Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3134332e302f32342d3234203d3e203230343733.roa
File: 38372e3234382e3134332e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: b+ZI4fFpWwnBEQ7p/ikeKciO/a06cifsZLe9kMwQxno=
Subject key identifier: 0D:A1:C4:34:A8:A1:60:D6:BA:B9:C6:12:3E:07:68:A5:A6:A4:D7:CA
Certificate issuer: /CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Certificate serial: 44DA23B41C3DDBD41CF115EE5E46C039DBE0FF83
Authority key identifier: 0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3134332e302f32342d3234203d3e203230343733.roa
Signing time: Mon 07 Jul 2025 14:16:18 +0000
ROA not before: Mon 07 Jul 2025 14:11:18 +0000
ROA not after: Mon 06 Jul 2026 14:16:18 +0000
asID: 20473
IP address blocks: 87.248.143.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:da:23:b4:1c:3d:db:d4:1c:f1:15:ee:5e:46:c0:39:db:e0:ff:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Validity
Not Before: Jul 7 14:11:18 2025 GMT
Not After : Jul 6 14:16:18 2026 GMT
Subject: CN=0DA1C434A8A160D6BAB9C6123E0768A5A6A4D7CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:24:d3:48:53:98:b8:b1:44:19:81:61:8b:9a:
7d:b8:88:f6:60:d1:7e:37:89:3c:5b:57:d1:27:9a:
9d:64:89:b0:7f:37:3f:30:ba:b8:0f:d3:8c:c5:9a:
8e:db:cb:91:42:5e:dd:94:de:ab:8d:45:65:d4:40:
cb:01:c9:96:9b:83:f0:99:44:76:ac:d3:c5:5c:7e:
8d:73:b5:b1:a9:04:fb:97:c5:3f:cc:af:b6:bd:20:
28:23:e8:1f:f4:32:03:5a:64:44:74:f7:ac:77:c1:
b8:4b:df:19:6c:9c:82:41:23:4c:52:97:94:cd:b0:
c7:99:7f:fd:69:44:56:ec:1d:fd:7e:f9:a3:f2:4f:
cc:f2:ff:f6:eb:cf:a0:8e:84:2f:33:f9:7f:a1:34:
55:7c:98:7c:4b:2d:fc:d1:3f:ef:89:26:93:4a:01:
74:05:9b:2b:96:d7:71:37:d8:39:a2:5f:76:86:7a:
78:22:47:dd:1b:5d:e6:d3:d8:5a:1a:db:87:65:3c:
f2:01:54:2c:96:21:58:d4:8f:58:b3:86:87:65:21:
ab:2d:d5:a8:7a:9b:5f:7f:f8:5d:f7:ea:ff:90:31:
8e:50:c2:8a:1d:94:6d:54:ea:9f:0e:dd:a9:f4:e9:
f6:ba:00:e5:c5:4a:8d:79:77:8c:e4:a5:03:93:ce:
77:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:A1:C4:34:A8:A1:60:D6:BA:B9:C6:12:3E:07:68:A5:A6:A4:D7:CA
X509v3 Authority Key Identifier:
keyid:0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/0B832D69BEC9266B0E83CC7182595CBE2671C483.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3134332e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.143.0/24
Signature Algorithm: sha256WithRSAEncryption
68:b8:0b:02:fb:34:9a:81:d1:4e:f3:d7:16:93:56:68:86:5c:
7a:71:d7:90:23:be:a9:04:8d:06:fc:7a:bf:72:b0:a3:64:fd:
