Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w-8_cb8d-sG2GarfN6-xfG15faQ.roa
File: w-8_cb8d-sG2GarfN6-xfG15faQ.roa (raw, json)
Hash identifier: v01bdUWavikk4Krnpig9CYHeRtBz38R2xz0kOMeRAV8=
Subject key identifier: C3:EF:3F:71:BF:1D:FA:C1:B6:19:AA:DF:37:AF:B1:7C:6D:79:7D:A4
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 01945A135AB891FDBA34D554BFDB208C06BF
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w-8_cb8d-sG2GarfN6-xfG15faQ.roa
Signing time: Sun 12 Jan 2025 10:33:25 +0000
ROA not before: Sun 12 Jan 2025 10:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 163.5.30.0/24 maxlen: 24
163.5.59.0/24 maxlen: 24
163.5.73.0/24 maxlen: 24
163.5.110.0/24 maxlen: 24
163.5.111.0/24 maxlen: 24
163.5.112.0/24 maxlen: 24
163.5.113.0/24 maxlen: 24
163.5.118.0/24 maxlen: 24
163.5.119.0/24 maxlen: 24
163.5.121.0/24 maxlen: 24
163.5.126.0/24 maxlen: 24
163.5.128.0/24 maxlen: 24
163.5.129.0/24 maxlen: 24
163.5.138.0/24 maxlen: 24
163.5.139.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.146.0/24 maxlen: 24
163.5.151.0/24 maxlen: 24
163.5.158.0/24 maxlen: 24
163.5.160.0/24 maxlen: 24
163.5.167.0/24 maxlen: 24
163.5.175.0/24 maxlen: 24
163.5.178.0/24 maxlen: 24
163.5.182.0/24 maxlen: 24
163.5.185.0/24 maxlen: 24
163.5.189.0/24 maxlen: 24
163.5.191.0/24 maxlen: 24
163.5.200.0/24 maxlen: 24
163.5.201.0/24 maxlen: 24
163.5.203.0/24 maxlen: 24
163.5.204.0/24 maxlen: 24
163.5.205.0/24 maxlen: 24
163.5.206.0/24 maxlen: 24
163.5.212.0/24 maxlen: 24
163.5.218.0/24 maxlen: 24
163.5.219.0/24 maxlen: 24
163.5.224.0/24 maxlen: 24
163.5.228.0/24 maxlen: 24
163.5.231.0/24 maxlen: 24
163.5.241.0/24 maxlen: 24
163.5.250.0/24 maxlen: 24
163.5.253.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:5a:13:5a:b8:91:fd:ba:34:d5:54:bf:db:20:8c:06:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 12 10:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3ef3f71bf1dfac1b619aadf37afb17c6d797da4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:00:8e:9d:36:e1:bb:b3:07:8e:c9:2e:17:8d:
90:d3:8b:d7:47:5f:c2:f7:e7:12:db:56:16:7f:88:
80:cd:3e:ac:40:a8:6f:46:45:2c:a3:3b:17:8d:4c:
0c:90:ee:8d:54:3a:c5:21:1f:b3:48:9b:94:65:56:
4c:1e:a8:b1:84:da:2a:bb:08:55:51:17:40:0a:76:
50:f4:3e:eb:f5:70:f2:de:a0:27:6a:ec:6e:a9:62:
19:b0:3c:b0:a5:08:04:f3:b1:3e:e7:dc:4d:19:32:
00:cc:ad:01:98:6b:fe:c0:97:fb:88:94:1e:76:cf:
90:9c:e5:86:61:fd:74:57:0c:1d:b3:91:15:b9:a5:
86:9a:83:2c:88:ca:b9:ec:c1:ab:9f:fd:a6:3d:d0:
ac:d5:c9:91:aa:17:33:ac:9c:03:30:fe:2f:28:8d:
ad:9d:83:ab:14:cb:d4:7f:90:ef:93:80:4e:e4:dd:
17:00:4f:a1:ba:f6:7d:a2:02:bd:b1:7c:88:6e:72:
6a:b5:dd:52:3c:68:05:96:ae:a3:ce:36:b1:98:c7:
f8:f7:35:d2:82:23:7d:e9:2b:13:b9:15:22:2a:98:
5b:37:8c:86:ea:1b:2e:a1:8e:9c:f7:b4:34:3f:1f:
ed:d5:30:42:81:75:41:da:56:07:3d:c5:98:4c:31:
a4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:EF:3F:71:BF:1D:FA:C1:B6:19:AA:DF:37:AF:B1:7C:6D:79:7D:A4
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/w-8_cb8d-sG2GarfN6-xfG15faQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.30.0/24
