Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3135332e302f32342d3234203d3e20323038313631.roa
File: 38372e3234382e3135332e302f32342d3234203d3e20323038313631.roa (raw, json)
Hash identifier: 59ppOxSKkhCNtnzp5ZBAk9tOFO6QCJvUjh5465sq290=
Subject key identifier: 13:AD:D9:67:29:D8:01:69:E2:81:B2:2B:6D:A8:7D:94:E0:4B:93:CF
Certificate issuer: /CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Certificate serial: 25F348E73C6775AB965F3BE5EEF860A469442B9E
Authority key identifier: 0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3135332e302f32342d3234203d3e20323038313631.roa
Signing time: Mon 07 Jul 2025 14:12:46 +0000
ROA not before: Mon 07 Jul 2025 14:07:46 +0000
ROA not after: Mon 06 Jul 2026 14:12:46 +0000
asID: 208161
IP address blocks: 87.248.153.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:f3:48:e7:3c:67:75:ab:96:5f:3b:e5:ee:f8:60:a4:69:44:2b:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b832d69bec9266b0e83cc7182595cbe2671c483
Validity
Not Before: Jul 7 14:07:46 2025 GMT
Not After : Jul 6 14:12:46 2026 GMT
Subject: CN=13ADD96729D80169E281B22B6DA87D94E04B93CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b9:d8:90:db:ab:16:3c:d2:53:88:ce:ed:54:
56:f6:a0:76:a8:34:16:ae:ec:43:dc:53:51:e2:e1:
34:6b:51:9c:4a:c3:bd:51:02:57:69:94:59:5e:95:
59:37:de:ec:5a:37:5b:50:01:4d:02:8f:24:84:67:
40:e1:53:18:35:1c:6f:f5:7a:86:9d:6b:dd:52:f5:
0f:54:2e:57:dd:c7:4f:4e:b9:2a:be:b0:76:74:76:
3f:78:48:d4:47:73:c7:06:e3:0d:ed:6a:43:c5:43:
19:6a:f6:d8:e3:b6:31:18:39:fe:52:07:21:d2:a1:
4e:1e:5a:53:a7:f5:09:d6:93:f8:8d:da:b4:6d:4c:
60:65:ac:36:c9:57:6f:91:8c:68:da:7e:e5:2e:36:
e7:76:23:22:33:ab:c4:ff:31:21:06:a5:2b:20:99:
6b:1d:e3:00:51:15:bf:f8:13:05:59:99:f2:15:c7:
97:2c:3c:c6:81:16:1e:ae:bc:8e:d4:c7:aa:88:20:
ac:aa:91:2a:85:25:d2:74:ba:e2:79:e0:f0:8d:0c:
e9:59:f6:2e:cf:d7:68:59:ac:4e:a7:77:4c:7e:08:
45:5f:7e:5f:ac:a2:b7:4d:86:ac:1a:61:3e:85:88:
08:c4:9c:3d:19:57:41:58:12:c3:04:13:a9:7d:7e:
c1:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:AD:D9:67:29:D8:01:69:E2:81:B2:2B:6D:A8:7D:94:E0:4B:93:CF
X509v3 Authority Key Identifier:
keyid:0B:83:2D:69:BE:C9:26:6B:0E:83:CC:71:82:59:5C:BE:26:71:C4:83
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/0B832D69BEC9266B0E83CC7182595CBE2671C483.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4Mtab7JJmsOg8xxgllcviZxxIM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3cb89db2-798b-44f0-9c56-1067803111c0/0/38372e3234382e3135332e302f32342d3234203d3e20323038313631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.248.153.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:84:77:23:37:68:f1:9a:53:6f:e5:1c:23:64:91:d1:13:be:
86:9b:34:03:98:09:f5:a5:32:90:61:1e:7a:22:11:0d:e1:7e:
a2:32:6a:c0:72:03:33:99:5b:21:89:79:7e:87:75:8f:fd:db:
c2:5c:ed:8f:7e:fe:20:a2:fc:74:af:d4:ef:b9:96:27:8b:e4:
c0:88:92:d4:b5:2c:de:65:29:2a:03:72:52:0b:ae:a2:9d:73:
ac:d8:ae:4b:76:f9:c5:c9:d3:ed:bd:f1:25:7b:2a:f1:27:7c:
78:b1:70:57:60:84:7b:ba:14:c1:46:41:3f:36:bd:40:a9:c2:
49:6b:d1:fd:d4:53:86:b3:49:ad:af:60:b2:8a:fe:d4:4f:2a:
51:85:6c:68:12:74:ea:b9:01:21:a5:1a:72:c9:5f:c8:a9:23:
a8:cc:3d:78:f2:d1:4c:58:8e:16:30:ad:da:2b:d0:89:12:e4:
70:63:91:f7:01:9c:30:19:5b:84:f9:a7:d1:2c:15:a6:9e:02:
61:48:0a:d5:27:06:7f:28:b6:28:08:11:38:a7:b3:1f:e8:bd:
f6:fa:30:f0:0a:b5:b7:0b:bc:da:91:23:60:a4:ae:f7:ec:38:
8d:4e:1c:6b:fd:32:83:75:31:3b:b6:39:b2:7e:96:09:24:96:
d9:00:5f:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJfNI5zxndauWXzvl7vhgpGlEK54wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGI4MzJkNjliZWM5MjY2YjBlODNjYzcxODI1OTVjYmUy
NjcxYzQ4MzAeFw0yNTA3MDcxNDA3NDZaFw0yNjA3MDYxNDEyNDZaMDMxMTAvBgNV
BAMTKDEzQUREOTY3MjlEODAxNjlFMjgxQjIyQjZEQTg3RDk0RTA0QjkzQ0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdudiQ26sWPNJTiM7tVFb2oHao
NBau7EPcU1Hi4TRrUZxKw71RAldplFlelVk33uxaN1tQAU0CjySEZ0DhUxg1HG/1
eoada91S9Q9ULlfdx09OuSq+sHZ0dj94SNRHc8cG4w3takPFQxlq9tjjtjEYOf5S
ByHSoU4eWlOn9QnWk/iN2rRtTGBlrDbJV2+RjGjafuUuNud2IyIzq8T/MSEGpSsg
mWsd4wBRFb/4EwVZmfIVx5csPMaBFh6uvI7Ux6qIIKyqkSqFJdJ0uuJ54PCNDOlZ
9i7P12hZrE6nd0x+CEVffl+sordNhqwaYT6FiAjEnD0ZV0FYEsMEE6l9fsFTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUE63ZZynYAWnigbIrbah9lOBLk88wHwYDVR0j
BBgwFoAUC4Mtab7JJmsOg8xxgllcviZxxIMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2NiODlkYjItNzk4Yi00NGYwLTljNTYtMTA2NzgwMzEx
MWMwLzAvMEI4MzJENjlCRUM5MjY2QjBFODNDQzcxODI1OTVDQkUyNjcxQzQ4My5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0M0TXRhYjdKSm1zT2c4eHhnbGxjdmla
eHhJTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvM2NiODlkYjIt
Nzk4Yi00NGYwLTljNTYtMTA2NzgwMzExMWMwLzAvMzgzNzJlMzIzNDM4MmUzMTM1
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzMTM2MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABX+JkwDQYJKoZIhvcNAQELBQADggEBADqEdyM3aPGaU2/lHCNkkdETvoabNAOY
CfWlMpBhHnoiEQ3hfqIyasByAzOZWyGJeX6HdY/928Jc7Y9+/iCi/HSv1O+5lieL
5MCIktS1LN5lKSoDclILrqKdc6zYrkt2+cXJ0+298SV7KvEnfHixcFdghHu6FMFG
QT82vUCpwklr0f3UU4azSa2vYLKK/tRPKlGFbGgSdOq5ASGlGnLJX8ipI6jMPXjy
0UxYjhYwrdor0IkS5HBjkfcBnDAZW4T5p9EsFaaeAmFICtUnBn8otigIETinsx/o
vfb6MPAKtbcLvNqRI2CkrvfsOI1OHGv9MoN1MTu2ObJ+lgkkltkAX8o=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:59:21 2025 by rpki-client