Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030313a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030313a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: kHIAlasYfLmhCgfPyjx/n2S+lF0FLpQ7UtqDO+efJ+o=
Subject key identifier: AF:E3:B2:DE:36:28:E1:60:AD:88:93:36:84:9D:ED:C9:6A:94:E6:6A
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 42D77CEBE103D59687BEEA25793C3EC12CCCAC0C
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030313a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:18 +0000
ROA not before: Wed 05 Mar 2025 15:57:18 +0000
ROA not after: Wed 04 Mar 2026 16:02:18 +0000
asID: 215364
IP address blocks: 2a14:7581:1001::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:d7:7c:eb:e1:03:d5:96:87:be:ea:25:79:3c:3e:c1:2c:cc:ac:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:18 2025 GMT
Not After : Mar 4 16:02:18 2026 GMT
Subject: CN=AFE3B2DE3628E160AD889336849DEDC96A94E66A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:29:4d:0b:3a:de:f3:72:b3:99:da:69:78:5a:
8f:fc:3a:a7:bd:5a:be:63:83:ed:72:5f:4a:52:2b:
f1:9d:7d:b6:a4:74:40:53:22:cb:e1:c3:57:eb:e2:
d8:4e:c1:ed:a4:c0:f3:18:4c:5e:61:ad:56:ba:47:
37:29:2d:ae:ad:fc:f2:1d:88:13:b3:c9:e2:ff:cb:
da:28:ab:6e:89:7b:e4:3b:2b:b3:e3:23:db:ce:fc:
85:41:56:16:f8:f2:1a:31:93:9a:f3:0e:26:85:c9:
86:9a:5c:fe:b8:89:32:ec:2d:c9:df:3d:20:04:e8:
f3:a9:dd:9c:b4:66:ce:e1:e0:f5:5c:e1:51:5a:01:
81:38:46:28:1e:b4:2e:0d:16:ad:d4:ac:d9:17:1b:
73:49:3f:6f:04:80:00:37:b8:50:7e:cd:b5:43:c1:
c8:91:fc:b8:2d:c0:a7:68:9f:ef:bb:02:70:5a:05:
e0:22:5a:de:b9:50:91:0f:74:15:fe:fb:b9:b9:b1:
37:11:d9:94:2d:3e:97:33:70:77:08:b9:dd:98:af:
7b:d3:c8:ea:05:d6:36:31:ca:23:c8:66:9c:e0:d3:
e8:86:72:7d:4d:6d:c0:aa:b4:47:60:1e:cc:ad:bd:
3a:05:4f:2f:64:fb:95:14:46:ab:e7:8c:b9:ce:12:
33:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E3:B2:DE:36:28:E1:60:AD:88:93:36:84:9D:ED:C9:6A:94:E6:6A
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030313a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1001::/48
Signature Algorithm: sha256WithRSAEncryption
45:14:24:0c:27:9c:9b:97:f4:b5:be:06:3b:88:f0:70:95:4b:
6a:4c:c7:97:c5:df:6e:59:ab:75:52:35:cc:9f:61:e1:c9:cc:
2f:2f:76:06:17:a0:f1:f0:35:29:2a:12:6e:e0:e4:f1:10:c1:
f8:0f:79:3c:c9:1a:51:3c:72:b3:cd:07:cb:46:6b:a7:f0:37:
b8:be:42:c3:7f:f8:36:70:02:05:45:c8:8d:84:4a:ef:10:e8:
ae:0b:7c:57:09:15:64:0d:5f:ee:32:84:8c:f7:50:ce:d2:f2:
b5:a4:f8:cc:e2:8c:92:59:21:dd:9e:d5:2e:70:6c:cf:26:77:
84:6d:74:25:12:33:ad:6a:c4:6d:ea:a5:e0:b6:01:f6:a9:61:
28:47:e4:6a:42:1e:6c:77:eb:48:9d:9f:f5:80:88:3f:ee:e0:
27:bf:46:57:e8:d7:70:a1:f6:cf:d9:49:b3:cf:ce:17:e9:b8:
d8:c2:16:0c:36:2f:47:27:9e:9e:6c:0d:e4:90:68:43:5e:cb:
0f:b8:36:04:1d:b5:1d:fa:f5:7e:1c:8a:e2:10:fa:1c:75:2b:
dd:38:0f:29:5e:90:ff:d7:11:a6:29:85:ed:ff:43:94:62:70:
23:4f:68:3e:3d:a9:aa:88:2d:7f:48:40:c1:63:cd:c2:7a:fb:
bb:24:8f:89
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUQtd86+ED1ZaHvuoleTw+wSzMrAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MThaFw0yNjAzMDQxNjAyMThaMDMxMTAvBgNV
BAMTKEFGRTNCMkRFMzYyOEUxNjBBRDg4OTMzNjg0OURFREM5NkE5NEU2NkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRKU0LOt7zcrOZ2ml4Wo/8Oqe9
Wr5jg+1yX0pSK/GdfbakdEBTIsvhw1fr4thOwe2kwPMYTF5hrVa6RzcpLa6t/PId
iBOzyeL/y9ooq26Je+Q7K7PjI9vO/IVBVhb48hoxk5rzDiaFyYaaXP64iTLsLcnf
PSAE6POp3Zy0Zs7h4PVc4VFaAYE4RigetC4NFq3UrNkXG3NJP28EgAA3uFB+zbVD
wciR/LgtwKdon++7AnBaBeAiWt65UJEPdBX++7m5sTcR2ZQtPpczcHcIud2Yr3vT
yOoF1jYxyiPIZpzg0+iGcn1NbcCqtEdgHsytvToFTy9k+5UURqvnjLnOEjM7AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUr+Oy3jYo4WCtiJM2hJ3tyWqU5mowHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRABMA0GCSqGSIb3DQEBCwUAA4IBAQBF
FCQMJ5ybl/S1vgY7iPBwlUtqTMeXxd9uWat1UjXMn2HhycwvL3YGF6Dx8DUpKhJu
4OTxEMH4D3k8yRpRPHKzzQfLRmun8De4vkLDf/g2cAIFRciNhErvEOiuC3xXCRVk
DV/uMoSM91DO0vK1pPjM4oySWSHdntUucGzPJneEbXQlEjOtasRt6qXgtgH2qWEo
R+RqQh5sd+tInZ/1gIg/7uAnv0ZX6NdwofbP2Umzz84X6bjYwhYMNi9HJ56ebA3k
kGhDXssPuDYEHbUd+vV+HIriEPocdSvdOA8pXpD/1xGmKYXt/0OUYnAjT2g+Pamq
iC1/SEDBY83Cevu7JI+J
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:31:11 2025 by rpki-client