Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cc3ce-ec81-45ed-86e6-9ada2378a9a0/1/AxG5wFO2MDdWUvHh1PluKe0ky-I.roa
File: AxG5wFO2MDdWUvHh1PluKe0ky-I.roa (raw, json)
Hash identifier: cC2QzyvDJOa+oXsPrR4gS/VZ9KUiTWzfLRKmqa68gno=
Subject key identifier: 03:11:B9:C0:53:B6:30:37:56:52:F1:E1:D4:F9:6E:29:ED:24:CB:E2
Certificate issuer: /CN=d5be07670c2c9a2ae0278131aa29cf3ce7a5aaa3
Certificate serial: 019B7E3754E4CF9455207C10A599D9E44AB0
Authority key identifier: D5:BE:07:67:0C:2C:9A:2A:E0:27:81:31:AA:29:CF:3C:E7:A5:AA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1b4HZwwsmirgJ4ExqinPPOelqqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cc3ce-ec81-45ed-86e6-9ada2378a9a0/1/AxG5wFO2MDdWUvHh1PluKe0ky-I.roa
Signing time: Fri 02 Jan 2026 10:18:34 +0000
ROA not before: Fri 02 Jan 2026 10:18:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208344
IP address blocks: 194.110.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:37:54:e4:cf:94:55:20:7c:10:a5:99:d9:e4:4a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5be07670c2c9a2ae0278131aa29cf3ce7a5aaa3
Validity
Not Before: Jan 2 10:18:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0311b9c053b630375652f1e1d4f96e29ed24cbe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:06:a3:15:46:5a:02:1a:14:5a:83:bd:9c:dc:
22:c8:4d:48:91:77:a0:15:a6:02:74:4b:32:4c:50:
1b:c2:86:fe:ed:70:c0:41:4a:3d:18:8a:74:24:86:
f1:c2:0f:6c:ef:18:b6:74:f2:b7:42:16:d5:2f:ea:
90:97:39:bb:0b:e2:bf:b3:5f:1b:b1:bc:ba:bd:82:
9d:20:cf:71:07:c3:d9:1e:85:1f:22:e0:8d:64:80:
a2:ac:29:75:4b:6c:ca:7a:d8:7c:3c:53:c2:1f:41:
76:48:a5:5b:4b:a4:29:8d:25:3d:36:f1:b4:aa:bc:
3b:b1:4a:32:af:fa:3f:b3:75:f8:07:d6:ae:8a:6d:
a5:a1:60:8a:46:df:84:89:25:bd:b9:fc:29:a9:7f:
09:d9:f4:0f:47:c4:a2:81:a0:21:fc:10:e8:c9:8e:
f5:d1:1c:9f:14:f6:c3:99:ca:3f:8b:4e:b8:3a:7c:
ea:25:b2:4d:07:40:1a:66:86:77:f9:e1:c3:2d:f3:
41:5d:27:0a:ac:90:46:99:5a:8f:f9:84:47:32:a5:
f4:06:3f:e3:94:b0:cc:6f:90:4a:5d:f9:45:13:54:
01:c0:0b:ab:c3:39:93:f4:75:07:37:aa:00:70:8b:
92:79:7e:a5:e9:ac:2f:64:7f:87:43:b7:36:b3:25:
d8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:11:B9:C0:53:B6:30:37:56:52:F1:E1:D4:F9:6E:29:ED:24:CB:E2
X509v3 Authority Key Identifier:
keyid:D5:BE:07:67:0C:2C:9A:2A:E0:27:81:31:AA:29:CF:3C:E7:A5:AA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b4HZwwsmirgJ4ExqinPPOelqqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cc3ce-ec81-45ed-86e6-9ada2378a9a0/1/AxG5wFO2MDdWUvHh1PluKe0ky-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cc3ce-ec81-45ed-86e6-9ada2378a9a0/1/1b4HZwwsmirgJ4ExqinPPOelqqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.221.0/24
