Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/aoTjpbO4fEtkWaW125WuaAWooGE.roa
File: aoTjpbO4fEtkWaW125WuaAWooGE.roa (raw, json)
Hash identifier: 4CwdRnD+H97yNQLom46m3KEKJh6lz/PdeTFKvivPi90=
Subject key identifier: 6A:84:E3:A5:B3:B8:7C:4B:64:59:A5:B5:DB:95:AE:68:05:A8:A0:61
Certificate issuer: /CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Certificate serial: 019D720010EC999EB13AB9292569EEE162A1
Authority key identifier: 46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/aoTjpbO4fEtkWaW125WuaAWooGE.roa
Signing time: Thu 09 Apr 2026 11:28:20 +0000
ROA not before: Thu 09 Apr 2026 11:28:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 146.19.50.0/24 maxlen: 24
185.214.166.0/24 maxlen: 24
213.134.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:00:10:ec:99:9e:b1:3a:b9:29:25:69:ee:e1:62:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=468b592f3110bc6c35249a8271a0dac1a9acb0ce
Validity
Not Before: Apr 9 11:28:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a84e3a5b3b87c4b6459a5b5db95ae6805a8a061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8b:5c:d2:c3:8b:08:8a:db:2e:ff:74:1b:97:
0f:28:1e:86:93:bb:ea:f5:13:13:39:a0:3c:2d:e2:
7f:5c:01:97:0c:fe:11:b3:bc:09:a1:13:f0:40:eb:
0b:d7:84:1d:a3:fa:53:26:b5:09:a9:b5:d7:65:65:
ea:78:ee:94:5e:98:c4:5e:3b:ee:93:ec:a5:09:7c:
48:5d:80:f6:fb:d0:2a:1f:12:5b:03:49:08:1e:aa:
c1:24:23:01:c6:05:7a:1d:a6:4a:49:7f:6d:52:ca:
df:e9:da:14:81:4d:19:b2:8f:82:6f:5d:a6:7b:9c:
6a:a7:2f:96:a9:fb:9d:ef:62:37:d5:b2:6e:b7:05:
6d:1a:cc:70:dd:40:70:2a:0e:70:d6:b5:d6:d4:ae:
a7:e1:6e:db:55:21:84:d1:99:5e:bb:96:39:63:e2:
d4:8b:b2:91:dd:f0:3b:d3:b3:5d:89:b1:2e:10:b0:
82:64:c1:50:4c:6e:eb:a7:f7:ea:7c:33:79:27:b5:
b4:4f:ee:03:54:a4:aa:33:1d:d0:0c:f6:0e:f2:22:
f3:71:b6:77:c0:54:06:a8:18:d2:2c:5b:8e:d7:a1:
60:01:84:bf:50:8c:84:db:88:4f:de:c7:9d:ed:4b:
78:4b:1c:c3:33:29:78:da:61:3e:4c:9e:85:9b:ed:
88:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:84:E3:A5:B3:B8:7C:4B:64:59:A5:B5:DB:95:AE:68:05:A8:A0:61
X509v3 Authority Key Identifier:
keyid:46:8B:59:2F:31:10:BC:6C:35:24:9A:82:71:A0:DA:C1:A9:AC:B0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RotZLzEQvGw1JJqCcaDawamssM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/aoTjpbO4fEtkWaW125WuaAWooGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/29e166-98d2-49f2-8497-0503749adea0/1/RotZLzEQvGw1JJqCcaDawamssM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.50.0/24
185.214.166.0/24
