Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/3aZ_Y120xYc6CEmOhZbrvnboKI0.roa
File: 3aZ_Y120xYc6CEmOhZbrvnboKI0.roa (raw, json)
Hash identifier: WGi3p+H5OVMwM3oevEHkpaxeWVXP2pcs5LEa2vedhN4=
Subject key identifier: DD:A6:7F:63:5D:B4:C5:87:3A:08:49:8E:85:96:EB:BE:76:E8:28:8D
Certificate issuer: /CN=a02bb11d019557e12f5fb6eb903837421160d009
Certificate serial: 019B78A29601E309255F8C1354511BCCD47C
Authority key identifier: A0:2B:B1:1D:01:95:57:E1:2F:5F:B6:EB:90:38:37:42:11:60:D0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCuxHQGVV-EvX7brkDg3QhFg0Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/3aZ_Y120xYc6CEmOhZbrvnboKI0.roa
Signing time: Thu 01 Jan 2026 08:17:59 +0000
ROA not before: Thu 01 Jan 2026 08:17:59 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202332
IP address blocks: 194.147.40.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:96:01:e3:09:25:5f:8c:13:54:51:1b:cc:d4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a02bb11d019557e12f5fb6eb903837421160d009
Validity
Not Before: Jan 1 08:17:59 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dda67f635db4c5873a08498e8596ebbe76e8288d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:50:02:7d:df:65:39:81:d1:aa:6a:d0:7f:88:
44:cf:35:d6:9b:24:0e:cd:94:a4:50:8f:45:64:10:
97:4f:1a:43:6a:12:ab:81:e8:6b:06:2b:76:23:ee:
a9:c4:05:b7:03:d1:49:34:17:e3:3d:8b:9d:bf:47:
a5:1f:70:c9:17:58:f6:61:00:72:c1:ba:0d:e9:22:
85:f3:a7:ca:33:17:8c:61:76:69:ea:87:69:d7:32:
ec:f4:cd:97:e5:05:1e:6a:84:b0:8d:be:3c:09:ec:
fa:c2:ca:d8:e9:6d:f7:5a:72:b9:eb:38:0a:19:ef:
91:f1:d8:82:13:40:ab:3c:11:25:60:55:18:67:7a:
2f:00:8d:97:33:5f:9a:66:5c:09:80:89:33:8f:5f:
d8:ec:c5:7c:69:03:b6:02:d2:8c:c3:20:95:2b:d0:
bc:9d:d9:e3:70:62:37:3e:53:a1:97:f3:ca:ac:0f:
b4:f3:8f:dd:60:98:22:48:27:3c:2f:5e:7b:53:da:
90:71:95:e7:66:fa:51:fd:dd:7e:3e:32:56:91:04:
37:5b:0b:bc:0a:8e:17:c9:48:66:dc:02:9b:48:8a:
ba:0c:cd:ef:35:8c:3b:0f:70:b0:d5:11:ba:cd:24:
51:fb:c6:16:a1:9b:c8:85:1d:b7:ab:f1:9b:d2:8a:
89:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A6:7F:63:5D:B4:C5:87:3A:08:49:8E:85:96:EB:BE:76:E8:28:8D
X509v3 Authority Key Identifier:
keyid:A0:2B:B1:1D:01:95:57:E1:2F:5F:B6:EB:90:38:37:42:11:60:D0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCuxHQGVV-EvX7brkDg3QhFg0Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/3aZ_Y120xYc6CEmOhZbrvnboKI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/9d6ca2-0dac-4597-80f5-7bd3ab73e172/1/oCuxHQGVV-EvX7brkDg3QhFg0Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.40.0/22
