Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/sTPvAVkk0lzn1aqZTa0vE5URnXE.roa
File: sTPvAVkk0lzn1aqZTa0vE5URnXE.roa (raw, json)
Hash identifier: Ca0epwNY4XymM+oI6Swm3+NbQzkrDGz6ZAOkVsfc9rs=
Subject key identifier: B1:33:EF:01:59:24:D2:5C:E7:D5:AA:99:4D:AD:2F:13:95:11:9D:71
Certificate issuer: /CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Certificate serial: 019B4AD05B7775185E27AA9FECEEB313FE8C
Authority key identifier: 6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/sTPvAVkk0lzn1aqZTa0vE5URnXE.roa
Signing time: Tue 23 Dec 2025 10:45:27 +0000
ROA not before: Tue 23 Dec 2025 10:45:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56730
IP address blocks: 2a03:b980::/32 maxlen: 32
2a03:b980:200::/40 maxlen: 40
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:4a:d0:5b:77:75:18:5e:27:aa:9f:ec:ee:b3:13:fe:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e4067d77bfea99df25ce5e08a9213d1128014cf
Validity
Not Before: Dec 23 10:45:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b133ef015924d25ce7d5aa994dad2f1395119d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:4f:d9:df:16:e2:5f:e2:26:d4:2e:ee:fa:52:
f8:45:ad:90:01:03:d7:37:c3:88:09:e0:5b:de:59:
b2:76:2c:6b:6c:56:7c:d7:0d:cf:14:b1:89:cc:75:
7d:22:bf:9b:2f:b2:d0:ad:45:ed:ba:e6:5e:cd:49:
f7:94:78:2d:2b:2b:31:0b:4a:70:3e:e6:ee:0d:24:
85:b8:e6:a2:53:6e:44:b3:34:a0:5b:cc:c6:2c:52:
b8:d6:e4:c9:71:84:a1:ff:95:98:cf:97:b5:f5:5f:
3f:e4:2d:3d:3f:b2:f2:2b:6e:3a:77:18:7f:04:0a:
4b:ad:c5:84:5c:f6:61:8e:ce:d0:60:07:d4:eb:8a:
c5:2a:cf:fa:25:ab:3f:ca:66:9a:c4:c6:e5:41:95:
3d:a6:56:47:22:15:07:e3:8d:aa:cd:32:ac:96:1f:
99:87:dc:d1:16:28:08:30:1a:da:ed:eb:df:67:b5:
53:86:11:50:85:b3:e3:b0:6c:01:19:72:74:2f:42:
ac:be:d9:19:00:75:bc:f0:5a:30:3b:a5:3e:ce:32:
13:d9:94:9c:69:96:95:d2:aa:20:38:79:08:28:b0:
23:11:59:99:71:5b:2a:30:70:74:c4:66:52:f9:1f:
51:60:2a:b2:8e:b8:b7:b4:54:1a:1e:a5:77:50:3a:
ff:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:33:EF:01:59:24:D2:5C:E7:D5:AA:99:4D:AD:2F:13:95:11:9D:71
X509v3 Authority Key Identifier:
keyid:6E:40:67:D7:7B:FE:A9:9D:F2:5C:E5:E0:8A:92:13:D1:12:80:14:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkBn13v-qZ3yXOXgipIT0RKAFM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/sTPvAVkk0lzn1aqZTa0vE5URnXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/589eca-3f19-4e23-a3fb-3303f71622f9/1/bkBn13v-qZ3yXOXgipIT0RKAFM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:b980::/32
