Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xTS-eV9ZiqH9aCSEy31W22AlCUc.roa
File: xTS-eV9ZiqH9aCSEy31W22AlCUc.roa (raw, json)
Hash identifier: MWggCidz6d6/upRgzXMfS8YZNHnZ6kSOuiueyuickLc=
Subject key identifier: C5:34:BE:79:5F:59:8A:A1:FD:68:24:84:CB:7D:56:DB:60:25:09:47
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194234B36595977433F8E130D04AAC72672
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xTS-eV9ZiqH9aCSEy31W22AlCUc.roa
Signing time: Wed 01 Jan 2025 19:15:19 +0000
ROA not before: Wed 01 Jan 2025 19:15:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29837
IP address blocks: 163.5.237.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:4b:36:59:59:77:43:3f:8e:13:0d:04:aa:c7:26:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:15:19 2025 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c534be795f598aa1fd682484cb7d56db60250947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:8f:10:31:97:39:d7:da:c7:6c:39:41:0e:2d:
f2:a8:ea:02:ab:d6:24:8c:f0:38:9b:89:61:5b:71:
9a:3e:8b:1a:c3:e7:58:3d:7f:49:ea:0c:03:81:8d:
b2:ca:0a:28:77:6a:75:f4:a4:9d:ee:1c:67:b7:a0:
a1:aa:8d:c2:41:3e:0a:bc:bd:2e:8c:c4:00:99:eb:
4c:bb:79:44:69:3b:59:e5:63:e7:d6:b8:e6:51:35:
3e:0c:de:04:55:fa:d7:b9:39:05:30:ca:2a:d1:74:
e8:c0:e6:f2:22:79:55:2b:f1:47:cc:e9:65:c8:36:
ce:c1:60:4f:45:3a:f3:41:32:68:48:13:e2:0e:2e:
c5:3a:b7:fd:7c:20:17:67:4f:ab:7b:8f:5c:ec:80:
29:e0:48:b5:04:fe:37:fb:f4:b0:82:3c:7f:7f:e1:
1a:e7:7c:4f:aa:7f:ac:c0:a2:97:d1:02:1c:28:23:
8c:a0:f5:75:49:56:6a:71:a4:2a:8b:eb:58:ab:da:
da:ee:72:70:fc:58:8c:2c:37:df:5e:ce:af:f5:4f:
da:e9:c5:cd:38:fd:4c:d8:5c:35:80:8c:39:9f:eb:
a3:47:be:dc:73:d9:d8:18:af:c4:62:1f:52:9b:57:
c5:39:84:0d:32:00:12:f7:4a:7e:2a:60:4f:af:23:
fe:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:34:BE:79:5F:59:8A:A1:FD:68:24:84:CB:7D:56:DB:60:25:09:47
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/xTS-eV9ZiqH9aCSEy31W22AlCUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.237.0/24
Signature Algorithm: sha256WithRSAEncryption
76:34:e9:98:0a:48:ee:d0:0e:16:7f:a9:6d:1d:f6:b7:72:a4:
39:8f:79:d1:4c:a4:d9:7c:74:87:12:f7:64:ae:a0:f6:88:36:
b2:70:77:2a:ab:34:63:b7:3b:a2:ce:e0:95:58:0c:59:11:c7:
bb:54:19:92:d1:51:9e:46:3e:e0:12:90:8f:3a:e0:c1:f5:a8:
17:39:30:ca:c6:d6:fe:67:49:fd:50:d1:5f:a4:01:a0:c6:73:
ad:ea:99:07:bb:f5:d8:88:61:6a:f3:6a:ea:58:2e:7b:da:56:
83:63:4a:a8:4d:7c:ad:8a:30:b2:6c:6f:66:ce:b2:68:4a:49:
80:af:d4:9d:79:62:3c:ed:5d:c9:a0:a1:1c:88:a7:d8:e1:4b:
ef:72:36:54:1b:6e:49:85:56:6c:e0:b2:d2:42:7b:fa:87:72:
8f:eb:d1:05:84:3f:ba:32:39:b3:a9:6c:c6:47:e5:53:b0:14:
e1:26:c8:38:75:3f:45:c5:16:f6:2d:a1:47:81:14:77:17:86:
8d:64:40:40:d8:24:87:05:68:14:d5:21:7a:cf:03:38:28:22:
e9:96:3e:0a:84:7c:80:86:c9:15:72:69:c9:80:4c:cb:f7:f2:
27:5e:a7:7f:4a:71:ca:0c:78:f5:9b:f2:39:f2:dd:f9:88:47:
d7:cf:e0:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjSzZZWXdDP44TDQSqxyZyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTkxNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTM0YmU3OTVmNTk4YWExZmQ2ODI0ODRjYjdkNTZkYjYwMjUwOTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Y8QMZc519rHbDlBDi3yqOoCq9Yk
jPA4m4lhW3GaPosaw+dYPX9J6gwDgY2yygood2p19KSd7hxnt6Chqo3CQT4KvL0u
jMQAmetMu3lEaTtZ5WPn1rjmUTU+DN4EVfrXuTkFMMoq0XTowObyInlVK/FHzOll
yDbOwWBPRTrzQTJoSBPiDi7FOrf9fCAXZ0+re49c7IAp4Ei1BP43+/Swgjx/f+Ea
53xPqn+swKKX0QIcKCOMoPV1SVZqcaQqi+tYq9ra7nJw/FiMLDffXs6v9U/a6cXN
OP1M2Fw1gIw5n+ujR77cc9nYGK/EYh9Sm1fFOYQNMgAS90p+KmBPryP+9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMU0vnlfWYqh/WgkhMt9VttgJQlHMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEveFRTLWVWOVppcUg5YUNTRXkzMVcyMkFsQ1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowXtMA0G
CSqGSIb3DQEBCwUAA4IBAQB2NOmYCkju0A4Wf6ltHfa3cqQ5j3nRTKTZfHSHEvdk
rqD2iDaycHcqqzRjtzuizuCVWAxZEce7VBmS0VGeRj7gEpCPOuDB9agXOTDKxtb+
Z0n9UNFfpAGgxnOt6pkHu/XYiGFq82rqWC572laDY0qoTXytijCybG9mzrJoSkmA
r9SdeWI87V3JoKEciKfY4UvvcjZUG25JhVZs4LLSQnv6h3KP69EFhD+6MjmzqWzG
R+VTsBThJsg4dT9FxRb2LaFHgRR3F4aNZEBA2CSHBWgU1SF6zwM4KCLplj4KhHyA
hskVcmnJgEzL9/InXqd/SnHKDHj1m/I58t35iEfXz+B7
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:28:00 2025 by rpki-client