Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xOChftt5DMKKVxULAa6SslCE51Y.roa
File: xOChftt5DMKKVxULAa6SslCE51Y.roa (raw, json)
Hash identifier: irJ/qhQx8UYE/EAiY7HwNQWUo0oPQd2u1Q1WbdSQP4A=
Subject key identifier: C4:E0:A1:7E:DB:79:0C:C2:8A:57:15:0B:01:AE:92:B2:50:84:E7:56
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194B3BA6CA69CD39E0ECBDB32FA930103B7
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xOChftt5DMKKVxULAa6SslCE51Y.roa
Signing time: Wed 29 Jan 2025 20:22:06 +0000
ROA not before: Wed 29 Jan 2025 20:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212815
IP address blocks: 163.5.99.0/24 maxlen: 24
163.5.143.0/24 maxlen: 24
163.5.192.0/24 maxlen: 24
163.5.193.0/24 maxlen: 24
163.5.213.0/24 maxlen: 24
163.5.214.0/24 maxlen: 24
185.253.54.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b3:ba:6c:a6:9c:d3:9e:0e:cb:db:32:fa:93:01:03:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 29 20:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4e0a17edb790cc28a57150b01ae92b25084e756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6f:40:ef:55:d2:48:59:55:41:e0:a0:c4:2b:
74:fa:64:41:40:81:c2:8e:e9:c7:52:df:35:85:44:
0c:80:1a:17:49:77:b0:8a:0a:58:a8:f6:63:97:65:
ec:a0:71:3c:07:e4:f6:8e:2c:16:3e:d4:e8:a4:16:
f0:6a:35:af:f0:b0:a4:ec:34:95:bf:93:7f:29:f9:
d5:3c:65:a4:f9:9d:9b:f8:6b:95:7f:61:dc:d8:a8:
ab:2a:e3:f5:54:bf:c2:be:83:43:a7:a2:e9:f3:fe:
3d:07:6c:38:db:cb:62:cc:24:ab:82:ec:03:b0:9c:
3c:47:c8:49:78:01:81:b4:47:28:0c:63:2b:40:f3:
f2:0f:94:df:d7:6a:3a:f4:f5:27:f2:bb:e6:f7:a2:
04:ca:ac:d4:bc:d2:9c:50:be:03:3d:89:5a:0c:97:
55:ff:5f:97:2c:6d:e5:00:5f:9c:ec:5a:4a:9a:5c:
ec:5a:c9:b6:aa:0c:40:7b:0c:e5:27:a2:a2:28:57:
7d:fd:49:17:6b:22:38:87:54:bb:af:bf:1d:f5:48:
f2:e3:54:38:bb:2a:a5:0a:33:84:3e:0c:df:43:d0:
0b:fc:24:a9:3b:2d:a5:45:a5:7a:63:ea:38:83:3e:
7f:5e:85:2b:45:b0:42:7c:19:bc:89:1f:55:66:e7:
fb:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E0:A1:7E:DB:79:0C:C2:8A:57:15:0B:01:AE:92:B2:50:84:E7:56
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xOChftt5DMKKVxULAa6SslCE51Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.99.0/24
163.5.143.0/24
163.5.192.0/23
163.5.213.0-163.5.214.255
185.253.54.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:19:c1:75:cc:9c:37:4a:50:f2:1d:5b:48:f9:d1:52:d8:98:
78:f4:ce:af:e0:12:e6:4d:f5:03:b3:a6:7d:18:37:02:ad:92:
d5:90:ca:b3:ac:72:87:01:5f:ab:f5:a6:d0:59:78:f1:38:bf:
f2:63:0e:56:1b:ba:f5:77:9a:45:52:48:2c:31:f7:f3:26:0c:
7f:6b:5d:b0:13:ef:03:f0:fc:70:cf:cb:82:0b:6b:f6:ad:6b:
b8:12:af:4c:a1:a5:db:9a:6e:4b:5e:77:0b:a4:e6:3f:82:64:
82:a4:08:c9:be:6f:06:39:89:5b:9b:ac:6b:7d:2b:81:c2:6e:
86:0a:39:40:17:27:0e:70:f6:22:d6:29:6d:7c:47:01:a2:f7:
2c:8c:ce:07:bc:03:0d:f4:4d:33:87:30:97:87:cf:63:e3:f6:
03:76:16:6c:21:14:f3:82:e6:86:b8:ef:b1:33:fb:52:61:cf:
e5:ec:a6:25:62:ac:37:e8:d0:68:44:d1:a2:1f:be:98:d5:32:
3e:14:a9:03:ed:29:aa:ab:f0:be:4c:4e:e2:ad:f8:e6:ab:79:
e9:e6:d7:fd:a8:58:fa:8d:44:b9:42:5f:c9:df:50:ac:b4:b5:
5f:a2:04:b3:a6:78:2c:07:a8:08:ba:78:a1:50:a3:39:45:75:
12:3a:83:0f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZSzumymnNOeDsvbMvqTAQO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTI5MjAyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGUwYTE3ZWRiNzkwY2MyOGE1NzE1MGIwMWFlOTJiMjUwODRlNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW9A71XSSFlVQeCgxCt0+mRBQIHC
junHUt81hUQMgBoXSXewigpYqPZjl2XsoHE8B+T2jiwWPtTopBbwajWv8LCk7DSV
v5N/KfnVPGWk+Z2b+GuVf2Hc2KirKuP1VL/CvoNDp6Lp8/49B2w428tizCSrguwD
sJw8R8hJeAGBtEcoDGMrQPPyD5Tf12o69PUn8rvm96IEyqzUvNKcUL4DPYlaDJdV
/1+XLG3lAF+c7FpKmlzsWsm2qgxAewzlJ6KiKFd9/UkXayI4h1S7r78d9Ujy41Q4
uyqlCjOEPgzfQ9AL/CSpOy2lRaV6Y+o4gz5/XoUrRbBCfBm8iR9VZuf7+QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMTgoX7beQzCilcVCwGukrJQhOdWMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveE9DaGZ0dDVETUtLVnhVTEFhNlNzbENFNTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAowVjAwQA
owWPAwQBowXAMAwDBACjBdUDBACjBdYDBAC5/TYwDQYJKoZIhvcNAQELBQADggEB
AGoZwXXMnDdKUPIdW0j50VLYmHj0zq/gEuZN9QOzpn0YNwKtktWQyrOscocBX6v1
ptBZePE4v/JjDlYbuvV3mkVSSCwx9/MmDH9rXbAT7wPw/HDPy4ILa/ata7gSr0yh
pduabktedwuk5j+CZIKkCMm+bwY5iVubrGt9K4HCboYKOUAXJw5w9iLWKW18RwGi
9yyMzge8Aw30TTOHMJeHz2Pj9gN2FmwhFPOC5oa477Ez+1Jhz+XspiVirDfo0GhE
0aIfvpjVMj4UqQPtKaqr8L5MTuKt+Oareenm1/2oWPqNRLlCX8nfUKy0tV+iBLOm
eCwHqAi6eKFQozlFdRI6gw8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:27:46 2025 by rpki-client