Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/pcZjrVkTsvtb8tsQk2phvquMKWo.roa
File: pcZjrVkTsvtb8tsQk2phvquMKWo.roa (raw, json)
Hash identifier: MXWnpVcVVhwCOIu7cPAj2I88xk3BU47ZU2R9eknG7Eg=
Subject key identifier: A5:C6:63:AD:59:13:B2:FB:5B:F2:DB:10:93:6A:61:BE:AB:8C:29:6A
Certificate issuer: /CN=0dd6efbe54671d71a59051e29a2448cd6af8d467
Certificate serial: 019B7E38343054F528E3DA0D0CDF0F0F1A07
Authority key identifier: 0D:D6:EF:BE:54:67:1D:71:A5:90:51:E2:9A:24:48:CD:6A:F8:D4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdbvvlRnHXGlkFHimiRIzWr41Gc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/pcZjrVkTsvtb8tsQk2phvquMKWo.roa
Signing time: Fri 02 Jan 2026 10:19:31 +0000
ROA not before: Fri 02 Jan 2026 10:19:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42888
IP address blocks: 195.130.193.0/24 maxlen: 24
2001:67c:2144::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:38:34:30:54:f5:28:e3:da:0d:0c:df:0f:0f:1a:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd6efbe54671d71a59051e29a2448cd6af8d467
Validity
Not Before: Jan 2 10:19:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a5c663ad5913b2fb5bf2db10936a61beab8c296a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:ac:fd:55:c5:83:23:5a:47:4b:a5:ee:ae:
94:07:47:6a:b0:16:b1:78:9f:dd:34:7b:17:d3:8a:
f1:34:9c:17:f4:d4:00:89:d6:39:5c:6d:02:bb:76:
8b:7b:b7:43:21:1e:f8:d9:c6:ed:46:e7:0a:e9:b5:
2e:65:84:1c:66:f5:c9:1d:6d:74:fa:fc:be:4e:99:
11:8f:02:42:62:99:b8:3c:e4:ec:80:9c:0b:51:71:
27:43:7f:f2:c5:e4:1f:d2:dd:87:6c:28:25:24:95:
9f:97:87:45:5b:8a:4a:64:d9:f4:43:f7:23:f4:d6:
3a:dd:ff:a1:e4:c5:4a:00:e0:81:6a:2d:35:f3:99:
1a:9e:7f:77:29:df:eb:54:86:c3:f7:f0:c6:95:f3:
31:be:e7:97:82:60:c8:2b:1d:c3:50:6c:20:c4:8b:
e0:9a:88:37:64:4b:3d:a3:e6:c3:5f:5c:42:ba:6a:
37:fe:2d:f5:a2:53:cd:1e:ed:d5:29:71:e7:da:6f:
1f:75:11:83:d4:de:37:ec:01:fc:01:41:82:d7:cb:
e8:15:17:5d:77:5f:f0:b0:46:89:ed:6e:0a:26:3f:
93:dc:f1:f3:37:45:7f:88:50:f6:5f:a2:c4:9c:bf:
77:93:f6:3c:0a:50:d3:aa:eb:d5:3c:10:93:e3:da:
aa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:C6:63:AD:59:13:B2:FB:5B:F2:DB:10:93:6A:61:BE:AB:8C:29:6A
X509v3 Authority Key Identifier:
keyid:0D:D6:EF:BE:54:67:1D:71:A5:90:51:E2:9A:24:48:CD:6A:F8:D4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdbvvlRnHXGlkFHimiRIzWr41Gc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/pcZjrVkTsvtb8tsQk2phvquMKWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/3ea478-a503-47d3-88f5-49be8d90f59e/1/DdbvvlRnHXGlkFHimiRIzWr41Gc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.193.0/24
IPv6:
2001:67c:2144::/48
Signature Algorithm: sha256WithRSAEncryption
86:7a:7e:84:10:1e:04:5a:52:ab:95:89:bd:84:d3:e7:ad:57:
17:2e:54:0e:10:66:73:ee:1f:d4:de:ce:3a:a1:7e:6d:f4:cd:
38:6e:ce:31:97:79:07:fc:e3:53:88:bb:e7:8e:44:9c:1f:23:
7f:f2:4f:af:4f:0d:49:d4:9e:13:50:4e:19:0d:22:81:d6:30:
46:23:3c:a4:bd:26:62:a2:e5:2f:16:dd:bd:e5:52:1b:6d:c8:
61:2d:e1:fd:40:d7:3e:4a:ab:b7:87:df:01:1a:e5:31:f3:f9:
40:9b:98:05:24:f0:ec:5b:c2:2f:77:7c:ea:c6:82:3e:50:d7:
59:01:24:f0:14:ad:22:ae:7d:f3:ff:4f:d8:b9:70:78:90:c3:
35:b2:74:67:78:f9:00:b3:d0:cc:ec:61:a5:ca:ba:89:11:c7:
94:dc:1b:7b:df:a6:ca:e9:9f:76:ee:2f:37:bc:c1:c2:d7:08:
0c:de:24:d2:9e:58:28:60:18:38:fd:53:bc:46:69:ac:bf:70:
f0:d0:fe:79:94:1a:99:8a:d7:13:31:ad:a2:92:c3:f7:73:6f:
dc:29:35:87:97:02:9f:a8:0c:97:b5:4a:a9:fc:b9:72:d2:ab:
ba:c8:a1:8d:0f:51:9e:4f:24:1d:4b:6d:88:9b:b5:53:cc:ec:
dd:6a:44:ef
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZt+ODQwVPUo49oNDN8PDxoHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDZlZmJlNTQ2NzFkNzFhNTkwNTFlMjlhMjQ0OGNkNmFm
OGQ0NjcwHhcNMjYwMTAyMTAxOTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWM2NjNhZDU5MTNiMmZiNWJmMmRiMTA5MzZhNjFiZWFiOGMyOTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1F+s/VXFgyNaR0ul7q6UB0dqsBax
eJ/dNHsX04rxNJwX9NQAidY5XG0Cu3aLe7dDIR742cbtRucK6bUuZYQcZvXJHW10
+vy+TpkRjwJCYpm4POTsgJwLUXEnQ3/yxeQf0t2HbCglJJWfl4dFW4pKZNn0Q/cj
9NY63f+h5MVKAOCBai0185kann93Kd/rVIbD9/DGlfMxvueXgmDIKx3DUGwgxIvg
mog3ZEs9o+bDX1xCumo3/i31olPNHu3VKXHn2m8fdRGD1N437AH8AUGC18voFRdd
d1/wsEaJ7W4KJj+T3PHzN0V/iFD2X6LEnL93k/Y8ClDTquvVPBCT49qqLQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKXGY61ZE7L7W/LbEJNqYb6rjClqMB8GA1UdIwQY
MBaAFA3W775UZx1xpZBR4pokSM1q+NRnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRidnZsUm5IWEdsa0ZIaW1pUkl6V3I0MUdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zZWE0NzgtYTUwMy00N2QzLTg4ZjUt
NDliZThkOTBmNTllLzEvcGNaanJWa1RzdnRiOHRzUWsycGh2cXVNS1dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zZWE0NzgtYTUwMy00N2QzLTg4ZjUtNDliZThkOTBmNTll
LzEvRGRidnZsUm5IWEdsa0ZIaW1pUkl6V3I0MUdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4LBMA8E
AgACMAkDBwAgAQZ8IUQwDQYJKoZIhvcNAQELBQADggEBAIZ6foQQHgRaUquVib2E
0+etVxcuVA4QZnPuH9Tezjqhfm30zThuzjGXeQf841OIu+eORJwfI3/yT69PDUnU
nhNQThkNIoHWMEYjPKS9JmKi5S8W3b3lUhttyGEt4f1A1z5Kq7eH3wEa5THz+UCb
mAUk8Oxbwi93fOrGgj5Q11kBJPAUrSKuffP/T9i5cHiQwzWydGd4+QCz0MzsYaXK
uokRx5TcG3vfpsrpn3buLze8wcLXCAzeJNKeWChgGDj9U7xGaay/cPDQ/nmUGpmK
1xMxraKSw/dzb9wpNYeXAp+oDJe1Sqn8uXLSq7rIoY0PUZ5PJB1LbYibtVPM7N1q
RO8=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:35:13 2026 by rpki-client