Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/SxYWiZS3bfS5eXjUETPZ3_iay5U.roa
File: SxYWiZS3bfS5eXjUETPZ3_iay5U.roa (raw, json)
Hash identifier: PG8lLKuuEugRhPs/s9zpXq1piOLZJ1usLoo4stKVwO8=
Subject key identifier: 4B:16:16:89:94:B7:6D:F4:B9:79:78:D4:11:33:D9:DF:F8:9A:CB:95
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01957E14FF17483D7D165081E75A7D43C3D1
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/SxYWiZS3bfS5eXjUETPZ3_iay5U.roa
Signing time: Mon 10 Mar 2025 03:24:19 +0000
ROA not before: Mon 10 Mar 2025 03:24:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 273140
IP address blocks: 171.22.165.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:7e:14:ff:17:48:3d:7d:16:50:81:e7:5a:7d:43:c3:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 10 03:24:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b16168994b76df4b97978d41133d9dff89acb95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:c2:d0:ef:6d:a9:86:b7:63:3c:0b:e1:3e:
1d:14:e4:11:5c:1d:b0:51:a5:ec:ac:af:3b:16:bb:
13:ad:fc:d6:cb:43:4d:21:76:e2:b4:9a:3d:72:d9:
9c:61:2c:99:1b:81:2c:1d:a3:61:1a:a6:23:45:a0:
a4:0d:5f:6d:bc:3d:92:70:8e:13:4e:7a:14:c1:3f:
d9:a9:31:d0:a4:cf:fb:5a:30:ee:84:a7:b8:84:f1:
4b:a7:d4:41:4f:0d:91:9b:a2:9b:d3:c7:c5:18:47:
ee:50:3f:0b:c9:9c:d3:6e:64:08:bc:e5:b7:2c:2c:
fc:e2:a5:d6:a7:40:e6:6f:eb:a4:3d:4d:60:5b:1f:
5e:bb:2d:85:f4:a1:7e:c2:e8:75:0c:c2:db:09:a6:
83:a1:06:34:ce:7e:0c:e6:fd:f7:88:85:e7:c0:52:
67:9a:ae:41:3d:ad:8b:b7:c7:c9:58:f6:1c:c1:50:
c4:b3:69:23:61:af:9d:a9:90:88:b0:f8:9e:65:c2:
f0:21:b0:25:2f:c3:fb:b8:f7:21:b3:f3:16:46:34:
25:3f:f2:99:ac:78:c3:1d:cf:da:8c:68:d0:54:0a:
e7:1f:f8:9f:b0:8a:cd:90:56:10:43:12:71:8b:1f:
63:56:f3:a3:ec:28:12:49:4a:89:84:35:32:86:5d:
52:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:16:16:89:94:B7:6D:F4:B9:79:78:D4:11:33:D9:DF:F8:9A:CB:95
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/SxYWiZS3bfS5eXjUETPZ3_iay5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.165.0/24
Signature Algorithm: sha256WithRSAEncryption
48:2a:c6:8c:68:03:21:64:72:04:a9:a5:f6:1d:85:0d:ff:14:
07:78:37:42:5c:fe:7f:7d:b8:b3:01:3e:cb:37:2f:1d:3d:28:
ff:67:64:d6:e2:3f:24:75:9d:74:e9:b8:a4:3a:91:48:a5:39:
04:44:c9:26:9d:ba:6a:f7:a6:2e:3c:4b:94:00:8f:bc:65:9b:
2a:d3:2f:2d:b3:81:c8:f8:3d:76:68:7e:f0:7a:15:df:6e:22:
89:d3:8d:ef:ed:1a:e0:db:d0:cd:ef:d8:6d:c4:a1:5a:4d:a7:
4e:d8:7d:a6:fa:a5:3d:43:96:a4:1d:8b:5f:f3:2f:e3:b2:48:
ff:eb:78:32:62:8e:69:f0:be:db:e9:a4:18:ab:89:b1:59:60:
c4:ef:34:e9:63:c3:4e:d1:a3:7a:01:d9:9c:19:7a:6e:bc:a2:
60:90:f4:80:04:ee:19:73:37:1e:50:ba:cf:07:16:c1:7c:ad:
8f:9b:01:a0:0c:19:9d:59:86:94:dd:ed:11:aa:15:76:69:66:
5a:4f:58:f5:ad:b4:f6:b1:47:53:d5:52:17:ce:71:18:e8:1b:
b2:52:44:cf:a8:e8:d6:c7:51:65:16:f2:14:36:1e:8b:5f:86:
e6:dc:03:b4:76:7b:08:72:5f:76:71:1b:5a:9c:b3:1c:56:37:
69:b2:0d:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV+FP8XSD19FlCB51p9Q8PRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMzEwMDMyNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjE2MTY4OTk0Yjc2ZGY0Yjk3OTc4ZDQxMTMzZDlkZmY4OWFjYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYDC0O9tqYa3YzwL4T4dFOQRXB2w
UaXsrK87FrsTrfzWy0NNIXbitJo9ctmcYSyZG4EsHaNhGqYjRaCkDV9tvD2ScI4T
TnoUwT/ZqTHQpM/7WjDuhKe4hPFLp9RBTw2Rm6Kb08fFGEfuUD8LyZzTbmQIvOW3
LCz84qXWp0Dmb+ukPU1gWx9euy2F9KF+wuh1DMLbCaaDoQY0zn4M5v33iIXnwFJn
mq5BPa2Lt8fJWPYcwVDEs2kjYa+dqZCIsPieZcLwIbAlL8P7uPchs/MWRjQlP/KZ
rHjDHc/ajGjQVArnH/ifsIrNkFYQQxJxix9jVvOj7CgSSUqJhDUyhl1ScwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEsWFomUt230uXl41BEz2d/4msuVMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvU3hZV2laUzNiZlM1ZVhqVUVUUFozX2lheTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxalMA0G
CSqGSIb3DQEBCwUAA4IBAQBIKsaMaAMhZHIEqaX2HYUN/xQHeDdCXP5/fbizAT7L
Ny8dPSj/Z2TW4j8kdZ106bikOpFIpTkERMkmnbpq96YuPEuUAI+8ZZsq0y8ts4HI
+D12aH7wehXfbiKJ043v7Rrg29DN79htxKFaTadO2H2m+qU9Q5akHYtf8y/jskj/
63gyYo5p8L7b6aQYq4mxWWDE7zTpY8NO0aN6AdmcGXpuvKJgkPSABO4ZczceULrP
BxbBfK2PmwGgDBmdWYaU3e0RqhV2aWZaT1j1rbT2sUdT1VIXznEY6BuyUkTPqOjW
x1FlFvIUNh6LX4bm3AO0dnsIcl92cRtanLMcVjdpsg04
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:17:34 2025 by rpki-client