Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/ktpnhSV94n1dgI9-LO5orxsroMo.roa
File: ktpnhSV94n1dgI9-LO5orxsroMo.roa (raw, json)
Hash identifier: HdTZITsdNE12a7HbwFoAmzx8Exmybo0iwACkTzBDWZ0=
Subject key identifier: 92:DA:67:85:25:7D:E2:7D:5D:80:8F:7E:2C:EE:68:AF:1B:2B:A0:CA
Certificate issuer: /CN=38203463eb944b25c65135ca47bdbdab646f3984
Certificate serial: 019420683DFBA4AE915531E200DB3CD11969
Authority key identifier: 38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/ktpnhSV94n1dgI9-LO5orxsroMo.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50389
IP address blocks: 2a00:8860:300::/40 maxlen: 64
2a00:8861:300::/40 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3d:fb:a4:ae:91:55:31:e2:00:db:3c:d1:19:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38203463eb944b25c65135ca47bdbdab646f3984
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92da6785257de27d5d808f7e2cee68af1b2ba0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:4f:da:88:c8:c4:90:ca:80:bf:3a:31:16:
79:ca:57:fd:40:61:6d:28:21:ea:38:dc:4d:43:8f:
b8:ee:64:08:32:d7:fd:24:fc:eb:1e:34:e1:87:fd:
d7:f6:0a:5d:f3:1e:83:32:46:7a:e0:26:52:eb:19:
4a:20:c2:73:a8:a7:b3:61:aa:3d:30:4e:6c:77:b6:
8f:51:a2:8f:9f:79:6e:39:49:74:9c:e1:9b:6c:11:
38:86:0b:1e:8a:03:b5:ec:80:dd:ed:01:0d:be:c6:
8d:9b:ec:7b:db:fe:60:97:fc:e6:33:00:54:07:3d:
af:59:9d:3e:6a:85:8e:13:ca:b6:82:0f:7c:fe:73:
4c:da:b0:14:14:fc:e6:66:92:43:49:ab:b3:e5:7d:
25:ae:35:1a:b5:47:91:7a:92:49:f7:30:60:cc:0d:
6a:e0:36:19:f0:cb:1b:0c:71:55:12:a4:02:4d:3a:
ce:cd:79:1e:c3:ea:2c:fe:4b:7a:f4:d0:52:7a:eb:
2f:2a:65:f5:91:b4:4e:20:c2:f9:d2:90:06:dd:5d:
cf:9a:0d:f9:0b:4b:47:64:b6:ec:9b:2c:0c:ba:0b:
53:5e:f3:7b:d8:52:2d:75:db:fe:58:2d:3a:ab:91:
9d:2a:e9:ef:d2:a3:82:69:a0:9d:df:1a:93:46:92:
7d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:DA:67:85:25:7D:E2:7D:5D:80:8F:7E:2C:EE:68:AF:1B:2B:A0:CA
X509v3 Authority Key Identifier:
keyid:38:20:34:63:EB:94:4B:25:C6:51:35:CA:47:BD:BD:AB:64:6F:39:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OCA0Y-uUSyXGUTXKR729q2RvOYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/ktpnhSV94n1dgI9-LO5orxsroMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0a2984-a869-440d-b578-58935179b985/1/OCA0Y-uUSyXGUTXKR729q2RvOYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:8860:300::/40
2a00:8861:300::/40
Signature Algorithm: sha256WithRSAEncryption