163.5.59.0/24
163.5.73.0/24
163.5.110.0-163.5.113.255
163.5.118.0/23
163.5.121.0/24
163.5.126.0/24
163.5.128.0/23
163.5.138.0/23
163.5.143.0/24
163.5.146.0/24
163.5.151.0/24
163.5.158.0/24
163.5.160.0/24
163.5.167.0/24
163.5.175.0/24
163.5.178.0/24
163.5.182.0/24
163.5.185.0/24
163.5.189.0/24
163.5.191.0/24
163.5.200.0/23
163.5.203.0-163.5.206.255
163.5.212.0/24
163.5.218.0/23
163.5.224.0/24
163.5.228.0/24
163.5.231.0/24
163.5.241.0/24
163.5.250.0/24
163.5.253.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:0f:09:41:2c:6f:8f:70:5e:46:2f:dd:72:78:63:4b:1f:3f:
11:70:74:69:c7:7f:a5:9f:49:fa:f8:96:6f:bb:03:ec:77:ff:
23:1b:5d:05:87:4d:f8:17:9b:1d:31:db:cd:98:e4:21:32:53:
a3:7d:64:d2:4a:ed:c3:cf:7d:f2:65:ad:94:7e:92:e8:35:65:
29:7c:a5:74:5a:87:f7:32:26:36:7f:57:b0:4b:37:ab:72:2a:
5d:8f:65:b8:de:27:50:af:84:8d:fd:20:d2:3b:9f:e9:5f:2d:
d8:8a:25:c0:1a:21:54:63:54:72:e1:a6:30:89:aa:a5:0a:4d:
31:21:7a:f0:8b:7c:84:72:ec:64:0f:3e:f0:1e:cf:df:36:b3:
53:68:72:f8:e6:cc:65:7a:e4:81:96:94:8f:d0:e2:3e:c7:29:
58:8d:91:05:b9:09:07:5d:1c:75:ff:cf:47:44:48:d1:9d:ef:
3b:cf:bf:8b:11:b0:5a:66:86:3f:6f:d2:4f:86:74:17:ff:57:
d9:c0:87:3d:99:96:e8:56:d2:91:9a:d5:eb:96:68:7e:07:c3:
f7:53:d8:dd:71:ac:12:70:22:bb:79:8c:8d:5b:d4:ef:1e:c5:
38:e0:93:4d:39:0e:1e:2e:36:d3:13:0a:cf:b9:63:d3:18:e8:
b8:5f:5e:75
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZRaE1q4kf26NNVUv9sgjAa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTEyMTAzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2VmM2Y3MWJmMWRmYWMxYjYxOWFhZGYzN2FmYjE3YzZkNzk3ZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ACOnTbhu7MHjskuF42Q04vXR1/C
9+cS21YWf4iAzT6sQKhvRkUsozsXjUwMkO6NVDrFIR+zSJuUZVZMHqixhNoquwhV
URdACnZQ9D7r9XDy3qAnauxuqWIZsDywpQgE87E+59xNGTIAzK0BmGv+wJf7iJQe
ds+QnOWGYf10Vwwds5EVuaWGmoMsiMq57MGrn/2mPdCs1cmRqhczrJwDMP4vKI2t
nYOrFMvUf5Dvk4BO5N0XAE+huvZ9ogK9sXyIbnJqtd1SPGgFlq6jzjaxmMf49zXS
giN96SsTuRUiKphbN4yG6hsuoY6c97Q0Px/t1TBCgXVB2lYHPcWYTDGkYQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFMPvP3G/HfrBthmq3zevsXxteX2kMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvdy04X2NiOGQtc0cyR2FyZk42LXhmRzE1ZmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBACj
BR4DBACjBTsDBACjBUkwDAMEAaMFbgMEAaMFcAMEAaMFdgMEAKMFeQMEAKMFfgME
AaMFgAMEAaMFigMEAKMFjwMEAKMFkgMEAKMFlwMEAKMFngMEAKMFoAMEAKMFpwME
AKMFrwMEAKMFsgMEAKMFtgMEAKMFuQMEAKMFvQMEAKMFvwMEAaMFyDAMAwQAowXL
AwQAowXOAwQAowXUAwQBowXaAwQAowXgAwQAowXkAwQAowXnAwQAowXxAwQAowX6
AwQAowX9MA0GCSqGSIb3DQEBCwUAA4IBAQCcDwlBLG+PcF5GL91yeGNLHz8RcHRp
x3+ln0n6+JZvuwPsd/8jG10Fh034F5sdMdvNmOQhMlOjfWTSSu3Dz33yZa2UfpLo
NWUpfKV0Wof3MiY2f1ewSzercipdj2W43idQr4SN/SDSO5/pXy3YiiXAGiFUY1Ry
4aYwiaqlCk0xIXrwi3yEcuxkDz7wHs/fNrNTaHL45sxleuSBlpSP0OI+xylYjZEF
uQkHXRx1/89HREjRne87z7+LEbBaZoY/b9JPhnQX/1fZwIc9mZboVtKRmtXrlmh+
B8P3U9jdcawScCK7eYyNW9TvHsU44JNNOQ4eLjbTEwrPuWPTGOi4X151
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:53:14 2025 by rpki-client