213.134.25.0/24
Signature Algorithm: sha256WithRSAEncryption
69:d8:36:84:f0:7e:d0:05:8c:39:3f:57:f1:1e:98:e2:e9:f2:
d8:fa:c8:2b:de:2d:92:d0:e3:e0:24:fd:79:15:50:25:3a:7c:
7c:db:1b:59:e0:0b:85:bb:18:8d:0d:9c:93:1d:0a:1d:0d:6c:
69:76:08:45:8a:a8:d4:91:90:be:37:66:9c:57:18:8b:78:c5:
96:a1:7f:30:c0:a0:02:c8:f2:35:11:fa:0c:a7:1a:06:f1:f1:
63:8e:a1:56:ff:d9:8c:d6:e5:9e:ee:e4:d7:6f:56:f5:9a:92:
0f:65:31:85:a6:8b:3f:e2:86:d2:dc:bc:dd:77:f3:ea:c9:05:
c4:49:36:ca:60:b9:30:3b:64:b2:da:c1:06:c7:18:ae:37:82:
ec:11:41:af:6a:6f:6c:50:55:15:28:d3:04:1c:17:37:29:9a:
36:55:fd:70:2f:ff:b2:b6:9e:a6:b7:76:4b:8f:4d:48:3b:b8:
ba:7a:66:dc:7d:a0:78:8a:95:6a:fb:89:4a:09:ef:e1:0c:e3:
e9:27:f1:ae:e8:58:cb:e4:61:8f:54:f8:64:12:25:d1:19:4a:
f4:82:87:97:19:a6:c3:8b:73:a1:32:ee:06:17:66:b4:f7:f7:
5e:03:55:d0:77:4c:47:80:d6:06:bb:1a:15:a2:b7:cd:de:cd:
88:2d:ca:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1yABDsmZ6xOrkpJWnu4WKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2OGI1OTJmMzExMGJjNmMzNTI0OWE4MjcxYTBkYWMxYTlh
Y2IwY2UwHhcNMjYwNDA5MTEyODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTg0ZTNhNWIzYjg3YzRiNjQ1OWE1YjVkYjk1YWU2ODA1YThhMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyotc0sOLCIrbLv90G5cPKB6Gk7vq
9RMTOaA8LeJ/XAGXDP4Rs7wJoRPwQOsL14Qdo/pTJrUJqbXXZWXqeO6UXpjEXjvu
k+ylCXxIXYD2+9AqHxJbA0kIHqrBJCMBxgV6HaZKSX9tUsrf6doUgU0Zso+Cb12m
e5xqpy+Wqfud72I31bJutwVtGsxw3UBwKg5w1rXW1K6n4W7bVSGE0Zleu5Y5Y+LU
i7KR3fA707NdibEuELCCZMFQTG7rp/fqfDN5J7W0T+4DVKSqMx3QDPYO8iLzcbZ3
wFQGqBjSLFuO16FgAYS/UIyE24hP3sed7Ut4SxzDMyl42mE+TJ6Fm+2IDQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGqE46WzuHxLZFmltduVrmgFqKBhMB8GA1UdIwQY
MBaAFEaLWS8xELxsNSSagnGg2sGprLDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTct
MDUwMzc0OWFkZWEwLzEvYW9UanBiTzRmRXRrV2FXMTI1V3VhQVdvb0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yOWUxNjYtOThkMi00OWYyLTg0OTctMDUwMzc0OWFkZWEw
LzEvUm90Wkx6RVF2R3cxSkpxQ2NhRGF3YW1zc000LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAkhMyAwQA
udamAwQA1YYZMA0GCSqGSIb3DQEBCwUAA4IBAQBp2DaE8H7QBYw5P1fxHpji6fLY
+sgr3i2S0OPgJP15FVAlOnx82xtZ4AuFuxiNDZyTHQodDWxpdghFiqjUkZC+N2ac
VxiLeMWWoX8wwKACyPI1EfoMpxoG8fFjjqFW/9mM1uWe7uTXb1b1mpIPZTGFpos/
4obS3Lzdd/PqyQXESTbKYLkwO2Sy2sEGxxiuN4LsEUGvam9sUFUVKNMEHBc3KZo2
Vf1wL/+ytp6mt3ZLj01IO7i6embcfaB4ipVq+4lKCe/hDOPpJ/Gu6FjL5GGPVPhk
EiXRGUr0goeXGabDi3OhMu4GF2a09/deA1XQd0xHgNYGuxoVorfN3s2ILcoA
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:50:09 2026 by rpki-client