Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/SoCN3Fg8-orQ9skC1lFuOn3h9HI.roa
File: SoCN3Fg8-orQ9skC1lFuOn3h9HI.roa (raw, json)
Hash identifier: T5AOmb7BYQIRDh+ymKpum57eJBUjaOV7ER8KBIA+aoQ=
Subject key identifier: 4A:80:8D:DC:58:3C:FA:8A:D0:F6:C9:02:D6:51:6E:3A:7D:E1:F4:72
Certificate issuer: /CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Certificate serial: 019B7A5B06565660C1B6040F905FC219D8E0
Authority key identifier: 3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/SoCN3Fg8-orQ9skC1lFuOn3h9HI.roa
Signing time: Thu 01 Jan 2026 16:19:04 +0000
ROA not before: Thu 01 Jan 2026 16:19:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29010
IP address blocks: 185.193.144.0/22 maxlen: 24
195.39.222.0/23 maxlen: 24
2a01:a780::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5b:06:56:56:60:c1:b6:04:0f:90:5f:c2:19:d8:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d23758dfb6f1d43dcd64d0f0ab27ef715135952
Validity
Not Before: Jan 1 16:19:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4a808ddc583cfa8ad0f6c902d6516e3a7de1f472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4f:fa:1a:74:73:07:80:3a:d5:40:0d:0d:c5:
1b:8f:78:5b:38:44:14:35:42:0b:1d:e4:de:c4:1b:
b0:19:f0:04:3c:f2:1d:d1:89:70:01:0e:db:e0:64:
2c:41:bb:d6:15:4e:5e:eb:58:f7:50:2f:38:cb:e4:
9d:ac:4c:ff:d3:d1:e3:5e:33:d6:e6:cd:f0:60:d9:
7a:6a:aa:32:0c:72:2a:2e:53:64:51:21:60:7b:fa:
d9:2a:74:ec:a8:b4:c4:39:7d:c3:e1:27:7e:43:b1:
e9:97:8f:7f:30:ff:d8:ff:ae:24:0b:30:02:b2:40:
68:8b:c0:61:9d:25:f1:e3:13:e9:49:82:ad:01:e3:
12:ec:40:e9:9d:0d:2f:ea:6b:31:7a:34:d8:f0:6b:
8f:cc:85:69:e8:02:5a:8d:35:d2:c6:25:c7:84:23:
cd:65:0a:d1:c4:b2:d9:1f:76:4c:ba:73:5e:42:02:
6a:cd:a5:fa:dc:b7:a5:ca:fa:b0:23:25:75:d0:bd:
98:3c:78:66:f2:97:74:38:d1:b0:22:90:8b:0c:a6:
4b:aa:b9:02:1e:af:60:69:a5:34:5f:04:de:41:d6:
02:04:9a:e4:76:f3:77:c1:30:f6:0b:1c:d3:06:17:
ab:c9:34:98:5f:87:91:1d:d4:6f:36:7e:b4:5b:d5:
64:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:80:8D:DC:58:3C:FA:8A:D0:F6:C9:02:D6:51:6E:3A:7D:E1:F4:72
X509v3 Authority Key Identifier:
keyid:3D:23:75:8D:FB:6F:1D:43:DC:D6:4D:0F:0A:B2:7E:F7:15:13:59:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PSN1jftvHUPc1k0PCrJ-9xUTWVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/SoCN3Fg8-orQ9skC1lFuOn3h9HI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66efb4-d2ec-40d6-9a3e-7990e87bbd5f/1/PSN1jftvHUPc1k0PCrJ-9xUTWVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.144.0/22
195.39.222.0/23
