Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BQHsSb-ji5JQpVThr1UientutBk.roa
File: BQHsSb-ji5JQpVThr1UientutBk.roa (raw, json)
Hash identifier: sszbxxeufuQU4aBZy/HFNSgD/EzzLJoHW+wecWaBomw=
Subject key identifier: 05:01:EC:49:BF:A3:8B:92:50:A5:54:E1:AF:55:22:7A:7B:6E:B4:19
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019427485529E2D2056B68288D007BD751D0
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BQHsSb-ji5JQpVThr1UientutBk.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 272939
IP address blocks: 171.22.166.0/23 maxlen: 23
171.22.166.0/24 maxlen: 24
171.22.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:55:29:e2:d2:05:6b:68:28:8d:00:7b:d7:51:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0501ec49bfa38b9250a554e1af55227a7b6eb419
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:45:2d:13:ee:c4:e4:42:76:91:22:ee:f7:f6:
24:52:86:ca:73:da:bb:aa:97:81:f0:98:04:f7:f2:
c0:0d:c6:56:f6:11:79:b1:ee:8b:60:8c:c0:e9:8f:
2a:8e:66:e1:06:cb:83:6d:64:c5:a7:9c:35:13:cb:
50:04:d7:fb:22:da:25:3f:dc:5e:fb:47:cc:37:0d:
2c:1b:d5:f1:79:fb:85:98:94:d0:80:84:01:03:cf:
d4:41:15:32:9c:44:c1:59:d0:d6:c9:7c:44:1d:9b:
17:fa:87:bc:05:c8:aa:c0:72:05:89:d5:98:56:12:
a4:21:b5:22:8b:4d:6e:fc:75:3f:7c:5f:1c:66:4a:
0d:f7:c6:f4:02:77:d5:67:8e:1d:ce:cb:e9:49:7f:
49:8b:c0:55:55:cd:d8:80:29:66:4d:d8:17:70:dd:
c9:9a:18:ee:64:69:86:9c:72:a4:ad:3e:1b:ea:1d:
fd:62:26:8b:fc:59:b7:88:17:a3:76:5a:10:13:57:
d1:ae:36:5f:13:cd:a0:88:bf:19:85:f6:77:cf:0e:
92:c5:df:f9:fe:72:e8:d5:9e:55:07:95:f8:37:0b:
72:a3:69:1a:29:0e:42:55:69:7d:ec:cd:9e:64:ea:
aa:b4:8d:1c:41:0d:dd:74:cc:fd:3f:54:67:5b:2b:
2a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:01:EC:49:BF:A3:8B:92:50:A5:54:E1:AF:55:22:7A:7B:6E:B4:19
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BQHsSb-ji5JQpVThr1UientutBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.166.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:59:3e:4c:8f:3e:8e:df:f0:71:ec:9d:9d:3c:c4:c8:a8:8a:
af:5a:d5:c5:8b:37:ad:a4:3d:94:5c:26:88:c4:1b:dd:fe:4c:
1c:2a:58:45:cc:23:0d:d6:1b:e0:d4:30:28:a8:bc:a1:25:2b:
c9:30:ab:a9:44:04:d7:77:3b:23:60:b2:80:38:27:c3:6c:cb:
7a:10:8a:58:ce:9b:89:ad:bc:a1:1e:c6:f7:04:a6:e1:87:1a:
1c:aa:ce:3b:92:60:f4:bd:83:47:a4:ed:64:2e:37:d4:df:cb:
da:ab:8b:c9:44:ff:9f:63:88:fe:46:e2:29:84:d5:cc:18:4a:
5e:0d:cd:c1:75:dd:3a:0c:4e:6a:16:64:40:8b:2a:ff:fe:cf:
64:cc:85:b9:5a:62:9d:fa:08:ad:19:ef:1e:51:58:92:da:d8:
06:8e:89:79:7f:1b:a7:73:f2:fc:50:09:7a:42:49:fd:8e:6c:
b7:dc:b3:06:e4:af:c4:a5:2b:b4:65:2c:b0:5a:06:23:75:4d:
82:c0:81:e5:43:73:4e:eb:3a:37:28:75:63:6c:c4:7d:31:95:
05:a4:93:c7:55:fc:f4:5b:0c:a7:6d:6d:0f:c6:2f:02:be:97:
0f:72:4d:c2:46:63:1e:05:56:d7:47:39:3b:2b:1e:ef:c7:2e:
ea:3e:ae:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFUp4tIFa2gojQB711HQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAxZWM0OWJmYTM4YjkyNTBhNTU0ZTFhZjU1MjI3YTdiNmViNDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkUtE+7E5EJ2kSLu9/YkUobKc9q7
qpeB8JgE9/LADcZW9hF5se6LYIzA6Y8qjmbhBsuDbWTFp5w1E8tQBNf7ItolP9xe
+0fMNw0sG9XxefuFmJTQgIQBA8/UQRUynETBWdDWyXxEHZsX+oe8BciqwHIFidWY
VhKkIbUii01u/HU/fF8cZkoN98b0AnfVZ44dzsvpSX9Ji8BVVc3YgClmTdgXcN3J
mhjuZGmGnHKkrT4b6h39YiaL/Fm3iBejdloQE1fRrjZfE82giL8ZhfZ3zw6Sxd/5
/nLo1Z5VB5X4Nwtyo2kaKQ5CVWl97M2eZOqqtI0cQQ3ddMz9P1RnWysqOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUB7Em/o4uSUKVU4a9VInp7brQZMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQlFIc1NiLWppNUpRcFZUaHIxVWllbnR1dEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBqxamMA0G
CSqGSIb3DQEBCwUAA4IBAQCfWT5Mjz6O3/Bx7J2dPMTIqIqvWtXFizetpD2UXCaI
xBvd/kwcKlhFzCMN1hvg1DAoqLyhJSvJMKupRATXdzsjYLKAOCfDbMt6EIpYzpuJ
rbyhHsb3BKbhhxocqs47kmD0vYNHpO1kLjfU38vaq4vJRP+fY4j+RuIphNXMGEpe
Dc3Bdd06DE5qFmRAiyr//s9kzIW5WmKd+gitGe8eUViS2tgGjol5fxunc/L8UAl6
Qkn9jmy33LMG5K/EpSu0ZSywWgYjdU2CwIHlQ3NO6zo3KHVjbMR9MZUFpJPHVfz0
WwynbW0Pxi8CvpcPck3CRmMeBVbXRzk7Kx7vxy7qPq7s
-----END CERTIFICATE-----
Generated at Sun Apr 6 23:00:28 2025 by rpki-client