Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/khtbiZZNtdravP-MConYlqJTYmY.roa
File: khtbiZZNtdravP-MConYlqJTYmY.roa (raw, json)
Hash identifier: xXo87eImVPHif3j6yLOoXwcVidIvdHpygsCrdgfHCM4=
Subject key identifier: 92:1B:5B:89:96:4D:B5:DA:DA:BC:FF:8C:0A:89:D8:96:A2:53:62:66
Certificate issuer: /CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Certificate serial: 019427B5582FCA2EA235BF1BA6CD7DF76D36
Authority key identifier: 4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/khtbiZZNtdravP-MConYlqJTYmY.roa
Signing time: Thu 02 Jan 2025 15:49:43 +0000
ROA not before: Thu 02 Jan 2025 15:49:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57080
IP address blocks: 2a10:4646:1c0::/48 maxlen: 48
2a10:4646:1c1::/48 maxlen: 48
2a10:4646:1c2::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:58:2f:ca:2e:a2:35:bf:1b:a6:cd:7d:f7:6d:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a6d2817491dd2cd0678068e35a9efc68667df02
Validity
Not Before: Jan 2 15:49:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=921b5b89964db5dadabcff8c0a89d896a2536266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8a:3d:37:92:1a:63:5f:31:c4:a4:16:57:9b:
dd:e8:7b:a5:f4:5b:f1:9e:18:96:32:df:0d:a8:20:
09:ee:1f:f2:7c:0b:7c:f7:d4:f9:d9:85:b8:47:5e:
34:b1:a7:22:1f:ce:63:cb:74:78:76:72:4a:16:cf:
4e:dc:8b:51:9d:98:7b:4e:67:69:ed:00:b2:5b:52:
36:2d:4b:16:2a:86:7c:24:7d:3e:7c:93:78:49:ef:
d9:81:23:7a:65:7c:98:03:72:d2:f4:b5:be:ea:b8:
0c:20:c9:ae:86:88:1b:f5:d5:aa:e7:fa:0a:74:70:
d3:7b:7e:c5:ae:20:ff:04:bf:d0:0a:cc:2c:0f:4a:
de:e7:e3:4b:42:18:dc:d2:b6:ef:d1:55:62:d0:d4:
ad:01:1a:f3:a8:bb:2e:45:ef:30:6e:e6:3b:d1:e1:
33:60:90:de:97:e4:3c:41:a7:cb:09:d4:d2:0f:d2:
96:26:25:6c:06:cd:8c:56:99:eb:0b:ad:0e:3e:3f:
f3:ce:33:8c:f1:9a:63:2d:e0:c7:2b:bf:cd:ae:ef:
0e:d8:76:11:7c:17:84:0e:30:da:89:d7:5d:c5:e3:
ee:95:00:c6:20:26:f0:0c:e2:34:46:ac:68:79:20:
d3:4a:f2:98:5d:5f:f5:2e:3c:f1:f6:ae:f3:6a:f6:
16:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1B:5B:89:96:4D:B5:DA:DA:BC:FF:8C:0A:89:D8:96:A2:53:62:66
X509v3 Authority Key Identifier:
keyid:4A:6D:28:17:49:1D:D2:CD:06:78:06:8E:35:A9:EF:C6:86:67:DF:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sm0oF0kd0s0GeAaONanvxoZn3wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/khtbiZZNtdravP-MConYlqJTYmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9488c7-849c-4ff1-ab4c-ae9283e7964e/1/Sm0oF0kd0s0GeAaONanvxoZn3wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4646:1c0::-2a10:4646:1c2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c8:bc:da:21:60:89:b4:ae:b4:b3:71:f0:5c:fe:90:39:ad:3d:
ef:50:ef:ce:d3:e6:19:73:57:1e:dc:15:22:7d:58:b3:3c:ae:
97:bd:20:e8:75:23:81:3f:97:a9:ce:6f:2c:36:19:66:db:68:
be:33:d5:02:d9:a5:6b:09:54:e8:f0:6e:5a:e5:e4:99:c2:03:
35:5c:08:72:7c:3b:fe:f8:0f:d4:bf:bd:f4:7b:86:89:eb:51:
da:87:58:89:d4:cb:9a:ff:98:39:d5:6e:47:28:e8:19:81:69:
49:ef:a0:99:f7:84:9a:67:84:62:b4:0e:ad:a8:24:d2:8b:8c:
ae:80:a1:46:56:84:e1:09:45:ce:3d:c8:d2:2d:9a:f1:60:a9:
e0:cf:3d:b8:73:09:a1:89:c5:22:cb:7f:b1:8e:7e:27:82:41:
c3:c3:0b:bc:6c:b9:9f:e6:17:a5:c4:db:b1:fd:1e:d9:ed:4c:
fb:02:fb:d7:f5:96:4f:c1:58:cf:10:28:0a:92:6e:c0:0f:1d:
08:94:1f:dd:f0:e4:72:93:4e:b3:a5:7b:8d:41:6a:2e:06:98:
40:35:d0:22:a8:8f:48:cf:90:c8:e3:75:7a:6a:7e:38:c3:f9:
49:f1:9b:f0:55:67:95:f1:93:eb:52:8e:2a:cd:c7:05:9d:79:
51:ba:c7:1d
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQntVgvyi6iNb8bps199202MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNmQyODE3NDkxZGQyY2QwNjc4MDY4ZTM1YTllZmM2ODY2
N2RmMDIwHhcNMjUwMTAyMTU0OTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjFiNWI4OTk2NGRiNWRhZGFiY2ZmOGMwYTg5ZDg5NmEyNTM2MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYo9N5IaY18xxKQWV5vd6Hul9Fvx
nhiWMt8NqCAJ7h/yfAt899T52YW4R140saciH85jy3R4dnJKFs9O3ItRnZh7Tmdp
7QCyW1I2LUsWKoZ8JH0+fJN4Se/ZgSN6ZXyYA3LS9LW+6rgMIMmuhogb9dWq5/oK
dHDTe37FriD/BL/QCswsD0re5+NLQhjc0rbv0VVi0NStARrzqLsuRe8wbuY70eEz
YJDel+Q8QafLCdTSD9KWJiVsBs2MVpnrC60OPj/zzjOM8ZpjLeDHK7/Nru8O2HYR
fBeEDjDaidddxePulQDGICbwDOI0RqxoeSDTSvKYXV/1Ljzx9q7zavYWNwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFJIbW4mWTbXa2rz/jAqJ2JaiU2JmMB8GA1UdIwQY
MBaAFEptKBdJHdLNBngGjjWp78aGZ98CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMt
YWU5MjgzZTc5NjRlLzEva2h0YmlaWk50ZHJhdlAtTUNvbllscUpUWW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85NDg4YzctODQ5Yy00ZmYxLWFiNGMtYWU5MjgzZTc5NjRl
LzEvU20wb0Ywa2QwczBHZUFhT05hbnZ4b1puM3dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAAjAUMBIDBwYqEEZG
AcADBwAqEEZGAcIwDQYJKoZIhvcNAQELBQADggEBAMi82iFgibSutLNx8Fz+kDmt
Pe9Q787T5hlzVx7cFSJ9WLM8rpe9IOh1I4E/l6nObyw2GWbbaL4z1QLZpWsJVOjw
blrl5JnCAzVcCHJ8O/74D9S/vfR7honrUdqHWInUy5r/mDnVbkco6BmBaUnvoJn3
hJpnhGK0Dq2oJNKLjK6AoUZWhOEJRc49yNItmvFgqeDPPbhzCaGJxSLLf7GOfieC
QcPDC7xsuZ/mF6XE27H9HtntTPsC+9f1lk/BWM8QKAqSbsAPHQiUH93w5HKTTrOl
e41Bai4GmEA10CKoj0jPkMjjdXpqfjjD+Unxm/BVZ5Xxk+tSjirNxwWdeVG6xx0=
-----END CERTIFICATE-----
Generated at Wed Apr 9 16:19:34 2025 by rpki-client