Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/1-95ydDTsTiK6J12oExwQqAceXhA.roa
File: 1-95ydDTsTiK6J12oExwQqAceXhA.roa (raw, json)
Hash identifier: WuOwxJ8SRr9ujpl7cP/Jfh9pKVcexkKqJDvhTMB+dag=
Subject key identifier: FB:DE:72:74:34:EC:4E:22:BA:27:5D:A8:13:1C:10:A8:07:1E:5E:10
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 019B7F14DF571A5FBD5F1088799361A9E4C9
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/1-95ydDTsTiK6J12oExwQqAceXhA.roa
Signing time: Fri 02 Jan 2026 14:20:32 +0000
ROA not before: Fri 02 Jan 2026 14:20:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43366
IP address blocks: 185.67.200.0/22 maxlen: 24
185.88.148.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:14:df:57:1a:5f:bd:5f:10:88:79:93:61:a9:e4:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 2 14:20:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbde727434ec4e22ba275da8131c10a8071e5e10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:46:4c:e1:98:9f:59:87:92:01:97:c1:a6:42:
1b:7e:6f:a6:80:a2:68:f7:94:f2:bf:26:ed:37:33:
9d:a9:1b:75:5c:a5:5f:8d:ef:79:c8:c6:dd:41:1a:
66:84:c5:8d:28:18:eb:81:78:ac:de:2c:ca:f5:37:
94:d5:11:6a:e1:93:ba:a3:02:85:49:8d:e1:2c:0d:
82:c2:a7:24:5f:56:60:83:3e:80:63:56:03:52:32:
5f:ae:92:6f:91:ed:99:da:14:fb:2c:5f:0d:1c:6f:
14:66:48:a3:2d:f4:97:b4:5c:b5:b3:f7:c7:39:82:
3b:64:cd:d5:8c:b0:6d:41:d5:47:48:9e:e9:32:1d:
54:19:02:94:52:3f:4a:e8:8a:b4:71:60:29:2e:0b:
ad:37:86:ea:1b:85:93:1c:37:46:d5:a2:64:9d:f9:
95:20:3b:f6:f9:29:0a:42:8e:68:37:eb:f3:14:38:
87:b2:1a:9d:bf:f7:ef:b6:62:21:10:b4:2f:95:8a:
e2:cb:d6:fa:9e:87:76:c5:9d:80:50:4f:e4:35:a3:
c0:5b:f2:30:41:c2:93:6b:3f:ba:ec:71:39:73:64:
53:1b:5e:1c:84:8e:eb:d5:0f:89:74:04:31:0f:f9:
e5:fa:52:7c:b4:5b:5d:e6:eb:6a:3b:23:64:8a:ee:
d7:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:DE:72:74:34:EC:4E:22:BA:27:5D:A8:13:1C:10:A8:07:1E:5E:10
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/1-95ydDTsTiK6J12oExwQqAceXhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.200.0/22
185.88.148.0/22
Signature Algorithm: sha256WithRSAEncryption
17:d3:67:d3:dd:fd:05:5d:6f:78:92:7f:5b:d4:ab:00:a3:1f:
3a:a3:3e:64:04:2b:e4:a2:cb:ce:51:1a:82:42:bc:15:71:2f:
1d:b4:7c:35:79:82:aa:40:64:04:86:a6:9c:06:9a:f6:b9:b0:
ff:eb:4b:54:13:77:53:8a:b2:b7:e8:a3:be:1b:75:5e:ce:62:
fd:6f:a7:da:18:46:47:1a:c3:eb:a3:5e:15:b9:6a:f3:46:bd:
fa:b1:5c:40:d1:d1:ec:27:80:3a:c7:ee:09:3b:8b:39:12:4c:
ab:1b:bd:3b:7c:d4:4c:de:19:43:86:bf:5b:72:97:ca:94:ac:
6e:e5:c6:d7:6a:ea:39:4d:d8:1c:a2:8d:79:58:84:03:e5:ca:
85:20:64:34:58:b8:a3:f7:c6:8c:55:82:9e:65:92:1c:73:4a:
10:e8:94:31:ac:2b:40:b8:5a:c1:15:40:53:85:8e:72:c7:be:
21:9b:3b:49:a2:27:2c:45:6c:f2:ef:37:a0:84:86:78:05:f3:
dd:67:b8:1a:69:b0:e8:d7:e4:e9:69:29:98:14:f2:59:ce:87:
12:a4:87:2b:75:d7:97:df:85:9c:8c:10:48:04:4e:30:54:e6:
af:44:e2:b7:ed:82:fa:84:58:3a:8f:5e:5b:b6:a5:9b:0f:93:
a0:f5:32:d5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZt/FN9XGl+9XxCIeZNhqeTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjYwMTAyMTQyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmRlNzI3NDM0ZWM0ZTIyYmEyNzVkYTgxMzFjMTBhODA3MWU1ZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkZM4ZifWYeSAZfBpkIbfm+mgKJo
95TyvybtNzOdqRt1XKVfje95yMbdQRpmhMWNKBjrgXis3izK9TeU1RFq4ZO6owKF
SY3hLA2CwqckX1Zggz6AY1YDUjJfrpJvke2Z2hT7LF8NHG8UZkijLfSXtFy1s/fH
OYI7ZM3VjLBtQdVHSJ7pMh1UGQKUUj9K6Iq0cWApLgutN4bqG4WTHDdG1aJknfmV
IDv2+SkKQo5oN+vzFDiHshqdv/fvtmIhELQvlYriy9b6nod2xZ2AUE/kNaPAW/Iw
QcKTaz+67HE5c2RTG14chI7r1Q+JdAQxD/nl+lJ8tFtd5utqOyNkiu7X3QIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPvecnQ07E4iuiddqBMcEKgHHl4QMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvMS05NXlkRFRzVGlLNkoxMm9FeHdRcUFjZVhoQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2QvZDFmMzkwLTRlYzUtNGM0Mi04ZTU0LTAxZmI0NmE0MzNl
MS8xL0VqRE5qaFBJYlk3NE5jR3F4OVg1VTBWY0Exdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlDyAME
ArlYlDANBgkqhkiG9w0BAQsFAAOCAQEAF9Nn0939BV1veJJ/W9SrAKMfOqM+ZAQr
5KLLzlEagkK8FXEvHbR8NXmCqkBkBIamnAaa9rmw/+tLVBN3U4qyt+ijvht1Xs5i
/W+n2hhGRxrD66NeFblq80a9+rFcQNHR7CeAOsfuCTuLORJMqxu9O3zUTN4ZQ4a/
W3KXypSsbuXG12rqOU3YHKKNeViEA+XKhSBkNFi4o/fGjFWCnmWSHHNKEOiUMawr
QLhawRVAU4WOcse+IZs7SaInLEVs8u83oISGeAXz3We4Gmmw6Nfk6WkpmBTyWc6H
EqSHK3XXl9+FnIwQSAROMFTmr0Tit+2C+oRYOo9eW7almw+ToPUy1Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:35:06 2026 by rpki-client