Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/bafc4f-d64c-4404-922b-adafaad27aea/1/WQNJEIe-XhMVqV6qFTPIp4rVnqw.roa
File: WQNJEIe-XhMVqV6qFTPIp4rVnqw.roa (raw, json)
Hash identifier: WRfBqWi80P8mQckPiPK68sMjih4KvX1rYIU1FaSMrvY=
Subject key identifier: 59:03:49:10:87:BE:5E:13:15:A9:5E:AA:15:33:C8:A7:8A:D5:9E:AC
Certificate issuer: /CN=a1208242656123c0c90b6168d09b2d8a67617bec
Certificate serial: 019B7758C97E29390AA027BE30B31372AD1E
Authority key identifier: A1:20:82:42:65:61:23:C0:C9:0B:61:68:D0:9B:2D:8A:67:61:7B:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oSCCQmVhI8DJC2Fo0Jstimdhe-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/bafc4f-d64c-4404-922b-adafaad27aea/1/WQNJEIe-XhMVqV6qFTPIp4rVnqw.roa
Signing time: Thu 01 Jan 2026 02:17:46 +0000
ROA not before: Thu 01 Jan 2026 02:17:46 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39825
IP address blocks: 185.223.208.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:58:c9:7e:29:39:0a:a0:27:be:30:b3:13:72:ad:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1208242656123c0c90b6168d09b2d8a67617bec
Validity
Not Before: Jan 1 02:17:46 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5903491087be5e1315a95eaa1533c8a78ad59eac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:f6:3f:dc:43:f9:b9:87:07:d5:b0:6d:2f:
f5:79:1f:b4:4c:61:14:22:10:8d:87:ca:b6:09:40:
f7:eb:1a:9c:30:39:45:ac:e8:73:41:7c:1c:2f:0c:
ec:66:fd:79:33:3c:d6:37:30:8a:62:da:73:44:b0:
80:30:8b:b0:44:f6:f2:c9:58:e1:63:50:c1:a9:55:
f6:3b:01:28:c2:70:d1:22:78:ea:80:80:34:2e:69:
9f:20:06:3b:ef:9a:90:26:21:5d:29:53:ee:02:bb:
43:62:47:45:a0:d6:7d:95:ae:fa:05:9b:da:9f:8c:
c7:05:d3:c2:2b:fa:de:c1:89:cc:bc:42:04:b6:ed:
2a:30:69:f5:84:4b:57:a4:02:77:8a:4c:57:0f:97:
23:37:73:61:a6:c4:3d:f7:78:e0:56:2f:52:d5:69:
61:3d:68:71:b5:81:5e:53:63:dd:10:bf:1c:8a:93:
81:11:ca:e7:17:20:2a:d7:a8:3a:a7:6b:a0:2e:1f:
f2:45:cb:3b:60:62:80:10:98:f0:49:fd:12:16:c8:
cc:cd:4e:e7:4f:71:a3:b6:c8:e1:85:d0:ce:7a:74:
4d:10:13:ea:06:01:bf:7f:94:0d:cf:0b:aa:00:fc:
15:e6:43:76:f5:cb:e1:c6:19:de:d5:8e:3b:3c:21:
08:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:03:49:10:87:BE:5E:13:15:A9:5E:AA:15:33:C8:A7:8A:D5:9E:AC
X509v3 Authority Key Identifier:
keyid:A1:20:82:42:65:61:23:C0:C9:0B:61:68:D0:9B:2D:8A:67:61:7B:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oSCCQmVhI8DJC2Fo0Jstimdhe-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/bafc4f-d64c-4404-922b-adafaad27aea/1/WQNJEIe-XhMVqV6qFTPIp4rVnqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/bafc4f-d64c-4404-922b-adafaad27aea/1/oSCCQmVhI8DJC2Fo0Jstimdhe-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.223.208.0/22