Signature Algorithm: sha256WithRSAEncryption
79:c7:49:d4:3e:6c:ac:ef:f3:60:09:4c:22:1b:17:db:31:6b:
88:df:6c:b5:a6:e2:a1:99:0e:1f:4a:77:06:57:f4:e7:2b:72:
bd:8b:94:6a:30:cc:3c:98:fe:15:05:44:09:06:62:28:6e:04:
ff:58:e9:75:9c:0f:6c:a0:fb:02:d1:51:2f:c9:90:39:6a:f2:
58:0c:06:40:3e:f3:cd:79:c2:7c:41:1f:03:8e:2a:24:e4:12:
d8:36:2a:ca:74:40:3e:aa:85:64:35:7d:77:97:a3:24:38:df:
e2:1a:a7:d4:19:7d:21:fa:7f:83:c7:01:27:b0:66:54:f1:69:
9e:80:7b:e3:5d:9a:8d:12:ee:3c:e9:72:30:03:4b:cf:ef:47:
1e:37:3d:b8:12:c9:51:34:2b:11:c4:4f:d2:57:88:93:8b:00:
d5:c9:84:95:b9:f5:fc:2c:cc:6e:01:37:63:8f:f3:71:a9:60:
d6:92:1d:52:d5:e4:98:b4:13:d4:85:cb:7c:4b:bc:42:36:2a:
c2:1b:4f:7b:a3:fd:58:28:ea:9f:f2:cd:f2:9b:4f:3b:1b:76:
3f:52:b8:cd:13:11:14:5e:58:0c:d8:63:95:ef:92:83:fa:47:
2b:48:17:d4:1c:f3:a2:7b:71:de:33:cf:1b:d9:42:ed:48:e5:
63:c8:8b:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt+N1Tkz5RVIHwQpZnZ5EqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YmUwNzY3MGMyYzlhMmFlMDI3ODEzMWFhMjljZjNjZTdh
NWFhYTMwHhcNMjYwMTAyMTAxODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzExYjljMDUzYjYzMDM3NTY1MmYxZTFkNGY5NmUyOWVkMjRjYmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgajFUZaAhoUWoO9nNwiyE1IkXeg
FaYCdEsyTFAbwob+7XDAQUo9GIp0JIbxwg9s7xi2dPK3QhbVL+qQlzm7C+K/s18b
sby6vYKdIM9xB8PZHoUfIuCNZICirCl1S2zKeth8PFPCH0F2SKVbS6QpjSU9NvG0
qrw7sUoyr/o/s3X4B9auim2loWCKRt+EiSW9ufwpqX8J2fQPR8SigaAh/BDoyY71
0RyfFPbDmco/i064OnzqJbJNB0AaZoZ3+eHDLfNBXScKrJBGmVqP+YRHMqX0Bj/j
lLDMb5BKXflFE1QBwAurwzmT9HUHN6oAcIuSeX6l6awvZH+HQ7c2syXYlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMRucBTtjA3VlLx4dT5bintJMviMB8GA1UdIwQY
MBaAFNW+B2cMLJoq4CeBMaopzzznpaqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWI0SFp3d3NtaXJnSjRFeHFpblBQT2VscXFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2MzY2UtZWM4MS00NWVkLTg2ZTYt
OWFkYTIzNzhhOWEwLzEvQXhHNXdGTzJNRGRXVXZIaDFQbHVLZTBreS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8yY2MzY2UtZWM4MS00NWVkLTg2ZTYtOWFkYTIzNzhhOWEw
LzEvMWI0SFp3d3NtaXJnSjRFeHFpblBQT2VscXFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm7dMA0G
CSqGSIb3DQEBCwUAA4IBAQB5x0nUPmys7/NgCUwiGxfbMWuI32y1puKhmQ4fSncG
V/TnK3K9i5RqMMw8mP4VBUQJBmIobgT/WOl1nA9soPsC0VEvyZA5avJYDAZAPvPN
ecJ8QR8Djiok5BLYNirKdEA+qoVkNX13l6MkON/iGqfUGX0h+n+DxwEnsGZU8Wme
gHvjXZqNEu486XIwA0vP70ceNz24EslRNCsRxE/SV4iTiwDVyYSVufX8LMxuATdj
j/NxqWDWkh1S1eSYtBPUhct8S7xCNirCG097o/1YKOqf8s3ym087G3Y/UrjNExEU
XlgM2GOV75KD+kcrSBfUHPOie3HeM88b2ULtSOVjyIuJ
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:44:32 2026 by rpki-client