Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3133362e302f32342d3234203d3e20343030303339.roa
File: 38372e3234382e3133362e302f32342d3234203d3e20343030303339.roa (raw, json)
Hash identifier: MUQL8Tjz/+mLDdRHOFOmC3ASCF35wkq8THYns8qrQfM=
Subject key identifier: 7E:2B:B9:14:EA:F1:C0:32:3F:50:96:44:B3:8D:EB:31:EA:1E:CD:E8
Certificate issuer: /CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Certificate serial: 53CEB16EF2D6C394CCBDA824F4444E5184B7390D
Authority key identifier: 0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3133362e302f32342d3234203d3e20343030303339.roa
Signing time: Mon 07 Jul 2025 14:13:00 +0000
ROA not before: Mon 07 Jul 2025 14:08:00 +0000
ROA not after: Mon 06 Jul 2026 14:13:00 +0000
asID: 400039
IP address blocks: 87.248.136.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:ce:b1:6e:f2:d6:c3:94:cc:bd:a8:24:f4:44:4e:51:84:b7:39:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Validity
Not Before: Jul 7 14:08:00 2025 GMT
Not After : Jul 6 14:13:00 2026 GMT
Subject: CN=7E2BB914EAF1C0323F509644B38DEB31EA1ECDE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:48:70:64:74:4b:14:49:df:e7:37:15:80:
b6:ac:da:b6:a2:8c:35:5c:83:0c:f3:55:27:79:58:
f3:8d:88:18:2d:6a:17:2d:20:11:27:43:3c:0b:64:
02:be:d8:ae:de:26:17:85:2c:fc:ff:0e:6b:60:59:
1f:82:90:81:9b:57:c7:2c:a5:f0:a1:6e:3b:17:86:
99:f8:88:6c:dd:f6:3e:7d:a8:da:a1:89:f6:92:04:
3a:3f:3f:6d:44:cb:98:94:90:8b:e5:a2:5c:cf:63:
f6:cf:aa:c5:02:ee:f3:38:57:3d:6f:8c:e3:8f:4e:
95:27:5e:9e:de:24:bd:f3:d5:4c:05:e4:29:4b:ef:
35:3e:75:80:9b:2b:ec:de:c9:d0:0c:91:57:5b:e1:
70:cc:67:06:d9:ce:ea:3a:bf:04:91:09:6d:c5:69:
c5:ff:87:b5:4d:70:7b:06:c8:93:00:f8:9d:87:29:
37:68:41:34:0f:03:71:e2:17:aa:05:25:69:c2:26:
03:31:fc:68:15:96:fc:72:d4:df:14:09:93:09:65:
7f:15:76:3b:0d:1a:54:f9:36:99:74:16:15:ea:a4:
a9:3d:61:86:80:b3:59:2d:ba:78:c6:0a:34:73:f6:
ad:dd:84:88:b5:67:9d:a4:bc:e5:d3:7c:1e:41:cf:
fb:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:2B:B9:14:EA:F1:C0:32:3F:50:96:44:B3:8D:EB:31:EA:1E:CD:E8
X509v3 Authority Key Identifier:
keyid:0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/0B832D69BEC9266B0E83CC7182595CBE2671C483.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3133362e302f32342d3234203d3e20343030303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.136.0/24
Signature Algorithm: sha256WithRSAEncryption
53:8d:43:cd:51:e4:bb:a1:6d:0f:c7:6c:dc:bc:50:c3:83:fe:
b2:51:e0:53:12:8b:3c:b5:b9:50:b8:26:76:20:15:08:0a:4f:
06:b1:ca:b2:be:92:25:f3:89:80:fb:58:dc:80:ce:57:54:c5:
76:32:3a:fe:d4:46:80:93:31:05:53:05:95:1b:b9:cd:ff:e6:
37:be:be:f1:26:bc:15:9c:6d:f5:38:3d:c8:68:ed:e7:22:b4:
dd:1b:14:97:ab:dd:f2:16:67:c3:2f:33:1b:81:65:50:c0:6a:
b1:82:c7:f8:a8:af:5d:b8:45:ea:6a:b2:44:05:30:18:59:55:
8f:18:a7:24:47:3e:32:77:27:36:16:e5:3e:b0:6d:0b:8c:16:
86:e7:8b:7e:ed:f7:3b:c1:a2:81:e7:a3:06:75:3b:4d:db:2d:
65:1d:9b:41:6b:58:4c:67:b9:84:2c:fe:fc:36:86:c6:7f:70:
ae:ca:c1:e2:32:33:7b:b3:c5:8c:4e:f5:f5:b5:87:c5:81:e0:
37:b9:6f:f7:3e:9e:f9:f4:3c:0f:76:1e:89:f8:05:01:72:ae:
02:d4:c2:a6:23:ab:a7:0e:30:46:6a:62:15:37:90:24:df:41:
b4:1e:68:87:5b:00:53:2b:ed:28:74:c2:27:4f:06:9d:48:ca:
e6:0f:c4:1d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUU86xbvLWw5TMvagk9EROUYS3OQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGI4MzJkNjliZWM5MjY2YjBlODNjYzcxODI1OTVjYmUy
NjcxYzQ4MzAeFw0yNTA3MDcxNDA4MDBaFw0yNjA3MDYxNDEzMDBaMDMxMTAvBgNV
BAMTKDdFMkJCOTE0RUFGMUMwMzIzRjUwOTY0NEIzOERFQjMxRUExRUNERTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHikhwZHRLFEnf5zcVgLas2rai
jDVcgwzzVSd5WPONiBgtahctIBEnQzwLZAK+2K7eJheFLPz/DmtgWR+CkIGbV8cs
pfChbjsXhpn4iGzd9j59qNqhifaSBDo/P21Ey5iUkIvlolzPY/bPqsUC7vM4Vz1v
jOOPTpUnXp7eJL3z1UwF5ClL7zU+dYCbK+zeydAMkVdb4XDMZwbZzuo6vwSRCW3F
acX/h7VNcHsGyJMA+J2HKTdoQTQPA3HiF6oFJWnCJgMx/GgVlvxy1N8UCZMJZX8V
djsNGlT5Npl0FhXqpKk9YYaAs1ktunjGCjRz9q3dhIi1Z52kvOXTfB5Bz/sdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUfiu5FOrxwDI/UJZEs43rMeoezegwHwYDVR0j
BBgwFoAUC4Mtab7JJmsOg8xxgllcviZxxIMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2NiODlkYjItNzk4Yi00NGYwLTljNTYtMTA2NzgwMzEx
MWMwLzAvMEI4MzJENjlCRUM5MjY2QjBFODNDQzcxODI1OTVDQkUyNjcxQzQ4My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0M0TXRhYjdKSm1zT2c4eHhnbGxjdmla
eHhJTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvM2NiODlkYjIt
Nzk4Yi00NGYwLTljNTYtMTA2NzgwMzExMWMwLzAvMzgzNzJlMzIzNDM4MmUzMTMz
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABX+IgwDQYJKoZIhvcNAQELBQADggEBAFONQ81R5LuhbQ/HbNy8UMOD/rJR4FMS
izy1uVC4JnYgFQgKTwaxyrK+kiXziYD7WNyAzldUxXYyOv7URoCTMQVTBZUbuc3/
5je+vvEmvBWcbfU4Pcho7ecitN0bFJer3fIWZ8MvMxuBZVDAarGCx/ior124Repq
skQFMBhZVY8YpyRHPjJ3JzYW5T6wbQuMFobni37t9zvBooHnowZ1O03bLWUdm0Fr
WExnuYQs/vw2hsZ/cK7KweIyM3uzxYxO9fW1h8WB4De5b/c+nvn0PA92Hon4BQFy
rgLUwqYjq6cOMEZqYhU3kCTfQbQeaIdbAFMr7Sh0widPBp1IyuYPxB0=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:54:14 2025 by rpki-client