Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/SuJF_zKqOH6utGO_CwDg4y2x8CY.roa
File: SuJF_zKqOH6utGO_CwDg4y2x8CY.roa (raw, json)
Hash identifier: OlH1mVu2xiWsNc8O/T/NHNLN4CMeUIS1AHaz1gsgLDc=
Subject key identifier: 4A:E2:45:FF:32:AA:38:7E:AE:B4:63:BF:0B:00:E0:E3:2D:B1:F0:26
Certificate issuer: /CN=1740132e505f78bad0112f91b55986879535cac0
Certificate serial: 019B78A35E27EC94BC982593B2DDE4BA0328
Authority key identifier: 17:40:13:2E:50:5F:78:BA:D0:11:2F:91:B5:59:86:87:95:35:CA:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0ATLlBfeLrQES-RtVmGh5U1ysA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/SuJF_zKqOH6utGO_CwDg4y2x8CY.roa
Signing time: Thu 01 Jan 2026 08:18:50 +0000
ROA not before: Thu 01 Jan 2026 08:18:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51236
IP address blocks: 185.140.248.0/24 maxlen: 24
2a13:1080::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a3:5e:27:ec:94:bc:98:25:93:b2:dd:e4:ba:03:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1740132e505f78bad0112f91b55986879535cac0
Validity
Not Before: Jan 1 08:18:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4ae245ff32aa387eaeb463bf0b00e0e32db1f026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:ca:82:ef:a4:7e:fc:f0:70:e5:97:b5:4f:4c:
2e:5c:bb:b7:22:d6:8a:a5:de:6b:98:fc:da:61:0c:
fe:11:28:a9:c5:e6:c9:33:d0:b1:e4:4a:e4:74:16:
97:8a:6d:12:7f:90:1d:73:35:51:cd:b2:ae:37:49:
b8:44:6a:ef:33:af:c6:81:bd:a8:83:50:70:18:38:
a4:e1:63:33:66:79:be:11:76:d9:e4:0e:42:c1:d3:
9a:67:a7:19:ce:65:49:aa:55:91:d5:05:eb:55:2d:
2c:f4:90:25:53:5c:5b:f0:fd:64:a7:79:49:a0:6c:
ad:41:bb:1a:c0:ca:9b:b4:c9:a2:86:6e:bc:de:7d:
d6:c9:32:77:54:87:2b:a2:f8:24:71:8e:f8:55:ed:
79:02:45:1d:91:b0:5f:bb:99:3f:4b:30:28:b5:42:
88:23:6b:3a:df:e3:07:6f:0e:56:77:0e:13:17:44:
82:e0:e4:76:20:f9:27:b4:af:d2:35:79:0a:c2:77:
d5:70:27:b0:c4:45:64:3a:72:c4:d1:19:e9:19:c2:
c9:80:bf:ca:0d:fb:6a:0f:d7:a3:90:7b:b8:b0:6c:
5e:21:fc:8e:90:bd:6a:10:4e:5d:1b:e4:55:3a:55:
54:49:53:88:8d:c0:5f:b4:0b:79:d1:7b:3e:d4:78:
2e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E2:45:FF:32:AA:38:7E:AE:B4:63:BF:0B:00:E0:E3:2D:B1:F0:26
X509v3 Authority Key Identifier:
keyid:17:40:13:2E:50:5F:78:BA:D0:11:2F:91:B5:59:86:87:95:35:CA:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0ATLlBfeLrQES-RtVmGh5U1ysA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/SuJF_zKqOH6utGO_CwDg4y2x8CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/fbbdfa-dcfa-4ded-97a1-4e3807a38158/1/F0ATLlBfeLrQES-RtVmGh5U1ysA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.248.0/24
IPv6:
