Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/n8LqCvorC98jqc3-1tqgY91YTtU.roa
File: n8LqCvorC98jqc3-1tqgY91YTtU.roa (raw, json)
Hash identifier: mKJ9jeuBdJ+ahfwOoLk9MdiLITGIeNZD3t+9U5uOPq0=
Subject key identifier: 9F:C2:EA:0A:FA:2B:0B:DF:23:A9:CD:FE:D6:DA:A0:63:DD:58:4E:D5
Certificate issuer: /CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Certificate serial: 019B7F14DFA622C56DBBC08DE3A7B9BAA800
Authority key identifier: 12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/n8LqCvorC98jqc3-1tqgY91YTtU.roa
Signing time: Fri 02 Jan 2026 14:20:32 +0000
ROA not before: Fri 02 Jan 2026 14:20:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59791
IP address blocks: 185.67.200.0/22 maxlen: 24
185.88.148.0/22 maxlen: 22
2a05:1180::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:14:df:a6:22:c5:6d:bb:c0:8d:e3:a7:b9:ba:a8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1230cd8e13c86d8ef835c1aac7d5f953455c035c
Validity
Not Before: Jan 2 14:20:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9fc2ea0afa2b0bdf23a9cdfed6daa063dd584ed5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5a:3c:b6:96:5b:52:c9:66:78:54:7e:68:3b:
fe:fe:59:fd:70:ed:43:e4:e2:92:da:e3:75:74:cc:
03:a5:60:65:e8:dd:83:27:3d:25:88:29:f2:59:e0:
8f:4b:26:32:94:7b:18:ac:34:ac:89:6c:1e:63:25:
a4:44:71:2c:f7:39:35:ed:f4:92:4d:23:20:55:5b:
c9:cc:61:d4:09:35:13:41:8f:98:9d:ba:ce:48:95:
80:bf:c5:c0:d0:c8:87:8b:b3:6d:2c:32:ed:05:e1:
70:a9:1c:7f:17:79:48:c7:4a:c2:d7:fe:10:1d:56:
be:72:f5:b2:89:78:c4:02:75:c9:42:0c:57:01:a0:
c6:a2:ae:18:a0:0a:52:58:79:8a:bb:cf:07:f1:fc:
0f:e8:10:27:e9:c6:d9:c7:9c:9f:0c:bf:09:ef:3c:
3d:36:04:29:d6:77:ab:53:c4:e4:86:3f:e2:32:83:
b4:17:88:56:9e:28:f3:9e:9c:34:e9:2c:17:b3:4b:
12:54:85:fd:bb:57:61:a8:36:e4:19:eb:ae:b1:41:
d2:c5:63:62:53:19:8e:a5:3a:aa:7c:c6:16:c7:42:
fe:d0:b2:46:77:7b:22:3c:22:cd:c8:85:1b:10:52:
51:c3:71:d1:1e:fe:d6:17:bf:69:3f:74:49:ee:9c:
16:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C2:EA:0A:FA:2B:0B:DF:23:A9:CD:FE:D6:DA:A0:63:DD:58:4E:D5
X509v3 Authority Key Identifier:
keyid:12:30:CD:8E:13:C8:6D:8E:F8:35:C1:AA:C7:D5:F9:53:45:5C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EjDNjhPIbY74NcGqx9X5U0VcA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/n8LqCvorC98jqc3-1tqgY91YTtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d1f390-4ec5-4c42-8e54-01fb46a433e1/1/EjDNjhPIbY74NcGqx9X5U0VcA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.200.0/22
185.88.148.0/22