42:28:b3:fc:17:38:e7:92:32:ee:86:b3:0d:9e:75:39:10:a5:
3c:0b:42:43:bc:2b:f5:9f:0f:73:a6:1a:b7:d9:81:8a:29:a4:
21:b4:ea:df:6a:b0:44:08:9e:88:fa:ea:15:c7:87:d7:82:ee:
26:01:c7:28:20:19:ae:33:5f:43:a1:13:d0:23:62:25:ee:5e:
03:c9:1a:78:45:75:f2:71:73:d3:aa:40:9b:3e:a3:0e:b5:fd:
f0:21:4c:73:1e:6b:6a:27:21:fd:51:48:26:c4:9a:02:f0:05:
2e:48:83:9b:69:c0:0b:7b:75:4c:36:e3:0c:a1:7d:e0:68:a6:
a0:2b:c1:53:d0:42:cc:18:05:47:84:90:ff:05:7b:54:03:9a:
94:22:95:4c:18:67:20:9c:14:50:0b:dd:f0:c3:9e:ce:b3:3f:
6a:64:51:91:90:72:85:f2:2e:5d:69:f5:e0:e8:d3:08:09:68:
f8:0a:87:93:7e:33:30:fc:c5:3b:d0:0c:df:08:8b:15:18:fb:
51:bc:7a:a5:0f:59:96:86:b0:af:b1:be:2a:ff:bc:af:48:6e:
65:c5:d7:88:08:03:db:2d:49:34:39:32:23:c2:bb:00:26:e7:
db:d7:8b:08:39:c0:db:91:a2:24:aa:c3:c2:76:98:f1:b1:af:
d8:fb:63:22
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZQgaD37pK6RVTHiANs80RlpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MjAzNDYzZWI5NDRiMjVjNjUxMzVjYTQ3YmRiZGFiNjQ2
ZjM5ODQwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmRhNjc4NTI1N2RlMjdkNWQ4MDhmN2UyY2VlNjhhZjFiMmJhMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLxP2ojIxJDKgL86MRZ5ylf9QGFt
KCHqONxNQ4+47mQIMtf9JPzrHjThh/3X9gpd8x6DMkZ64CZS6xlKIMJzqKezYao9
ME5sd7aPUaKPn3luOUl0nOGbbBE4hgseigO17IDd7QENvsaNm+x72/5gl/zmMwBU
Bz2vWZ0+aoWOE8q2gg98/nNM2rAUFPzmZpJDSauz5X0lrjUatUeRepJJ9zBgzA1q
4DYZ8MsbDHFVEqQCTTrOzXkew+os/kt69NBSeusvKmX1kbROIML50pAG3V3Pmg35
C0tHZLbsmywMugtTXvN72FItddv+WC06q5GdKunv0qOCaaCd3xqTRpJ9RQIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFJLaZ4UlfeJ9XYCPfizuaK8bK6DKMB8GA1UdIwQY
MBaAFDggNGPrlEslxlE1yke9vatkbzmEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1Nzgt
NTg5MzUxNzliOTg1LzEva3RwbmhTVjk0bjFkZ0k5LUxPNW9yeHNyb01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wYTI5ODQtYTg2OS00NDBkLWI1NzgtNTg5MzUxNzliOTg1
LzEvT0NBMFktdVVTeVhHVVRYS1I3MjlxMlJ2T1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCkGCCsGAQUFBwEHAQH/BBowGDAWBAIAAjAQAwYAKgCIYAMD
BgAqAIhhAzANBgkqhkiG9w0BAQsFAAOCAQEAQiiz/Bc455Iy7oazDZ51ORClPAtC
Q7wr9Z8Pc6Yat9mBiimkIbTq32qwRAieiPrqFceH14LuJgHHKCAZrjNfQ6ET0CNi
Je5eA8kaeEV18nFz06pAmz6jDrX98CFMcx5raich/VFIJsSaAvAFLkiDm2nAC3t1
TDbjDKF94GimoCvBU9BCzBgFR4SQ/wV7VAOalCKVTBhnIJwUUAvd8MOezrM/amRR
kZByhfIuXWn14OjTCAlo+AqHk34zMPzFO9AM3wiLFRj7Ubx6pQ9Zloawr7G+Kv+8
r0huZcXXiAgD2y1JNDkyI8K7ACbn29eLCDnA25GiJKrDwnaY8bGv2PtjIg==
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:56:45 2025 by rpki-client