Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32eaa2-ccb9-48e1-962d-e3ea6494d4ea/1/T-KhfHsksj8KeU37bSUX8ZMkZ8A.roa
File: T-KhfHsksj8KeU37bSUX8ZMkZ8A.roa (raw, json)
Hash identifier: Wa/258R5lna23OSS02qeNtEmsr6N24HsS4xUIHcerP4=
Subject key identifier: 4F:E2:A1:7C:7B:24:B2:3F:0A:79:4D:FB:6D:25:17:F1:93:24:67:C0
Certificate issuer: /CN=384c679cbaf8c2ad7bd7e159086fdf0a27d2a284
Certificate serial: 019B7BA526651F87A535ECB959524AE0B526
Authority key identifier: 38:4C:67:9C:BA:F8:C2:AD:7B:D7:E1:59:08:6F:DF:0A:27:D2:A2:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OExnnLr4wq171-FZCG_fCifSooQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32eaa2-ccb9-48e1-962d-e3ea6494d4ea/1/T-KhfHsksj8KeU37bSUX8ZMkZ8A.roa
Signing time: Thu 01 Jan 2026 22:19:39 +0000
ROA not before: Thu 01 Jan 2026 22:19:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51816
IP address blocks: 91.220.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7b:a5:26:65:1f:87:a5:35:ec:b9:59:52:4a:e0:b5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=384c679cbaf8c2ad7bd7e159086fdf0a27d2a284
Validity
Not Before: Jan 1 22:19:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4fe2a17c7b24b23f0a794dfb6d2517f1932467c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:85:74:db:90:6e:c6:07:02:a7:4d:4e:73:20:
e9:59:65:25:a5:5b:3d:c1:66:35:26:5c:3d:ad:92:
a6:57:db:81:60:d7:af:59:dc:35:3c:32:8e:47:53:
46:ae:a4:dd:54:77:d2:1f:60:c5:22:24:c4:0d:ed:
09:33:3a:41:a6:55:0c:26:24:9e:86:8a:a3:90:80:
f3:cb:90:65:65:c5:e0:be:c0:0c:27:c5:7c:db:35:
f5:7a:0a:9f:9d:43:dc:40:42:1c:b0:98:53:71:37:
57:39:4a:20:70:c8:f3:ef:f7:cb:34:fa:15:3f:6b:
0b:5c:bc:33:69:b3:1d:6a:6e:6a:13:75:70:5e:a7:
3a:b8:2f:c8:b5:e2:62:53:5d:b9:5d:b7:d7:be:5a:
76:21:8a:d5:92:28:23:8d:fe:d5:e9:01:eb:49:84:
04:81:6e:1a:b0:45:3a:59:8c:b4:c8:81:6d:b5:53:
88:0f:85:d9:f5:1e:99:cd:a3:06:21:e6:ff:69:ef:
a3:de:58:30:6d:ea:ee:1a:b8:e7:26:d0:29:17:38:
db:d0:15:1d:2b:0f:0b:27:41:1d:f8:db:93:40:49:
6f:cb:d5:31:80:03:56:c4:c4:9f:91:32:8e:16:e4:
95:bd:89:5e:73:7c:c3:c8:b1:22:93:e2:69:8b:af:
11:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:E2:A1:7C:7B:24:B2:3F:0A:79:4D:FB:6D:25:17:F1:93:24:67:C0
X509v3 Authority Key Identifier:
keyid:38:4C:67:9C:BA:F8:C2:AD:7B:D7:E1:59:08:6F:DF:0A:27:D2:A2:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OExnnLr4wq171-FZCG_fCifSooQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32eaa2-ccb9-48e1-962d-e3ea6494d4ea/1/T-KhfHsksj8KeU37bSUX8ZMkZ8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32eaa2-ccb9-48e1-962d-e3ea6494d4ea/1/OExnnLr4wq171-FZCG_fCifSooQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.107.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e2:eb:05:8c:aa:f4:cc:fe:98:63:78:b8:43:04:71:5e:55:
