Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/d7dee6-c743-42d7-9060-dc776254cbf6/1/8lFWGF465SI9EEUcZ0kFtOpHpXA.roa
File: 8lFWGF465SI9EEUcZ0kFtOpHpXA.roa (raw, json)
Hash identifier: FNFJ1qLfScKFcn36nv9y/uZRLBnvhGvzp/XgDgxN1Ek=
Subject key identifier: F2:51:56:18:5E:3A:E5:22:3D:10:45:1C:67:49:05:B4:EA:47:A5:70
Certificate issuer: /CN=166a986698005d57e7b92f7a38d219bbb80fe1ff
Certificate serial: 019B78A22057DD3CA5310DECEEE67BF6E994
Authority key identifier: 16:6A:98:66:98:00:5D:57:E7:B9:2F:7A:38:D2:19:BB:B8:0F:E1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FmqYZpgAXVfnuS96ONIZu7gP4f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/d7dee6-c743-42d7-9060-dc776254cbf6/1/8lFWGF465SI9EEUcZ0kFtOpHpXA.roa
Signing time: Thu 01 Jan 2026 08:17:29 +0000
ROA not before: Thu 01 Jan 2026 08:17:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35574
IP address blocks: 194.187.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:20:57:dd:3c:a5:31:0d:ec:ee:e6:7b:f6:e9:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166a986698005d57e7b92f7a38d219bbb80fe1ff
Validity
Not Before: Jan 1 08:17:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f25156185e3ae5223d10451c674905b4ea47a570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:99:c2:55:49:87:62:2b:34:90:95:15:0b:1c:
1b:67:9a:21:ed:9a:04:d2:c3:08:eb:a5:2f:5c:86:
14:86:61:bf:80:cb:06:37:9b:51:62:f9:d8:a2:52:
eb:01:63:2d:71:60:8c:f1:4c:f7:84:78:f0:53:43:
59:0e:67:2a:5d:bf:13:45:87:4f:e9:8c:15:bf:e8:
eb:97:0a:ad:89:3d:bd:9c:64:c5:55:6d:52:2c:26:
d8:bf:f8:d8:f5:b8:7d:98:7e:e6:b5:03:89:ad:8a:
c5:30:0c:19:05:68:23:8b:33:1d:73:06:bd:4a:ea:
c2:64:dd:9e:a9:c6:9c:60:1a:b2:3b:b2:0a:d4:cc:
eb:5f:91:1d:5e:ff:0d:af:28:ba:8f:80:8a:e3:f7:
2d:2c:98:8d:8a:51:2c:14:ae:72:0a:7c:3a:d1:73:
95:b0:04:90:0a:63:ad:06:42:98:f5:38:8f:3b:75:
77:b8:8c:67:71:49:bf:33:54:eb:e8:36:43:be:3c:
20:bf:06:e7:da:fb:67:84:ea:1b:6d:3c:0b:6f:2b:
31:78:e2:78:83:05:7d:a2:df:75:3a:50:af:ff:71:
41:94:b0:ef:f7:bf:d1:28:5a:cd:27:ac:7c:19:93:
f8:f6:6b:39:9d:ac:28:b5:5d:ff:37:1f:0c:2a:3b:
2e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:51:56:18:5E:3A:E5:22:3D:10:45:1C:67:49:05:B4:EA:47:A5:70
X509v3 Authority Key Identifier:
keyid:16:6A:98:66:98:00:5D:57:E7:B9:2F:7A:38:D2:19:BB:B8:0F:E1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FmqYZpgAXVfnuS96ONIZu7gP4f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d7dee6-c743-42d7-9060-dc776254cbf6/1/8lFWGF465SI9EEUcZ0kFtOpHpXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/d7dee6-c743-42d7-9060-dc776254cbf6/1/FmqYZpgAXVfnuS96ONIZu7gP4f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.172.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:e5:e7:96:6d:c8:0a:17:a4:b4:a7:6e:87:a3:be:96:dc:a0:
