Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/a86a91-6356-4c2c-9f8f-de4accb00dd7/1/PkJTBO7wAnRCyh-vwqCDXNy-gFM.roa
File: PkJTBO7wAnRCyh-vwqCDXNy-gFM.roa (raw, json)
Hash identifier: iNQh9da8Mf0jJApFS7MUlJZ0wObSIxlPlUsOHw90jNg=
Subject key identifier: 3E:42:53:04:EE:F0:02:74:42:CA:1F:AF:C2:A0:83:5C:DC:BE:80:53
Certificate issuer: /CN=9759529dd3170645d76cf6ac0659506cc649ca90
Certificate serial: 019B79106A86B11FC48AEA595059FCECFAB4
Authority key identifier: 97:59:52:9D:D3:17:06:45:D7:6C:F6:AC:06:59:50:6C:C6:49:CA:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l1lSndMXBkXXbPasBllQbMZJypA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/a86a91-6356-4c2c-9f8f-de4accb00dd7/1/PkJTBO7wAnRCyh-vwqCDXNy-gFM.roa
Signing time: Thu 01 Jan 2026 10:17:57 +0000
ROA not before: Thu 01 Jan 2026 10:17:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197749
IP address blocks: 185.169.27.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:10:6a:86:b1:1f:c4:8a:ea:59:50:59:fc:ec:fa:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9759529dd3170645d76cf6ac0659506cc649ca90
Validity
Not Before: Jan 1 10:17:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3e425304eef0027442ca1fafc2a0835cdcbe8053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:70:bd:a6:e3:3a:03:68:9d:86:cb:29:f6:
2f:42:df:94:44:56:27:97:6b:3a:db:cb:50:a4:e8:
77:cb:41:94:c0:fc:6a:45:db:95:67:e7:75:fa:1f:
52:6a:0a:f8:92:42:04:d8:2f:53:f2:69:8f:7b:3a:
47:b9:88:b7:38:69:60:a4:82:d7:74:9d:82:b1:6e:
58:5c:dd:3a:dc:af:2c:a7:17:43:a5:cf:00:76:e2:
30:4a:24:d9:a5:fd:80:5e:ca:4b:be:7b:52:00:b7:
a3:31:b6:fb:6c:28:8d:87:c1:21:ad:02:3e:6f:ec:
f4:3a:e0:3f:52:60:38:c1:28:4f:2e:41:18:19:e6:
29:a2:9d:3e:8c:cb:1d:e2:e9:e6:bf:5e:a9:f6:31:
e0:0e:ab:05:5b:13:d1:7b:49:d5:b9:f7:2c:31:22:
a7:24:57:9d:f5:3f:06:63:d2:3a:a4:2d:c6:10:e0:
1e:06:ac:ce:9f:28:6f:87:44:10:ad:15:eb:17:17:
7f:95:90:4f:02:09:59:8b:34:66:32:96:59:5b:ac:
b4:3b:21:10:87:71:66:a3:d5:8a:57:12:92:50:53:
4e:d8:61:86:e6:e6:96:83:41:85:15:8d:fb:6c:7d:
ba:bb:e4:2a:7e:76:36:1f:e3:2d:b5:4a:23:34:98:
fc:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:42:53:04:EE:F0:02:74:42:CA:1F:AF:C2:A0:83:5C:DC:BE:80:53
X509v3 Authority Key Identifier:
keyid:97:59:52:9D:D3:17:06:45:D7:6C:F6:AC:06:59:50:6C:C6:49:CA:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l1lSndMXBkXXbPasBllQbMZJypA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a86a91-6356-4c2c-9f8f-de4accb00dd7/1/PkJTBO7wAnRCyh-vwqCDXNy-gFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/a86a91-6356-4c2c-9f8f-de4accb00dd7/1/l1lSndMXBkXXbPasBllQbMZJypA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.27.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e4:68:1e:dd:65:bb:55:e6:cc:91:e4:05:1f:aa:b6:b5:7e:
