Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b841cc-d663-4633-9c49-147e386c0150/1/neQhSGrd27w6Xn2chZDgwEsCrLI.roa
File: neQhSGrd27w6Xn2chZDgwEsCrLI.roa (raw, json)
Hash identifier: 1tkSubS/cwYJgj12QwQ+XvFzRT5l/tNW9QOj+Oo5EeY=
Subject key identifier: 9D:E4:21:48:6A:DD:DB:BC:3A:5E:7D:9C:85:90:E0:C0:4B:02:AC:B2
Certificate issuer: /CN=875f412adb18d42fadd0a85873718dada931d1c2
Certificate serial: 01942825DA765411090A61B8536C82EF0AF4
Authority key identifier: 87:5F:41:2A:DB:18:D4:2F:AD:D0:A8:58:73:71:8D:AD:A9:31:D1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h19BKtsY1C-t0KhYc3GNrakx0cI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b841cc-d663-4633-9c49-147e386c0150/1/neQhSGrd27w6Xn2chZDgwEsCrLI.roa
Signing time: Thu 02 Jan 2025 17:52:36 +0000
ROA not before: Thu 02 Jan 2025 17:52:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211557
IP address blocks: 5.63.21.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:da:76:54:11:09:0a:61:b8:53:6c:82:ef:0a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=875f412adb18d42fadd0a85873718dada931d1c2
Validity
Not Before: Jan 2 17:52:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9de421486adddbbc3a5e7d9c8590e0c04b02acb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:eb:52:a2:63:eb:f1:9d:4b:d7:fe:cc:8d:47:
76:36:22:b0:8d:dc:3d:5d:c8:88:a7:d5:cd:90:25:
23:3e:53:fb:93:fb:6f:84:44:8c:0a:c8:5a:e1:98:
e2:89:99:c4:d7:d1:4f:23:91:06:67:ed:c9:05:a2:
8f:1a:63:a4:c9:0b:99:80:65:18:60:1e:8a:43:68:
01:fd:f3:b0:9f:7d:a1:c5:f0:78:15:2b:45:f4:3b:
56:d0:7b:11:43:68:2a:15:cd:6c:21:54:02:c6:64:
92:44:16:6d:21:56:77:08:f8:31:a9:74:0f:cd:c4:
6d:cd:26:16:67:51:14:f1:d2:5f:87:46:b0:84:7e:
79:f9:a1:a2:ca:06:16:b2:94:71:2f:4d:47:c5:da:
ab:cf:4f:ab:0d:72:32:5d:79:11:78:4f:2d:7e:2f:
e3:4d:89:bb:87:0c:81:6b:a7:8d:82:df:8a:62:a8:
a8:13:c2:00:57:4c:85:fa:a0:20:f5:42:e5:2c:80:
91:8d:98:69:2b:7d:11:3e:57:5d:d5:b3:e0:78:d4:
ee:26:5a:ba:71:dc:17:bc:4a:61:8c:68:f0:04:a2:
15:d5:ca:15:5e:0b:cd:29:61:d2:47:ac:16:d3:93:
55:a6:83:db:87:54:15:1c:b3:75:b6:00:5f:79:a2:
de:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E4:21:48:6A:DD:DB:BC:3A:5E:7D:9C:85:90:E0:C0:4B:02:AC:B2
X509v3 Authority Key Identifier:
keyid:87:5F:41:2A:DB:18:D4:2F:AD:D0:A8:58:73:71:8D:AD:A9:31:D1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h19BKtsY1C-t0KhYc3GNrakx0cI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b841cc-d663-4633-9c49-147e386c0150/1/neQhSGrd27w6Xn2chZDgwEsCrLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b841cc-d663-4633-9c49-147e386c0150/1/h19BKtsY1C-t0KhYc3GNrakx0cI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.21.0/24
