Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/bHkSFgFlWJAc1rsdZHUxChWDAi0.roa
File: bHkSFgFlWJAc1rsdZHUxChWDAi0.roa (raw, json)
Hash identifier: 2jHkMN4ivMz7AdCSyLIw1yyw40GfMM4OcS+Uf+mUQtc=
Subject key identifier: 6C:79:12:16:01:65:58:90:1C:D6:BB:1D:64:75:31:0A:15:83:02:2D
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 019B7F14DF26F6AF8A2813DFFBA9D54AA7B5
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/bHkSFgFlWJAc1rsdZHUxChWDAi0.roa
Signing time: Fri 02 Jan 2026 14:20:32 +0000
ROA not before: Fri 02 Jan 2026 14:20:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20857
IP address blocks: 185.88.148.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:14:df:26:f6:af:8a:28:13:df:fb:a9:d5:4a:a7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 2 14:20:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6c791216016558901cd6bb1d6475310a1583022d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:87:12:b4:56:e1:ab:17:2f:91:d3:e0:fc:
ec:61:94:f3:56:65:77:da:2f:dd:36:6c:99:be:e8:
c4:27:4a:86:34:ae:2c:2b:34:62:db:b9:4f:87:22:
24:3d:a7:7d:fc:15:91:64:9f:1b:55:36:c8:3d:6d:
41:fb:d6:2f:7c:ca:d6:1a:68:1e:72:e5:66:1c:23:
dc:5b:10:b6:ef:6f:e9:53:42:92:de:75:92:37:91:
3b:78:ae:a4:51:63:b5:a0:88:48:74:48:8b:b2:46:
36:37:81:4b:18:70:95:cb:fa:73:d2:87:79:44:90:
48:e2:17:36:63:0a:22:93:c1:ab:7b:0f:50:eb:4b:
11:94:3d:aa:ac:84:cc:df:e6:ad:c7:4a:52:2f:92:
c4:c5:98:4e:0f:e2:8d:f2:32:7a:e9:4c:55:e1:5b:
2e:c5:bd:f5:69:e3:98:69:20:f4:d0:b3:60:47:4d:
e4:90:7f:b1:ae:2c:94:20:09:49:0e:21:a9:9d:b0:
00:79:dc:79:c2:29:64:4a:0c:04:74:f0:5d:2d:65:
69:da:b7:86:ce:cd:2a:96:74:98:ca:db:39:7b:dd:
f9:82:dd:90:90:03:06:61:b3:2b:4e:27:99:01:d2:
36:30:42:02:cb:66:45:65:47:fb:fd:46:40:e7:22:
e8:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:79:12:16:01:65:58:90:1C:D6:BB:1D:64:75:31:0A:15:83:02:2D
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/bHkSFgFlWJAc1rsdZHUxChWDAi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.148.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:9f:84:4b:1b:8a:a1:d9:55:d8:f4:9b:9f:a7:78:a2:34:15:
bc:7c:ac:0f:2e:eb:a7:31:62:7a:69:36:5e:46:d1:a6:06:d5:
5a:23:ec:f5:15:66:b2:d7:84:e8:71:a7:49:59:a8:6a:3f:df:
2a:76:6d:a4:d5:e7:6e:54:67:66:76:8e:b6:48:0e:14:89:e1:
ae:dd:a1:2e:9b:0b:a5:58:de:19:56:38:f6:08:f2:9b:c9:5c:
63:97:6f:08:38:2d:f1:1f:42:ba:6f:e1:b8:cc:d6:a7:09:b8:
a2:ba:cc:a5:7f:57:6e:b0:e7:f0:98:2f:ee:ae:ab:e8:61:1f:
71:d5:7c:96:e4:cd:42:cc:9c:01:21:8e:b9:92:83:7c:2e:30:
46:38:f5:33:d3:8d:36:40:50:6b:37:78:29:bc:68:90:cb:3f:
00:20:ae:63:e5:37:d7:ab:5d:cc:cd:b1:c8:60:66:93:92:9a:
12:f7:71:c2:79:37:49:a1:30:dc:38:38:75:88:95:60:83:f5:
06:fb:dc:b8:c0:d1:1e:79:01:66:36:6c:98:36:83:cf:2a:a8:
8c:05:c2:ad:66:ca:60:84:2a:64:10:78:90:6b:91:2c:de:44:
31:bd:1c:65:bd:d0:ac:5f:bc:3a:52:88:e6:c0:68:4e:53:54:
43:2b:5e:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FN8m9q+KKBPf+6nVSqe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjYwMTAyMTQyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc5MTIxNjAxNjU1ODkwMWNkNmJiMWQ2NDc1MzEwYTE1ODMwMjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotGHErRW4asXL5HT4PzsYZTzVmV3
2i/dNmyZvujEJ0qGNK4sKzRi27lPhyIkPad9/BWRZJ8bVTbIPW1B+9YvfMrWGmge
cuVmHCPcWxC272/pU0KS3nWSN5E7eK6kUWO1oIhIdEiLskY2N4FLGHCVy/pz0od5
RJBI4hc2Ywoik8Grew9Q60sRlD2qrITM3+atx0pSL5LExZhOD+KN8jJ66UxV4Vsu
xb31aeOYaSD00LNgR03kkH+xriyUIAlJDiGpnbAAedx5wilkSgwEdPBdLWVp2reG
zs0qlnSYyts5e935gt2QkAMGYbMrTieZAdI2MEICy2ZFZUf7/UZA5yLo6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGx5EhYBZViQHNa7HWR1MQoVgwItMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvYkhrU0ZnRmxXSkFjMXJzZFpIVXhDaFdEQWkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuViUMA0G
CSqGSIb3DQEBCwUAA4IBAQBOn4RLG4qh2VXY9Jufp3iiNBW8fKwPLuunMWJ6aTZe
RtGmBtVaI+z1FWay14TocadJWahqP98qdm2k1eduVGdmdo62SA4UieGu3aEumwul
WN4ZVjj2CPKbyVxjl28IOC3xH0K6b+G4zNanCbiiusylf1dusOfwmC/urqvoYR9x
1XyW5M1CzJwBIY65koN8LjBGOPUz0402QFBrN3gpvGiQyz8AIK5j5TfXq13MzbHI
YGaTkpoS93HCeTdJoTDcODh1iJVgg/UG+9y4wNEeeQFmNmyYNoPPKqiMBcKtZspg
hCpkEHiQa5Es3kQxvRxlvdCsX7w6UojmwGhOU1RDK15A
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:04:12 2026 by rpki-client