21:98:b5:3b:b8:64:00:1c:a0:cd:37:09:a2:6e:be:ba:97:f3:
d5:95:e3:92:f6:b8:c0:48:d2:15:bf:4c:08:f2:b2:9b:b9:d5:
70:73:19:cc:1c:0f:2b:96:65:f6:da:52:7c:12:11:c5:93:77:
13:18:e0:e7:85:a3:3c:6a:fe:d9:9c:6d:bf:e5:68:0d:f4:f5:
9d:ad:0b:e2:fc:cc:db:9a:c8:2d:bb:bc:0c:d0:d6:a3:4d:f0:
18:6c:6f:a0:00:d2:83:61:6c:53:f1:c4:c9:ca:cf:fe:65:af:
fc:57:e6:82:48:0a:fe:24:9c:78:99:48:07:1b:c2:11:6f:c7:
ab:85:64:0f:95:cd:d3:3e:05:f2:f9:b4:a9:43:ca:f2:b7:64:
69:2f:0f:96:75:b8:f6:55:4d:89:7a:b6:da:be:e9:c4:a4:0c:
4b:af:49:01:0c:a8:b1:14:71:dc:99:6c:4f:07:a4:f8:6b:46:
7a:90:e6:c2:a8:76:fe:09:c5:d9:3f:9e:75:dc:75:dc:c9:c5:
c1:cf:71:7f:a9:c7:e1:a7:f8:c3:ae:1f:b4:bd:23:2c:62:e3:
10:a2:ae:55:33:34:77:79:f5:ac:f5:d0:68:ea:fb:e2:b4:87:
76:52:e2:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt7pSZlH4elNey5WVJK4LUmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NGM2NzljYmFmOGMyYWQ3YmQ3ZTE1OTA4NmZkZjBhMjdk
MmEyODQwHhcNMjYwMTAxMjIxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmUyYTE3YzdiMjRiMjNmMGE3OTRkZmI2ZDI1MTdmMTkzMjQ2N2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYV025BuxgcCp01OcyDpWWUlpVs9
wWY1Jlw9rZKmV9uBYNevWdw1PDKOR1NGrqTdVHfSH2DFIiTEDe0JMzpBplUMJiSe
hoqjkIDzy5BlZcXgvsAMJ8V82zX1egqfnUPcQEIcsJhTcTdXOUogcMjz7/fLNPoV
P2sLXLwzabMdam5qE3VwXqc6uC/IteJiU125XbfXvlp2IYrVkigjjf7V6QHrSYQE
gW4asEU6WYy0yIFttVOID4XZ9R6ZzaMGIeb/ae+j3lgwberuGrjnJtApFzjb0BUd
Kw8LJ0Ed+NuTQElvy9UxgANWxMSfkTKOFuSVvYlec3zDyLEik+Jpi68RMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE/ioXx7JLI/CnlN+20lF/GTJGfAMB8GA1UdIwQY
MBaAFDhMZ5y6+MKte9fhWQhv3won0qKEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0V4bm5McjR3cTE3MS1GWkNHX2ZDaWZTb29RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMmVhYTItY2NiOS00OGUxLTk2MmQt
ZTNlYTY0OTRkNGVhLzEvVC1LaGZIc2tzajhLZVUzN2JTVVg4Wk1rWjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMmVhYTItY2NiOS00OGUxLTk2MmQtZTNlYTY0OTRkNGVh
LzEvT0V4bm5McjR3cTE3MS1GWkNHX2ZDaWZTb29RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9xrMA0G
CSqGSIb3DQEBCwUAA4IBAQCa4usFjKr0zP6YY3i4QwRxXlUhmLU7uGQAHKDNNwmi
br66l/PVleOS9rjASNIVv0wI8rKbudVwcxnMHA8rlmX22lJ8EhHFk3cTGODnhaM8
av7ZnG2/5WgN9PWdrQvi/Mzbmsgtu7wM0NajTfAYbG+gANKDYWxT8cTJys/+Za/8
V+aCSAr+JJx4mUgHG8IRb8erhWQPlc3TPgXy+bSpQ8ryt2RpLw+Wdbj2VU2Jerba
vunEpAxLr0kBDKixFHHcmWxPB6T4a0Z6kObCqHb+CcXZP5513HXcycXBz3F/qcfh
p/jDrh+0vSMsYuMQoq5VMzR3efWs9dBo6vvitId2UuKd
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:19:15 2026 by rpki-client