Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LbLNf_ByZtWokKywFH2m2SJdVIk.roa
File: LbLNf_ByZtWokKywFH2m2SJdVIk.roa (raw, json)
Hash identifier: gVSZZaMPlCJOSCalgjl4oE7FoY0gdwLNTiPycARK3G0=
Subject key identifier: 2D:B2:CD:7F:F0:72:66:D5:A8:90:AC:B0:14:7D:A6:D9:22:5D:54:89
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A1D9B26B14721862813DCFF050621
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LbLNf_ByZtWokKywFH2m2SJdVIk.roa
Signing time: Wed 01 Jan 2025 19:49:04 +0000
ROA not before: Wed 01 Jan 2025 19:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 163.5.72.0/24 maxlen: 24
163.5.77.0/24 maxlen: 24
163.5.162.0/24 maxlen: 24
163.5.163.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:1d:9b:26:b1:47:21:86:28:13:dc:ff:05:06:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2db2cd7ff07266d5a890acb0147da6d9225d5489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d3:0c:fa:3b:f5:8c:18:86:10:b6:2a:a5:99:
47:98:c3:06:a4:b8:49:cb:a6:0f:4f:bd:bd:31:a4:
fe:b7:4d:e8:08:5b:0b:53:e6:7a:ce:26:a9:e6:95:
74:16:d6:38:48:1c:a7:76:8f:ce:08:d6:d1:f4:17:
2f:ff:8c:21:90:f2:d3:6f:54:f4:00:e3:63:fc:d8:
c5:f8:44:ae:7e:4c:8c:b7:ae:e2:77:fe:78:e5:89:
bd:cb:c7:4e:e0:00:a9:22:03:7d:13:d0:1a:5d:22:
6f:7a:43:c2:f4:9b:99:71:f1:2b:26:10:86:80:9a:
12:d1:c2:3c:0d:ba:2c:dd:2b:2c:54:7a:8b:37:8d:
be:1c:43:0c:d3:e0:92:48:74:85:9b:e6:e3:90:34:
cf:5f:d9:fe:c0:a2:a0:e8:bf:e8:c8:d4:76:da:17:
24:f7:3c:7d:05:36:e5:8b:89:7c:85:6f:59:74:b8:
23:01:85:04:e7:6f:32:98:19:2d:72:a7:11:6b:91:
e5:d9:11:b5:42:35:b7:53:4e:f5:23:09:6b:bb:7d:
e0:ba:14:c9:d3:0d:43:54:cb:f0:a0:bc:1e:a7:90:
7e:ba:18:6d:8f:0c:06:b3:b0:58:49:f7:44:d8:e9:
31:0c:5a:fe:84:95:a4:16:45:f0:59:50:ab:0e:81:
a6:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B2:CD:7F:F0:72:66:D5:A8:90:AC:B0:14:7D:A6:D9:22:5D:54:89
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/LbLNf_ByZtWokKywFH2m2SJdVIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.72.0/24
163.5.77.0/24
163.5.162.0/23
Signature Algorithm: sha256WithRSAEncryption
00:bb:19:ba:16:40:e6:ab:c1:3e:d3:65:a2:09:ea:8d:9e:6a:
5a:43:f8:6b:68:02:92:a2:a9:75:56:20:89:99:e4:0b:90:80:
e8:5f:fe:01:e3:b6:13:d7:f0:07:1c:2d:ed:e0:50:ff:ce:1f:
c8:80:71:fe:32:54:3f:c5:38:78:ee:bd:60:34:ff:05:79:d7:
c3:a6:11:b4:6e:bc:c3:33:74:e8:64:f1:0d:ed:c1:fe:f4:2c:
ec:4d:d2:a3:6f:74:86:fe:c4:ab:6b:4b:4f:9a:f3:2e:83:0d:
3f:19:61:c4:f1:20:fa:ce:85:9a:d8:98:d3:bf:2d:0e:77:79:
e6:95:2c:2b:dd:b4:4a:b9:45:69:00:5e:86:fb:df:11:07:a9:
ea:14:5b:48:68:ab:a3:c1:6b:53:fd:d7:db:b7:d4:1f:de:67:
6e:c1:04:90:0a:e6:22:51:df:d2:e9:e0:a1:f5:55:b2:a6:64:
70:bf:6f:f4:a7:72:08:fe:0e:91:6c:5a:c6:c0:51:5e:7e:72:
78:1f:c2:f8:dd:d1:9b:ef:47:1a:0b:86:36:5a:3d:67:ef:77:
ba:6c:18:b8:9c:47:42:ff:d0:78:f9:9d:26:ca:dc:a9:3b:cd:
2d:de:9c:21:13:38:e0:78:c2:92:06:73:1b:26:f5:97:8b:d3:
b5:40:2e:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQjah2bJrFHIYYoE9z/BQYhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIyY2Q3ZmYwNzI2NmQ1YTg5MGFjYjAxNDdkYTZkOTIyNWQ1NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9MM+jv1jBiGELYqpZlHmMMGpLhJ
y6YPT729MaT+t03oCFsLU+Z6ziap5pV0FtY4SByndo/OCNbR9Bcv/4whkPLTb1T0
AONj/NjF+ESufkyMt67id/545Ym9y8dO4ACpIgN9E9AaXSJvekPC9JuZcfErJhCG
gJoS0cI8Dbos3SssVHqLN42+HEMM0+CSSHSFm+bjkDTPX9n+wKKg6L/oyNR22hck
9zx9BTbli4l8hW9ZdLgjAYUE528ymBktcqcRa5Hl2RG1QjW3U071Iwlru33guhTJ
0w1DVMvwoLwep5B+uhhtjwwGs7BYSfdE2OkxDFr+hJWkFkXwWVCrDoGmbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC2yzX/wcmbVqJCssBR9ptkiXVSJMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTGJMTmZfQnladFdva0t5d0ZIMm0yU0pkVklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAowVIAwQA
owVNAwQBowWiMA0GCSqGSIb3DQEBCwUAA4IBAQAAuxm6FkDmq8E+02WiCeqNnmpa
Q/hraAKSoql1ViCJmeQLkIDoX/4B47YT1/AHHC3t4FD/zh/IgHH+MlQ/xTh47r1g
NP8FedfDphG0brzDM3ToZPEN7cH+9CzsTdKjb3SG/sSra0tPmvMugw0/GWHE8SD6
zoWa2JjTvy0Od3nmlSwr3bRKuUVpAF6G+98RB6nqFFtIaKujwWtT/dfbt9Qf3mdu
wQSQCuYiUd/S6eCh9VWypmRwv2/0p3II/g6RbFrGwFFefnJ4H8L43dGb70caC4Y2
Wj1n73e6bBi4nEdC/9B4+Z0mytypO80t3pwhEzjgeMKSBnMbJvWXi9O1QC7G
-----END CERTIFICATE-----
Generated at Fri Apr 25 01:39:50 2025 by rpki-client