IPv6:
2a01:a780::/32
Signature Algorithm: sha256WithRSAEncryption
0c:ab:80:86:9d:86:d0:51:73:77:f0:42:57:f3:43:60:fe:b6:
16:cd:4a:f1:7c:f5:fd:d7:62:db:2b:77:9e:90:61:e5:d5:8c:
af:3d:d3:19:79:fd:a1:ca:20:d4:35:0a:51:dd:c5:a0:7d:24:
76:25:1f:64:e5:5d:1a:7a:2d:a9:78:36:a4:fc:e7:20:00:cc:
8d:9c:ab:5d:43:a2:5f:42:c0:d0:81:60:78:b8:2e:74:03:22:
1a:59:1d:c7:0d:9a:2b:00:17:a2:2d:e2:dd:ff:d7:03:f2:e1:
e2:89:91:87:6b:20:a1:33:36:54:66:57:ba:2e:12:01:07:95:
a0:e5:fe:d1:42:26:70:79:c6:af:05:17:44:0d:fc:92:da:6c:
fb:af:6a:09:b0:b9:6d:34:36:9f:53:85:ac:da:1a:fb:58:6c:
46:cd:99:a3:c0:ae:b9:7d:e0:32:10:c0:64:29:f8:48:57:61:
d1:79:a8:ec:2a:2c:2e:b3:38:44:99:a0:01:ec:32:e1:19:59:
86:6e:01:8a:55:28:da:8a:67:25:19:01:67:ee:a6:44:04:c6:
89:41:f3:cd:95:be:e7:75:81:2a:57:3c:f6:73:c5:b8:2d:b5:
c2:17:08:9a:db:c5:14:c3:40:5e:85:53:ba:b4:1d:1a:1f:4e:
c8:32:4c:8c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt6WwZWVmDBtgQPkF/CGdjgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkMjM3NThkZmI2ZjFkNDNkY2Q2NGQwZjBhYjI3ZWY3MTUx
MzU5NTIwHhcNMjYwMTAxMTYxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTgwOGRkYzU4M2NmYThhZDBmNmM5MDJkNjUxNmUzYTdkZTFmNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlk/6GnRzB4A61UANDcUbj3hbOEQU
NUILHeTexBuwGfAEPPId0YlwAQ7b4GQsQbvWFU5e61j3UC84y+SdrEz/09HjXjPW
5s3wYNl6aqoyDHIqLlNkUSFge/rZKnTsqLTEOX3D4Sd+Q7Hpl49/MP/Y/64kCzAC
skBoi8BhnSXx4xPpSYKtAeMS7EDpnQ0v6msxejTY8GuPzIVp6AJajTXSxiXHhCPN
ZQrRxLLZH3ZMunNeQgJqzaX63LelyvqwIyV10L2YPHhm8pd0ONGwIpCLDKZLqrkC
Hq9gaaU0XwTeQdYCBJrkdvN3wTD2CxzTBheryTSYX4eRHdRvNn60W9VkdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEqAjdxYPPqK0PbJAtZRbjp94fRyMB8GA1UdIwQY
MBaAFD0jdY37bx1D3NZNDwqyfvcVE1lSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2Ut
Nzk5MGU4N2JiZDVmLzEvU29DTjNGZzgtb3JROXNrQzFsRnVPbjNoOUhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82NmVmYjQtZDJlYy00MGQ2LTlhM2UtNzk5MGU4N2JiZDVm
LzEvUFNOMWpmdHZIVVBjMWswUENySi05eFVUV1ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCucGQAwQB
wyfeMA0EAgACMAcDBQAqAaeAMA0GCSqGSIb3DQEBCwUAA4IBAQAMq4CGnYbQUXN3
8EJX80Ng/rYWzUrxfPX912LbK3eekGHl1YyvPdMZef2hyiDUNQpR3cWgfSR2JR9k
5V0aei2peDak/OcgAMyNnKtdQ6JfQsDQgWB4uC50AyIaWR3HDZorABeiLeLd/9cD
8uHiiZGHayChMzZUZle6LhIBB5Wg5f7RQiZwecavBRdEDfyS2mz7r2oJsLltNDaf
U4Ws2hr7WGxGzZmjwK65feAyEMBkKfhIV2HReajsKiwuszhEmaAB7DLhGVmGbgGK
VSjaimclGQFn7qZEBMaJQfPNlb7ndYEqVzz2c8W4LbXCFwia28UUw0BehVO6tB0a
H07IMkyM
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:37:04 2026 by rpki-client