47:c1:53:1d:af:f8:87:57:22:77:8f:cd:3e:7a:b3:75:8e:b5:
50:11:51:d2:3f:b6:56:5b:73:fd:c4:26:e3:ac:e1:32:b7:fd:
e8:7e:3d:94:c9:3f:14:a2:51:63:a1:f2:fc:cf:27:33:63:11:
02:23:86:a1:35:d0:88:bd:34:29:77:29:51:5c:d9:f0:c7:4f:
b9:a8:3e:8b:12:1f:8f:5f:14:3a:92:55:4f:63:b6:ad:1b:ec:
83:13:d1:37:b5:a3:40:7f:8d:24:d8:da:39:8c:9e:84:7c:92:
c0:48:be:67:45:4b:59:24:8f:c4:eb:90:c3:41:d1:86:c7:b4:
28:74:72:68:74:ee:50:54:d8:79:d4:92:83:db:74:b1:66:0d:
ad:1a:b1:50:c8:3a:6a:24:a8:b3:b6:ff:f1:8d:38:7c:d0:61:
2a:84:70:30:5f:45:63:e2:5f:34:97:0c:69:0d:36:d5:9b:66:
94:37:ec:b9:f8:28:d6:7a:8d:81:91:71:fb:4f:32:74:83:ec:
a1:4c:fd:2f:57:85:e6:5a:cf:bc:97:d8:2f:ab:d8:a1:db:75:
91:ce:52:95
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURNojtBw929Qc8RXuXkbAOdvg/4MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGI4MzJkNjliZWM5MjY2YjBlODNjYzcxODI1OTVjYmUy
NjcxYzQ4MzAeFw0yNTA3MDcxNDExMThaFw0yNjA3MDYxNDE2MThaMDMxMTAvBgNV
BAMTKDBEQTFDNDM0QThBMTYwRDZCQUI5QzYxMjNFMDc2OEE1QTZBNEQ3Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4JNNIU5i4sUQZgWGLmn24iPZg
0X43iTxbV9Enmp1kibB/Nz8wurgP04zFmo7by5FCXt2U3quNRWXUQMsByZabg/CZ
RHas08Vcfo1ztbGpBPuXxT/Mr7a9ICgj6B/0MgNaZER096x3wbhL3xlsnIJBI0xS
l5TNsMeZf/1pRFbsHf1++aPyT8zy//brz6COhC8z+X+hNFV8mHxLLfzRP++JJpNK
AXQFmyuW13E32DmiX3aGengiR90bXebT2Foa24dlPPIBVCyWIVjUj1izhodlIast
1ah6m19/+F336v+QMY5QwoodlG1U6p8O3an06fa6AOXFSo15d4zkpQOTzndVAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDaHENKihYNa6ucYSPgdopaak18owHwYDVR0j
BBgwFoAUC4Mtab7JJmsOg8xxgllcviZxxIMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2NiODlkYjItNzk4Yi00NGYwLTljNTYtMTA2NzgwMzEx
MWMwLzAvMEI4MzJENjlCRUM5MjY2QjBFODNDQzcxODI1OTVDQkUyNjcxQzQ4My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0M0TXRhYjdKSm1zT2c4eHhnbGxjdmla
eHhJTS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvM2NiODlkYjIt
Nzk4Yi00NGYwLTljNTYtMTA2NzgwMzExMWMwLzAvMzgzNzJlMzIzNDM4MmUzMTM0
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
V/iPMA0GCSqGSIb3DQEBCwUAA4IBAQBouAsC+zSagdFO89cWk1Zohlx6cdeQI76p
BI0G/Hq/crCjZP1HwVMdr/iHVyJ3j80+erN1jrVQEVHSP7ZWW3P9xCbjrOEyt/3o
fj2UyT8UolFjofL8zyczYxECI4ahNdCIvTQpdylRXNnwx0+5qD6LEh+PXxQ6klVP
Y7atG+yDE9E3taNAf40k2No5jJ6EfJLASL5nRUtZJI/E65DDQdGGx7QodHJodO5Q
VNh51JKD23SxZg2tGrFQyDpqJKiztv/xjTh80GEqhHAwX0Vj4l80lwxpDTbVm2aU
N+y5+CjWeo2BkXH7TzJ0g+yhTP0vV4XmWs+8l9gvq9ih23WRzlKV
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:59:27 2025 by rpki-client