Signature Algorithm: sha256WithRSAEncryption
01:c0:33:27:5a:13:59:7c:9b:dc:29:ee:f1:a7:11:c1:0f:44:
57:b9:59:8c:9a:8a:c6:29:eb:44:9c:98:8d:d7:65:73:9a:96:
20:cf:5f:ac:31:da:18:ee:fe:d6:98:98:cf:88:f1:7d:88:89:
b4:79:b5:0b:36:33:5c:ad:ef:b8:58:ad:0d:76:98:a5:b4:c6:
1f:49:c1:62:54:33:fa:8d:81:80:d5:3d:5d:ed:47:6a:e3:4f:
94:6c:5f:46:4e:14:c0:91:2c:49:c1:b3:ae:63:88:c9:89:6b:
bf:e8:54:6d:ec:b0:e9:b5:ef:36:15:15:37:8b:6d:55:d7:b5:
1e:84:a7:58:8c:91:14:00:82:02:1f:58:ff:c6:c7:66:d4:15:
e1:6a:e9:07:32:5f:04:0a:58:83:31:7e:71:59:22:db:21:96:
b5:10:58:23:28:8c:a7:23:59:b0:30:52:38:d5:53:2a:de:a0:
d1:6e:5b:67:e5:33:36:de:03:8a:01:f1:66:0d:42:da:94:bd:
fb:22:67:fd:1a:16:c0:1f:ac:74:34:15:ee:96:55:0b:00:84:
c1:cb:06:6c:4e:bf:b3:ac:bf:af:47:80:06:d3:be:3f:6d:12:
99:10:bd:2d:2c:f9:ac:92:85:cf:8d:76:80:23:a9:d4:ac:5d:
e4:a2:f4:ea
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZtK0Ft3dRheJ6qf7O6zE/6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNDA2N2Q3N2JmZWE5OWRmMjVjZTVlMDhhOTIxM2QxMTI4
MDE0Y2YwHhcNMjUxMjIzMTA0NTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTMzZWYwMTU5MjRkMjVjZTdkNWFhOTk0ZGFkMmYxMzk1MTE5ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqU/Z3xbiX+Im1C7u+lL4Ra2QAQPX
N8OICeBb3lmydixrbFZ81w3PFLGJzHV9Ir+bL7LQrUXtuuZezUn3lHgtKysxC0pw
PubuDSSFuOaiU25EszSgW8zGLFK41uTJcYSh/5WYz5e19V8/5C09P7LyK246dxh/
BApLrcWEXPZhjs7QYAfU64rFKs/6Jas/ymaaxMblQZU9plZHIhUH442qzTKslh+Z
h9zRFigIMBra7evfZ7VThhFQhbPjsGwBGXJ0L0KsvtkZAHW88FowO6U+zjIT2ZSc
aZaV0qogOHkIKLAjEVmZcVsqMHB0xGZS+R9RYCqyjri3tFQaHqV3UDr/dwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFLEz7wFZJNJc59WqmU2tLxOVEZ1xMB8GA1UdIwQY
MBaAFG5AZ9d7/qmd8lzl4IqSE9ESgBTPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmIt
MzMwM2Y3MTYyMmY5LzEvc1RQdkFWa2swbHpuMWFxWlRhMHZFNVVSblhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ODllY2EtM2YxOS00ZTIzLWEzZmItMzMwM2Y3MTYyMmY5
LzEvYmtCbjEzdi1xWjN5WE9YZ2lwSVQwUktBRk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgO5gDAN
BgkqhkiG9w0BAQsFAAOCAQEAAcAzJ1oTWXyb3Cnu8acRwQ9EV7lZjJqKxinrRJyY
jddlc5qWIM9frDHaGO7+1piYz4jxfYiJtHm1CzYzXK3vuFitDXaYpbTGH0nBYlQz
+o2BgNU9Xe1HauNPlGxfRk4UwJEsScGzrmOIyYlrv+hUbeyw6bXvNhUVN4ttVde1
HoSnWIyRFACCAh9Y/8bHZtQV4WrpBzJfBApYgzF+cVki2yGWtRBYIyiMpyNZsDBS
ONVTKt6g0W5bZ+UzNt4DigHxZg1C2pS9+yJn/RoWwB+sdDQV7pZVCwCEwcsGbE6/
s6y/r0eABtO+P20SmRC9LSz5rJKFz412gCOp1Kxd5KL06g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:35:17 2026 by rpki-client