Signature Algorithm: sha256WithRSAEncryption
24:cc:5f:70:54:0c:11:76:91:a8:bd:ac:a1:93:ea:74:2d:23:
84:7f:12:6d:11:78:0f:db:a9:ad:20:c8:13:0a:d5:de:49:a9:
d8:f0:8e:08:79:10:17:db:87:db:59:ba:02:8d:42:17:53:21:
5b:6a:89:ab:e2:b3:1e:51:dd:80:25:a5:39:27:a4:5e:c5:95:
2e:22:3d:1a:cd:bf:64:be:e2:94:5d:aa:6e:bb:57:a7:90:a1:
45:1b:6d:7c:cb:5e:12:11:13:e0:47:cf:2f:98:14:db:5c:5f:
d6:76:1f:24:e9:2c:c6:e5:d1:8a:79:7e:1c:4b:55:c1:e3:cc:
82:49:b3:3f:f7:86:d2:97:f6:7a:93:14:a8:56:04:a3:b5:6e:
23:ac:3f:02:e6:99:6f:42:1f:f3:2b:bb:47:8e:51:a0:90:6d:
f4:82:1e:48:32:22:d7:2c:3e:d2:5b:9a:ae:12:66:8c:b2:10:
0b:f9:f6:25:f2:5a:62:74:70:ad:c8:66:dc:44:b5:10:ee:ab:
38:4c:9a:e0:1d:45:1b:55:d0:4a:a3:a7:04:49:54:a0:33:b9:
11:e3:e5:6e:08:93:9c:36:f8:5e:84:fa:10:2f:43:35:21:30:
01:4e:c6:67:97:a1:53:4a:6e:9d:5b:a5:23:1b:d8:ac:1d:47:
a1:e2:4a:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJdp2VBEJCmG4U2yC7wr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NWY0MTJhZGIxOGQ0MmZhZGQwYTg1ODczNzE4ZGFkYTkz
MWQxYzIwHhcNMjUwMTAyMTc1MjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGU0MjE0ODZhZGRkYmJjM2E1ZTdkOWM4NTkwZTBjMDRiMDJhY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+tSomPr8Z1L1/7MjUd2NiKwjdw9
XciIp9XNkCUjPlP7k/tvhESMCsha4ZjiiZnE19FPI5EGZ+3JBaKPGmOkyQuZgGUY
YB6KQ2gB/fOwn32hxfB4FStF9DtW0HsRQ2gqFc1sIVQCxmSSRBZtIVZ3CPgxqXQP
zcRtzSYWZ1EU8dJfh0awhH55+aGiygYWspRxL01Hxdqrz0+rDXIyXXkReE8tfi/j
TYm7hwyBa6eNgt+KYqioE8IAV0yF+qAg9ULlLICRjZhpK30RPldd1bPgeNTuJlq6
cdwXvEphjGjwBKIV1coVXgvNKWHSR6wW05NVpoPbh1QVHLN1tgBfeaLe3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ3kIUhq3du8Ol59nIWQ4MBLAqyyMB8GA1UdIwQY
MBaAFIdfQSrbGNQvrdCoWHNxja2pMdHCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDE5Qkt0c1kxQy10MEtoWWMzR05yYWt4MGNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iODQxY2MtZDY2My00NjMzLTljNDkt
MTQ3ZTM4NmMwMTUwLzEvbmVRaFNHcmQyN3c2WG4yY2haRGd3RXNDckxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iODQxY2MtZDY2My00NjMzLTljNDktMTQ3ZTM4NmMwMTUw
LzEvaDE5Qkt0c1kxQy10MEtoWWMzR05yYWt4MGNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABT8VMA0G
CSqGSIb3DQEBCwUAA4IBAQAkzF9wVAwRdpGovayhk+p0LSOEfxJtEXgP26mtIMgT
CtXeSanY8I4IeRAX24fbWboCjUIXUyFbaomr4rMeUd2AJaU5J6RexZUuIj0azb9k
vuKUXapuu1enkKFFG218y14SERPgR88vmBTbXF/Wdh8k6SzG5dGKeX4cS1XB48yC
SbM/94bSl/Z6kxSoVgSjtW4jrD8C5plvQh/zK7tHjlGgkG30gh5IMiLXLD7SW5qu
EmaMshAL+fYl8lpidHCtyGbcRLUQ7qs4TJrgHUUbVdBKo6cESVSgM7kR4+VuCJOc
NvhehPoQL0M1ITABTsZnl6FTSm6dW6UjG9isHUeh4kqM
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:48:10 2025 by rpki-client