71:62:2c:9b:ff:b6:fb:6b:13:d2:02:b4:c8:20:02:36:76:b1:
92:f0:7a:3a:b7:25:5f:b4:d2:13:0a:e0:92:99:33:01:27:66:
45:f9:32:c0:ae:74:78:41:bc:90:7c:07:c5:e3:ea:7b:61:1b:
70:8c:23:5d:1a:b4:f7:48:3c:ab:e7:aa:01:a2:68:57:08:96:
f3:88:90:f0:2e:ba:b7:d2:f2:74:74:8f:10:8d:b0:1d:83:54:
bc:06:82:12:4d:fa:97:8f:b0:f5:dd:1f:0d:7f:1d:43:84:15:
fd:1c:25:49:fe:3d:7c:7f:6e:c6:8e:a0:1d:8b:23:ed:80:e2:
24:1f:61:50:f7:f9:4b:5f:74:f5:c0:e5:0f:34:65:c1:b5:77:
47:25:75:af:c5:11:ca:0d:28:69:ab:fc:5e:72:5a:14:9e:a6:
e6:09:6d:72:af:72:4c:1c:0a:ad:d1:d1:ca:65:72:94:62:54:
05:b7:f6:0a:f2:a2:cd:17:e1:7c:33:d2:bb:34:eb:6a:08:10:
50:15:ef:86:93:46:a9:75:e7:c5:b3:95:c6:0d:bd:e2:5e:ef:
cf:ea:ca:52:3a:60:bc:f7:bd:3b:cc:a4:1e:de:78:52:85:ad:
5c:14:4b:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt4oiBX3TylMQ3s7uZ79umUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2NmE5ODY2OTgwMDVkNTdlN2I5MmY3YTM4ZDIxOWJiYjgw
ZmUxZmYwHhcNMjYwMTAxMDgxNzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjUxNTYxODVlM2FlNTIyM2QxMDQ1MWM2NzQ5MDViNGVhNDdhNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpnCVUmHYis0kJUVCxwbZ5oh7ZoE
0sMI66UvXIYUhmG/gMsGN5tRYvnYolLrAWMtcWCM8Uz3hHjwU0NZDmcqXb8TRYdP
6YwVv+jrlwqtiT29nGTFVW1SLCbYv/jY9bh9mH7mtQOJrYrFMAwZBWgjizMdcwa9
SurCZN2eqcacYBqyO7IK1MzrX5EdXv8Nryi6j4CK4/ctLJiNilEsFK5yCnw60XOV
sASQCmOtBkKY9TiPO3V3uIxncUm/M1Tr6DZDvjwgvwbn2vtnhOobbTwLbysxeOJ4
gwV9ot91OlCv/3FBlLDv97/RKFrNJ6x8GZP49ms5nawotV3/Nx8MKjsuOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPJRVhheOuUiPRBFHGdJBbTqR6VwMB8GA1UdIwQY
MBaAFBZqmGaYAF1X57kvejjSGbu4D+H/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRm1xWVpwZ0FYVmZudVM5Nk9OSVp1N2dQNGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9kN2RlZTYtYzc0My00MmQ3LTkwNjAt
ZGM3NzYyNTRjYmY2LzEvOGxGV0dGNDY1U0k5RUVVY1owa0Z0T3BIcFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9kN2RlZTYtYzc0My00MmQ3LTkwNjAtZGM3NzYyNTRjYmY2
LzEvRm1xWVpwZ0FYVmZudVM5Nk9OSVp1N2dQNGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrusMA0G
CSqGSIb3DQEBCwUAA4IBAQAc5eeWbcgKF6S0p26Ho76W3KBxYiyb/7b7axPSArTI
IAI2drGS8Ho6tyVftNITCuCSmTMBJ2ZF+TLArnR4QbyQfAfF4+p7YRtwjCNdGrT3
SDyr56oBomhXCJbziJDwLrq30vJ0dI8QjbAdg1S8BoISTfqXj7D13R8Nfx1DhBX9
HCVJ/j18f27GjqAdiyPtgOIkH2FQ9/lLX3T1wOUPNGXBtXdHJXWvxRHKDShpq/xe
cloUnqbmCW1yr3JMHAqt0dHKZXKUYlQFt/YK8qLNF+F8M9K7NOtqCBBQFe+Gk0ap
defFs5XGDb3iXu/P6spSOmC89707zKQe3nhSha1cFEs7
-----END CERTIFICATE-----
Generated at Fri Mar 13 04:52:37 2026 by rpki-client