Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nFYHaVQQoyUsHCSxi4S315KJSnU.roa
File: nFYHaVQQoyUsHCSxi4S315KJSnU.roa (raw, json)
Hash identifier: LycdMM1xOGVqn36lTjIhKepsLDHX1OBeRgnXV4Z/KBk=
Subject key identifier: 9C:56:07:69:54:10:A3:25:2C:1C:24:B1:8B:84:B7:D7:92:89:4A:75
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0195F762C09B042E0E6A5FD22B73EAB03D6D
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nFYHaVQQoyUsHCSxi4S315KJSnU.roa
Signing time: Wed 02 Apr 2025 16:43:18 +0000
ROA not before: Wed 02 Apr 2025 16:43:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 163.5.41.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
163.5.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f7:62:c0:9b:04:2e:0e:6a:5f:d2:2b:73:ea:b0:3d:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Apr 2 16:43:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9c5607695410a3252c1c24b18b84b7d792894a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f3:9a:83:a1:e3:fe:ba:a9:96:13:06:1b:ba:
8f:35:f7:54:3c:1d:71:d0:a9:f7:6d:f8:76:e9:8f:
eb:f4:55:af:66:8b:2a:26:3f:22:4b:0d:b6:c7:05:
8c:89:d0:f7:85:c7:9d:0b:ea:ee:de:13:4c:ed:9e:
a8:bd:e8:ea:2d:89:c7:3a:ef:d1:67:44:eb:43:b8:
bb:0e:6f:d0:bd:2f:31:37:10:c7:50:73:66:09:8f:
b7:46:71:9a:66:d5:48:aa:94:ea:c4:92:52:a9:01:
35:67:90:98:31:de:23:3f:5d:eb:e6:d9:77:b7:b7:
f2:c3:6d:8c:5d:27:90:bc:69:ef:85:08:ce:1f:79:
3a:00:51:21:41:64:4c:8e:44:ed:0e:3a:44:63:34:
e8:ad:ed:b0:c5:07:fe:17:88:7d:51:27:bf:e0:1e:
a4:43:99:66:6f:f3:6b:c4:f9:0e:05:7e:b0:a8:eb:
6c:1d:a5:b7:c8:c0:4d:dd:00:ba:a8:b9:27:2a:5e:
42:98:54:1d:1e:83:23:9e:89:6d:6c:3c:5c:21:3b:
4c:94:1d:69:9d:81:cd:69:67:f4:e6:21:70:6e:32:
4f:ed:5e:1d:76:89:3b:fb:50:54:c1:e6:a0:e6:3a:
dd:ae:ce:a7:70:d9:14:62:f9:8d:ae:b7:91:20:9e:
66:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:56:07:69:54:10:A3:25:2C:1C:24:B1:8B:84:B7:D7:92:89:4A:75
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/nFYHaVQQoyUsHCSxi4S315KJSnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.41.0/24
163.5.46.0/24
163.5.247.0-163.5.248.255
Signature Algorithm: sha256WithRSAEncryption
20:43:9e:a2:19:1f:0a:81:de:03:41:45:46:90:d8:47:54:13:
5e:c3:d9:20:57:15:bd:1d:1c:fd:d9:49:08:af:87:9f:03:6a:
04:18:48:84:0c:46:72:22:c4:7e:ff:08:07:3a:79:6c:97:2d:
0d:c4:d5:7f:3a:e5:d2:82:db:80:a8:f0:7b:c6:56:cd:ec:73:
cc:e4:48:c4:4d:06:ff:59:e1:b6:ca:43:8a:a7:36:ea:80:e5:
1a:c0:c2:1e:4a:e0:7d:fa:cd:e6:0c:ab:4b:ef:c7:80:3e:3d:
56:4f:24:70:61:e9:ac:c7:22:1e:11:35:08:0e:a7:63:c4:85:
ae:e7:b9:23:62:05:26:4d:72:e9:17:72:80:11:3e:07:ab:66:
91:8b:92:02:ae:f7:7a:27:89:af:0d:8f:ab:7e:1b:37:26:c5:
f8:d5:44:7e:69:3e:9d:d4:62:ba:5d:b9:e7:f3:42:ba:a6:7a:
85:23:0b:fa:25:c4:6c:94:c6:c2:53:ea:05:a7:30:ab:8c:30:
4f:3a:7a:d2:54:fc:e4:f6:0b:a2:32:aa:ca:e5:24:d4:05:0c:
ce:43:a9:8d:61:0c:08:3c:f4:86:12:24:af:6d:13:53:0d:88:
09:1f:0c:72:77:05:34:d6:da:ab:55:a1:b4:bb:57:9c:85:20:
28:e0:80:db
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZX3YsCbBC4Oal/SK3PqsD1tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwNDAyMTY0MzE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU2MDc2OTU0MTBhMzI1MmMxYzI0YjE4Yjg0YjdkNzkyODk0YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/Oag6Hj/rqplhMGG7qPNfdUPB1x
0Kn3bfh26Y/r9FWvZosqJj8iSw22xwWMidD3hcedC+ru3hNM7Z6ovejqLYnHOu/R
Z0TrQ7i7Dm/QvS8xNxDHUHNmCY+3RnGaZtVIqpTqxJJSqQE1Z5CYMd4jP13r5tl3
t7fyw22MXSeQvGnvhQjOH3k6AFEhQWRMjkTtDjpEYzTore2wxQf+F4h9USe/4B6k
Q5lmb/NrxPkOBX6wqOtsHaW3yMBN3QC6qLknKl5CmFQdHoMjnoltbDxcITtMlB1p
nYHNaWf05iFwbjJP7V4ddok7+1BUweag5jrdrs6ncNkUYvmNrreRIJ5mnwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJxWB2lUEKMlLBwksYuEt9eSiUp1MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvbkZZSGFWUVFveVVzSENTeGk0UzMxNUtKU25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAowUpAwQA
owUuMAwDBACjBfcDBACjBfgwDQYJKoZIhvcNAQELBQADggEBACBDnqIZHwqB3gNB
RUaQ2EdUE17D2SBXFb0dHP3ZSQivh58DagQYSIQMRnIixH7/CAc6eWyXLQ3E1X86
5dKC24Co8HvGVs3sc8zkSMRNBv9Z4bbKQ4qnNuqA5RrAwh5K4H36zeYMq0vvx4A+
PVZPJHBh6azHIh4RNQgOp2PEha7nuSNiBSZNcukXcoARPgerZpGLkgKu93onia8N
j6t+GzcmxfjVRH5pPp3UYrpduefzQrqmeoUjC/olxGyUxsJT6gWnMKuMME86etJU
/OT2C6IyqsrlJNQFDM5DqY1hDAg89IYSJK9tE1MNiAkfDHJ3BTTW2qtVobS7V5yF
ICjggNs=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:03 2025 by rpki-client on console.sobornost.net