2a13:1080::/29
Signature Algorithm: sha256WithRSAEncryption
93:c2:ad:60:95:13:60:2b:6f:c1:08:ab:d0:74:cf:ce:e9:80:
9c:a1:aa:26:19:31:1d:98:3c:b0:e8:82:b4:05:0c:62:3b:77:
98:ce:65:52:24:5c:b4:12:f9:ad:18:c1:fa:8d:82:54:c3:66:
93:3e:6d:b3:eb:56:e5:ff:a3:ed:14:ad:cf:1f:8b:73:0b:d9:
93:8d:6e:c6:dc:95:c7:9c:ad:8b:8f:1b:1e:3d:e5:d0:99:4f:
11:b1:b6:b4:f1:b7:0e:76:53:7c:66:ec:f1:f8:9b:f2:84:90:
b0:8d:e1:0e:57:56:ff:50:be:63:ce:33:9f:4b:35:69:cb:7f:
91:b2:3c:51:79:7c:98:bc:ad:a3:08:91:d1:ff:b3:81:91:d4:
e2:35:be:3d:bd:08:17:a0:be:d9:40:ec:45:2f:39:b2:18:bb:
8d:3e:97:89:d2:b2:c8:8c:62:8b:03:d2:4f:12:69:31:cb:a7:
95:98:84:e2:0a:00:0c:9e:48:f5:8c:97:6e:a8:ad:60:6a:75:
91:a2:72:a4:cb:20:49:e8:27:b4:8e:b1:e4:70:b7:71:f7:fa:
d8:33:bb:80:e9:74:bc:ca:e7:1d:98:f3:ac:42:c0:81:a9:21:
c6:c2:5c:4d:22:31:0c:b5:3c:57:02:12:a1:85:a4:e0:06:ad:
39:30:8e:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt4o14n7JS8mCWTst3kugMoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NDAxMzJlNTA1Zjc4YmFkMDExMmY5MWI1NTk4Njg3OTUz
NWNhYzAwHhcNMjYwMTAxMDgxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWUyNDVmZjMyYWEzODdlYWViNDYzYmYwYjAwZTBlMzJkYjFmMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8qC76R+/PBw5Ze1T0wuXLu3ItaK
pd5rmPzaYQz+ESipxebJM9Cx5ErkdBaXim0Sf5AdczVRzbKuN0m4RGrvM6/Ggb2o
g1BwGDik4WMzZnm+EXbZ5A5CwdOaZ6cZzmVJqlWR1QXrVS0s9JAlU1xb8P1kp3lJ
oGytQbsawMqbtMmihm683n3WyTJ3VIcrovgkcY74Ve15AkUdkbBfu5k/SzAotUKI
I2s63+MHbw5Wdw4TF0SC4OR2IPkntK/SNXkKwnfVcCewxEVkOnLE0RnpGcLJgL/K
DftqD9ejkHu4sGxeIfyOkL1qEE5dG+RVOlVUSVOIjcBftAt50Xs+1HgugQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEriRf8yqjh+rrRjvwsA4OMtsfAmMB8GA1UdIwQY
MBaAFBdAEy5QX3i60BEvkbVZhoeVNcrAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjBBVExsQmZlTHJRRVMtUnRWbUdoNVUxeXNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9mYmJkZmEtZGNmYS00ZGVkLTk3YTEt
NGUzODA3YTM4MTU4LzEvU3VKRl96S3FPSDZ1dEdPX0N3RGc0eTJ4OENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9mYmJkZmEtZGNmYS00ZGVkLTk3YTEtNGUzODA3YTM4MTU4
LzEvRjBBVExsQmZlTHJRRVMtUnRWbUdoNVUxeXNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYz4MA0E
AgACMAcDBQMqExCAMA0GCSqGSIb3DQEBCwUAA4IBAQCTwq1glRNgK2/BCKvQdM/O
6YCcoaomGTEdmDyw6IK0BQxiO3eYzmVSJFy0EvmtGMH6jYJUw2aTPm2z61bl/6Pt
FK3PH4tzC9mTjW7G3JXHnK2LjxsePeXQmU8Rsba08bcOdlN8Zuzx+JvyhJCwjeEO
V1b/UL5jzjOfSzVpy3+RsjxReXyYvK2jCJHR/7OBkdTiNb49vQgXoL7ZQOxFLzmy
GLuNPpeJ0rLIjGKLA9JPEmkxy6eVmITiCgAMnkj1jJduqK1ganWRonKkyyBJ6Ce0
jrHkcLdx9/rYM7uA6XS8yucdmPOsQsCBqSHGwlxNIjEMtTxXAhKhhaTgBq05MI5l
-----END CERTIFICATE-----
Generated at Mon Mar 2 16:35:24 2026 by rpki-client