4f:9f:cb:46:c5:3f:43:f1:06:68:20:7b:20:3d:af:5b:4d:fa:
f3:62:76:5f:25:30:b4:91:2e:cd:e2:8c:54:b7:23:a2:61:f9:
d3:94:c4:0d:51:37:a2:c6:0f:52:97:ef:c8:27:cf:d8:39:3b:
27:de:5b:09:16:4d:fb:7c:f9:13:6a:07:a9:0b:95:f3:6b:be:
aa:78:11:aa:58:0b:26:65:27:be:88:32:cc:80:25:7b:1a:b2:
7b:5d:ba:34:41:21:9e:37:be:ed:28:5f:3a:a0:b2:81:40:13:
81:63:e0:16:80:65:3b:23:76:61:d1:ba:da:fb:6d:03:f6:f5:
7d:f5:e9:4b:40:9d:5f:60:2d:c7:7d:86:4e:92:e4:15:e7:5d:
42:9d:56:23:a3:20:e5:d3:71:40:f7:06:72:f1:28:19:fd:f0:
05:7a:7e:2d:b2:95:b9:27:e8:cf:3e:d7:0f:25:27:7a:21:cb:
ab:fa:fb:05:8f:fb:25:25:3e:1a:25:12:8e:80:4e:f5:0b:e6:
71:98:96:e5:e1:bb:81:32:a9:18:ce:8d:0d:cd:33:8a:4c:d9:
17:47:e2:7c:93:4f:8b:11:25:6e:d4:0f:5d:78:72:62:5d:af:
f5:5d:65:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt5EGqGsR/EiupZUFn87Pq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NTk1MjlkZDMxNzA2NDVkNzZjZjZhYzA2NTk1MDZjYzY0
OWNhOTAwHhcNMjYwMTAxMTAxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQyNTMwNGVlZjAwMjc0NDJjYTFmYWZjMmEwODM1Y2RjYmU4MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCJwvabjOgNonYbLKfYvQt+URFYn
l2s628tQpOh3y0GUwPxqRduVZ+d1+h9Sagr4kkIE2C9T8mmPezpHuYi3OGlgpILX
dJ2CsW5YXN063K8spxdDpc8AduIwSiTZpf2AXspLvntSALejMbb7bCiNh8EhrQI+
b+z0OuA/UmA4wShPLkEYGeYpop0+jMsd4unmv16p9jHgDqsFWxPRe0nVufcsMSKn
JFed9T8GY9I6pC3GEOAeBqzOnyhvh0QQrRXrFxd/lZBPAglZizRmMpZZW6y0OyEQ
h3Fmo9WKVxKSUFNO2GGG5uaWg0GFFY37bH26u+QqfnY2H+MttUojNJj8EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD5CUwTu8AJ0Qsofr8Kgg1zcvoBTMB8GA1UdIwQY
MBaAFJdZUp3TFwZF12z2rAZZUGzGScqQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDFsU25kTVhCa1hYYlBhc0JsbFFiTVpKeXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9hODZhOTEtNjM1Ni00YzJjLTlmOGYt
ZGU0YWNjYjAwZGQ3LzEvUGtKVEJPN3dBblJDeWgtdndxQ0RYTnktZ0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9hODZhOTEtNjM1Ni00YzJjLTlmOGYtZGU0YWNjYjAwZGQ3
LzEvbDFsU25kTVhCa1hYYlBhc0JsbFFiTVpKeXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuakbMA0G
CSqGSIb3DQEBCwUAA4IBAQBr5Gge3WW7VebMkeQFH6q2tX5Pn8tGxT9D8QZoIHsg
Pa9bTfrzYnZfJTC0kS7N4oxUtyOiYfnTlMQNUTeixg9Sl+/IJ8/YOTsn3lsJFk37
fPkTagepC5Xza76qeBGqWAsmZSe+iDLMgCV7GrJ7Xbo0QSGeN77tKF86oLKBQBOB
Y+AWgGU7I3Zh0bra+20D9vV99elLQJ1fYC3HfYZOkuQV511CnVYjoyDl03FA9wZy
8SgZ/fAFen4tspW5J+jPPtcPJSd6Icur+vsFj/slJT4aJRKOgE71C+ZxmJbl4buB
MqkYzo0NzTOKTNkXR+J8k0+LESVu1A9deHJiXa/1XWUx
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:01:55 2026 by rpki-client