Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KHg0aS-OU2RF4BwE1AdiXQ8vDlI.roa
File: KHg0aS-OU2RF4BwE1AdiXQ8vDlI.roa (raw, json)
Hash identifier: a/NJzkOYNVyVhVOjyXq+HXSePtY1/ZpXKQLVl7MmhP4=
Subject key identifier: 28:78:34:69:2F:8E:53:64:45:E0:1C:04:D4:07:62:5D:0F:2F:0E:52
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2A0825CD627C6938F44AED719D89
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KHg0aS-OU2RF4BwE1AdiXQ8vDlI.roa
Signing time: Wed 01 Jan 2025 19:49:07 +0000
ROA not before: Wed 01 Jan 2025 19:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 163.5.177.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2a:08:25:cd:62:7c:69:38:f4:4a:ed:71:9d:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=287834692f8e536445e01c04d407625d0f2f0e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:cc:f0:a3:57:32:2f:aa:e8:fa:bf:3a:04:18:
43:e3:0c:4b:8c:66:43:bd:85:a7:bf:b4:28:5e:4c:
6c:91:de:88:b3:f5:9d:4b:2b:07:76:bb:0e:73:03:
83:2a:3c:5c:74:99:ec:7e:b1:83:5c:3a:43:f9:e8:
f6:c7:04:78:29:92:ba:ef:e5:20:bc:e8:3c:a0:f0:
6d:21:88:86:8b:ba:74:3f:3f:6d:6d:51:5f:ab:fa:
cf:5f:be:ee:19:81:90:06:3b:54:b3:4d:de:51:0a:
5d:73:12:51:c3:ec:85:ed:b2:2d:f7:d3:62:c0:cb:
ea:26:ce:7c:bc:ed:62:d4:98:12:3c:ea:4e:d0:54:
a8:f8:2b:70:ad:9a:7e:f0:b0:f8:8b:5d:f6:1a:fe:
ba:3c:f2:e7:71:ac:4d:5d:94:35:e6:be:06:43:5f:
40:3f:dc:2d:ff:db:e5:f3:07:ce:f2:bc:77:ef:0f:
cb:15:27:91:a2:1b:00:54:99:0f:27:e0:30:0f:66:
d5:f7:d5:2d:88:b6:2f:ae:15:9f:a0:e6:b4:22:58:
d9:38:b9:89:3c:7c:cc:aa:26:fc:ae:3d:a5:a5:86:
3b:1f:82:e4:e9:ec:c3:fd:77:a2:e0:a3:f3:c2:55:
ff:41:1a:a2:54:a1:63:55:b5:59:d5:de:97:6b:f7:
6b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:78:34:69:2F:8E:53:64:45:E0:1C:04:D4:07:62:5D:0F:2F:0E:52
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/KHg0aS-OU2RF4BwE1AdiXQ8vDlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.177.0/24
Signature Algorithm: sha256WithRSAEncryption
14:39:6e:27:19:ac:6f:ae:c9:3d:58:18:c6:6d:1e:7c:85:65:
ad:da:14:62:52:38:70:b5:3f:08:4a:0a:5e:a4:47:e7:69:68:
00:a6:20:21:7a:8b:30:f0:a0:ea:0c:ae:eb:29:78:54:b2:7d:
43:80:28:ce:35:8d:2b:c4:49:5f:0c:e5:62:b0:37:c9:f1:a4:
0d:ee:5f:62:5a:5b:1a:cb:72:08:d8:9d:5a:9c:bb:17:2e:ca:
45:20:c8:11:81:98:c8:f0:c2:d1:d3:26:04:a6:e8:17:c9:d5:
a6:2d:a5:b1:0d:b1:89:50:15:31:66:c1:ff:b6:ac:aa:9c:ab:
9b:24:84:11:d9:66:63:87:ed:9e:e2:c8:9a:93:c7:74:72:2b:
88:ad:7f:85:68:4e:34:95:30:d1:2e:ad:30:78:52:21:bc:8d:
51:56:57:22:73:1f:d9:75:b8:59:66:50:65:e4:4c:29:36:03:
28:7d:12:2f:69:8f:6c:91:0c:2b:fb:fe:f5:71:16:1a:ef:87:
7e:56:71:ce:3e:3c:1f:42:cb:ad:f4:f8:99:d3:16:a8:49:19:
1d:28:40:76:66:95:ab:d6:3b:dc:d6:61:1a:7a:b6:31:d1:b0:
0e:45:dc:35:5a:5c:c8:9f:f3:80:3e:06:8e:5b:7f:81:21:a8:
d7:7c:08:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjaioIJc1ifGk49ErtcZ2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODc4MzQ2OTJmOGU1MzY0NDVlMDFjMDRkNDA3NjI1ZDBmMmYwZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1szwo1cyL6ro+r86BBhD4wxLjGZD
vYWnv7QoXkxskd6Is/WdSysHdrsOcwODKjxcdJnsfrGDXDpD+ej2xwR4KZK67+Ug
vOg8oPBtIYiGi7p0Pz9tbVFfq/rPX77uGYGQBjtUs03eUQpdcxJRw+yF7bIt99Ni
wMvqJs58vO1i1JgSPOpO0FSo+CtwrZp+8LD4i132Gv66PPLncaxNXZQ15r4GQ19A
P9wt/9vl8wfO8rx37w/LFSeRohsAVJkPJ+AwD2bV99UtiLYvrhWfoOa0IljZOLmJ
PHzMqib8rj2lpYY7H4Lk6ezD/Xei4KPzwlX/QRqiVKFjVbVZ1d6Xa/drgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCh4NGkvjlNkReAcBNQHYl0PLw5SMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvS0hnMGFTLU9VMlJGNEJ3RTFBZGlYUTh2RGxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowWxMA0G
CSqGSIb3DQEBCwUAA4IBAQAUOW4nGaxvrsk9WBjGbR58hWWt2hRiUjhwtT8ISgpe
pEfnaWgApiAheosw8KDqDK7rKXhUsn1DgCjONY0rxElfDOVisDfJ8aQN7l9iWlsa
y3II2J1anLsXLspFIMgRgZjI8MLR0yYEpugXydWmLaWxDbGJUBUxZsH/tqyqnKub
JIQR2WZjh+2e4siak8d0ciuIrX+FaE40lTDRLq0weFIhvI1RVlcicx/ZdbhZZlBl
5EwpNgMofRIvaY9skQwr+/71cRYa74d+VnHOPjwfQsut9PiZ0xaoSRkdKEB2ZpWr
1jvc1mEaerYx0bAORdw1WlzIn/OAPgaOW3+BIajXfAjs
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net