IPv6:
2a05:1180::/29
Signature Algorithm: sha256WithRSAEncryption
52:14:84:2e:fa:ed:8a:a7:89:7b:6f:e3:06:b2:b9:20:ab:0e:
51:88:62:4e:95:b7:13:3b:ad:8d:cb:59:88:96:67:18:7f:85:
c1:d3:a0:ef:9c:f5:14:bd:ac:c7:92:a2:ed:bb:45:37:74:bc:
d8:36:73:ce:81:56:a9:06:10:ee:f5:f5:1f:bd:e0:59:17:d5:
3c:8e:15:43:fb:88:43:71:ff:c1:b2:01:20:fe:ca:7b:01:bc:
1c:83:f1:57:e5:0c:b7:ed:f2:46:87:d4:19:2d:c2:ef:95:e2:
d5:cb:8a:45:40:28:6e:77:15:86:2c:9e:cb:6e:38:4b:48:22:
56:4b:84:62:af:8c:66:df:6c:27:ac:5f:26:3d:88:da:ec:ce:
52:1a:aa:65:07:50:b2:df:bc:52:c6:e9:f3:47:22:2b:09:99:
31:a5:a2:02:92:9b:3f:75:bb:e5:fe:c3:44:54:e7:00:67:cf:
e2:54:1a:c1:a4:10:7a:9f:71:81:26:f4:48:1e:1c:b6:bd:90:
f9:a9:85:1c:1f:ca:1a:1c:42:0f:8d:e6:ff:e1:44:c0:8b:7f:
54:60:92:24:df:d6:30:f1:95:f2:a5:a7:90:c4:30:c0:d4:36:
4a:02:78:b5:30:8f:c8:d3:de:2f:5c:31:f9:e6:6f:df:ec:7d:
d3:3c:8f:fa
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt/FN+mIsVtu8CN46e5uqgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMzBjZDhlMTNjODZkOGVmODM1YzFhYWM3ZDVmOTUzNDU1
YzAzNWMwHhcNMjYwMTAyMTQyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmMyZWEwYWZhMmIwYmRmMjNhOWNkZmVkNmRhYTA2M2RkNTg0ZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulo8tpZbUslmeFR+aDv+/ln9cO1D
5OKS2uN1dMwDpWBl6N2DJz0liCnyWeCPSyYylHsYrDSsiWweYyWkRHEs9zk17fSS
TSMgVVvJzGHUCTUTQY+YnbrOSJWAv8XA0MiHi7NtLDLtBeFwqRx/F3lIx0rC1/4Q
HVa+cvWyiXjEAnXJQgxXAaDGoq4YoApSWHmKu88H8fwP6BAn6cbZx5yfDL8J7zw9
NgQp1nerU8Tkhj/iMoO0F4hWnijznpw06SwXs0sSVIX9u1dhqDbkGeuusUHSxWNi
UxmOpTqqfMYWx0L+0LJGd3siPCLNyIUbEFJRw3HRHv7WF79pP3RJ7pwW/wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ/C6gr6KwvfI6nN/tbaoGPdWE7VMB8GA1UdIwQY
MBaAFBIwzY4TyG2O+DXBqsfV+VNFXANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQt
MDFmYjQ2YTQzM2UxLzEvbjhMcUN2b3JDOThqcWMzLTF0cWdZOTFZVHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMWYzOTAtNGVjNS00YzQyLThlNTQtMDFmYjQ2YTQzM2Ux
LzEvRWpETmpoUEliWTc0TmNHcXg5WDVVMFZjQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUPIAwQC
uViUMA0EAgACMAcDBQMqBRGAMA0GCSqGSIb3DQEBCwUAA4IBAQBSFIQu+u2Kp4l7
b+MGsrkgqw5RiGJOlbcTO62Ny1mIlmcYf4XB06DvnPUUvazHkqLtu0U3dLzYNnPO
gVapBhDu9fUfveBZF9U8jhVD+4hDcf/BsgEg/sp7Abwcg/FX5Qy37fJGh9QZLcLv
leLVy4pFQChudxWGLJ7LbjhLSCJWS4Rir4xm32wnrF8mPYja7M5SGqplB1Cy37xS
xunzRyIrCZkxpaICkps/dbvl/sNEVOcAZ8/iVBrBpBB6n3GBJvRIHhy2vZD5qYUc
H8oaHEIPjeb/4UTAi39UYJIk39Yw8ZXypaeQxDDA1DZKAni1MI/I094vXDH55m/f
7H3TPI/6
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:46:22 2026 by rpki-client