Signature Algorithm: sha256WithRSAEncryption
77:b6:24:4f:72:2b:c5:77:8c:32:16:ed:f0:6f:d9:49:b5:1b:
fa:35:3c:f1:65:4c:61:9e:ae:11:f0:9a:44:da:73:b3:a0:6c:
6c:7c:42:bd:36:e7:9d:fa:65:2a:6f:fd:7c:d5:b5:fd:5a:1d:
36:67:2b:fb:e6:87:60:1c:be:1c:97:73:34:5d:21:a0:a8:a7:
c5:56:d5:74:3f:19:65:1b:0e:0e:32:21:d8:6d:12:cc:6c:4f:
d5:d5:5a:05:d2:af:30:69:34:d7:8f:0d:da:c1:22:e3:45:65:
c9:5b:e1:75:c6:d9:49:6d:e0:d0:84:9e:8a:b1:2e:c2:e7:e6:
ad:e9:bd:16:28:d4:56:7c:0c:60:44:05:44:3c:8c:79:62:18:
89:a6:3c:b1:a5:48:a3:06:76:2a:13:cc:38:ae:1f:a7:52:75:
aa:c2:0a:0c:41:c0:dd:f0:ea:1c:2c:12:6c:09:42:66:0d:92:
d5:93:88:17:3c:b1:ae:52:24:71:9a:39:66:bb:f4:82:0b:a0:
0b:0e:fe:23:09:b3:df:a0:68:83:5b:a7:7d:1f:90:ab:8a:76:
a8:70:bb:29:8a:1d:be:25:50:2c:3e:b5:41:21:b7:85:77:4f:
af:4a:6f:69:6e:69:fe:52:fb:42:e7:64:37:6b:61:76:dd:97:
19:3b:69:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt3WMl+KTkKoCe+MLMTcq0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExMjA4MjQyNjU2MTIzYzBjOTBiNjE2OGQwOWIyZDhhNjc2
MTdiZWMwHhcNMjYwMTAxMDIxNzQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTAzNDkxMDg3YmU1ZTEzMTVhOTVlYWExNTMzYzhhNzhhZDU5ZWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueb2P9xD+bmHB9WwbS/1eR+0TGEU
IhCNh8q2CUD36xqcMDlFrOhzQXwcLwzsZv15MzzWNzCKYtpzRLCAMIuwRPbyyVjh
Y1DBqVX2OwEownDRInjqgIA0LmmfIAY775qQJiFdKVPuArtDYkdFoNZ9la76BZva
n4zHBdPCK/rewYnMvEIEtu0qMGn1hEtXpAJ3ikxXD5cjN3NhpsQ993jgVi9S1Wlh
PWhxtYFeU2PdEL8cipOBEcrnFyAq16g6p2ugLh/yRcs7YGKAEJjwSf0SFsjMzU7n
T3GjtsjhhdDOenRNEBPqBgG/f5QNzwuqAPwV5kN29cvhxhne1Y47PCEIAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFkDSRCHvl4TFaleqhUzyKeK1Z6sMB8GA1UdIwQY
MBaAFKEggkJlYSPAyQthaNCbLYpnYXvsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1NDQ1FtVmhJOERKQzJGbzBKc3RpbWRoZS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9iYWZjNGYtZDY0Yy00NDA0LTkyMmIt
YWRhZmFhZDI3YWVhLzEvV1FOSkVJZS1YaE1WcVY2cUZUUElwNHJWbnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9iYWZjNGYtZDY0Yy00NDA0LTkyMmItYWRhZmFhZDI3YWVh
LzEvb1NDQ1FtVmhJOERKQzJGbzBKc3RpbWRoZS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCud/QMA0G
CSqGSIb3DQEBCwUAA4IBAQB3tiRPcivFd4wyFu3wb9lJtRv6NTzxZUxhnq4R8JpE
2nOzoGxsfEK9Nued+mUqb/181bX9Wh02Zyv75odgHL4cl3M0XSGgqKfFVtV0Pxll
Gw4OMiHYbRLMbE/V1VoF0q8waTTXjw3awSLjRWXJW+F1xtlJbeDQhJ6KsS7C5+at
6b0WKNRWfAxgRAVEPIx5YhiJpjyxpUijBnYqE8w4rh+nUnWqwgoMQcDd8OocLBJs
CUJmDZLVk4gXPLGuUiRxmjlmu/SCC6ALDv4jCbPfoGiDW6d9H5CrinaocLspih2+
JVAsPrVBIbeFd0+vSm9pbmn+UvtC52Q3a2F23ZcZO2mQ
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:36 2026 by rpki-client