF/a89RtM9uGjPibzTBIMZna5aFuGtm5BI2U9nvpRPOc2yn
IeTVC/dU73ttvwVxE865Q5XhAU2k3YzQPhczKJAdPBrEupxobcgIvAMugtQUa+2l
SKY23xmYwA+E0Sp6Jz7idUTEEJecPevOoiM1LdI59g3bmoidDLGEEMRMZ0au4OiO
dUUrQvD2xbRxs29iSWCc/h+nPy1LknOZ34QMbhOLmH3/E+NgUoMLRosiv/UaPZnn
C08E
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:48:29 2025 by rpki-client