Signature Algorithm: sha256WithRSAEncryption
c0:a3:83:25:65:6d:d0:0a:b8:88:d8:11:da:fd:23:ee:50:9d:
90:0d:fa:e7:23:59:f8:7d:83:09:e4:eb:cf:7d:86:7e:65:20:
ea:e4:a0:43:61:80:32:e0:e9:9b:86:b9:78:0c:97:56:6a:ae:
fe:3d:cd:15:d4:b7:72:71:0e:90:72:29:f0:81:11:38:2a:5d:
46:f8:96:64:d8:b5:d2:31:52:ff:97:06:a7:58:a2:9a:5a:76:
06:86:1a:52:56:c4:e0:9e:91:37:00:ce:a0:b6:af:a2:a3:cc:
02:ce:08:f9:b5:54:69:0a:24:d9:7b:84:2b:c8:98:53:00:7d:
90:2d:0e:bc:a4:3d:a0:e2:1f:f5:96:94:98:bf:56:78:14:d4:
08:36:91:fc:b9:c0:5a:50:6c:5e:74:e6:0f:11:47:24:20:c8:
56:a7:67:c0:9c:dd:84:8b:bb:26:14:13:ca:87:4a:b7:d5:fb:
99:be:4c:29:0d:ef:b6:78:f7:77:88:17:2f:da:51:bd:8f:43:
7f:8d:bf:a8:07:b4:5a:30:c5:1c:3a:95:c1:90:1b:a8:8b:aa:
39:4c:ab:88:d8:34:be:a4:76:78:9c:2a:d5:7a:1d:e5:bc:54:
7e:8d:15:ef:93:b6:48:df:99:90:44:83:3b:ea:ca:df:8e:eb:
8a:6f:fa:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4opYB4wklX4wTVFEbzNR8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwMmJiMTFkMDE5NTU3ZTEyZjVmYjZlYjkwMzgzNzQyMTE2
MGQwMDkwHhcNMjYwMTAxMDgxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGE2N2Y2MzVkYjRjNTg3M2EwODQ5OGU4NTk2ZWJiZTc2ZTgyODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41ACfd9lOYHRqmrQf4hEzzXWmyQO
zZSkUI9FZBCXTxpDahKrgehrBit2I+6pxAW3A9FJNBfjPYudv0elH3DJF1j2YQBy
wboN6SKF86fKMxeMYXZp6odp1zLs9M2X5QUeaoSwjb48Cez6wsrY6W33WnK56zgK
Ge+R8diCE0CrPBElYFUYZ3ovAI2XM1+aZlwJgIkzj1/Y7MV8aQO2AtKMwyCVK9C8
ndnjcGI3PlOhl/PKrA+084/dYJgiSCc8L157U9qQcZXnZvpR/d1+PjJWkQQ3Wwu8
Co4XyUhm3AKbSIq6DM3vNYw7D3Cw1RG6zSRR+8YWoZvIhR23q/Gb0oqJgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2mf2NdtMWHOghJjoWW67526CiNMB8GA1UdIwQY
MBaAFKArsR0BlVfhL1+265A4N0IRYNAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0N1eEhRR1ZWLUV2WDdicmtEZzNRaEZnMEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi85ZDZjYTItMGRhYy00NTk3LTgwZjUt
N2JkM2FiNzNlMTcyLzEvM2FaX1kxMjB4WWM2Q0VtT2haYnJ2bmJvS0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi85ZDZjYTItMGRhYy00NTk3LTgwZjUtN2JkM2FiNzNlMTcy
LzEvb0N1eEhRR1ZWLUV2WDdicmtEZzNRaEZnMEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpMoMA0G
CSqGSIb3DQEBCwUAA4IBAQDAo4MlZW3QCriI2BHa/SPuUJ2QDfrnI1n4fYMJ5OvP
fYZ+ZSDq5KBDYYAy4Ombhrl4DJdWaq7+Pc0V1LdycQ6QcinwgRE4Kl1G+JZk2LXS
MVL/lwanWKKaWnYGhhpSVsTgnpE3AM6gtq+io8wCzgj5tVRpCiTZe4QryJhTAH2Q
LQ68pD2g4h/1lpSYv1Z4FNQINpH8ucBaUGxedOYPEUckIMhWp2fAnN2Ei7smFBPK
h0q31fuZvkwpDe+2ePd3iBcv2lG9j0N/jb+oB7RaMMUcOpXBkBuoi6o5TKuI2DS+
pHZ4nCrVeh3lvFR+jRXvk7ZI35mQRIM76srfjuuKb/rA
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:34:53 2026 by rpki-client