Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030323a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030323a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: aXuAVjQaQziBnhdY9fO8ymOesNBhdJyp9kz20z9DnYk=
Subject key identifier: 8C:83:0B:D9:2D:48:42:8D:A9:0F:6E:73:69:49:F6:FE:FF:A0:F1:23
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 3381A12879589C1A8427AF29A665C226B75F6332
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030323a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 18:02:22 +0000
ROA not before: Wed 05 Mar 2025 17:57:22 +0000
ROA not after: Wed 04 Mar 2026 18:02:22 +0000
asID: 215364
IP address blocks: 2a14:7581:1002::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:81:a1:28:79:58:9c:1a:84:27:af:29:a6:65:c2:26:b7:5f:63:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 17:57:22 2025 GMT
Not After : Mar 4 18:02:22 2026 GMT
Subject: CN=8C830BD92D48428DA90F6E736949F6FEFFA0F123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e3:60:3c:70:4b:66:0e:e1:c8:e0:64:3e:3c:
c8:d0:6a:a2:cb:20:e7:c8:07:ae:39:69:da:8f:31:
e5:0c:0c:8f:f7:7e:2a:e8:49:25:f0:a2:ae:39:13:
99:03:66:ec:44:92:8c:8a:28:53:11:e4:ed:ea:d4:
62:5f:29:67:89:5a:ab:6c:7c:ea:18:89:0c:f6:c4:
eb:4f:cc:53:62:81:af:8a:17:ce:7b:e1:52:b9:93:
17:ae:8d:bb:11:05:7e:af:dc:ee:5d:f7:42:cf:98:
fb:28:92:17:b0:3d:44:64:0d:f1:c0:64:97:cb:13:
4e:6b:3e:82:6b:19:f4:52:8d:62:51:d8:2a:25:76:
4e:aa:d9:e1:52:a1:6e:8a:00:dc:91:f7:d4:07:dd:
db:d3:f9:d0:0c:12:ba:a8:09:17:3f:16:53:7e:98:
87:42:c6:11:22:47:05:7a:41:0c:74:4b:0b:9e:66:
c1:fb:f2:44:be:ce:56:7b:82:e3:9c:8a:02:55:eb:
70:ea:ae:9c:8d:93:96:b8:9e:23:0a:d8:6d:3b:58:
78:a9:02:2c:d1:f5:61:1e:58:58:dd:1c:83:3d:ec:
77:a5:2d:d4:fe:3e:05:36:ab:3b:10:f5:f5:0c:05:
87:00:6c:1a:5a:b2:e7:e3:18:81:64:5f:9b:89:e2:
8d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:83:0B:D9:2D:48:42:8D:A9:0F:6E:73:69:49:F6:FE:FF:A0:F1:23
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030323a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1002::/48
Signature Algorithm: sha256WithRSAEncryption
5e:f0:21:7a:49:23:da:05:be:15:e0:d5:be:03:71:29:54:63:
0b:e8:19:7e:c1:3a:44:79:eb:c4:93:51:ea:a7:5a:b4:74:a8:
36:11:be:3e:07:d9:45:0e:0d:ed:36:a6:68:b2:0d:bc:fd:44:
4b:5e:fc:9b:9f:0e:f4:a0:64:49:94:09:98:e3:c7:5f:78:8e:
c3:0c:e8:56:dc:8f:0a:ef:c0:3d:16:49:b4:61:99:5c:6e:e7:
54:ee:4d:75:27:b6:9d:5f:4e:41:76:a8:c2:68:fd:62:7e:29:
a6:fb:69:5e:f8:df:5d:6c:72:9f:e0:7a:2d:bd:82:52:f8:d4:
3f:9c:d4:93:45:a8:19:7e:80:58:bb:53:35:3e:ca:d2:67:21:
95:f8:93:2c:00:10:9d:f4:d5:60:0d:31:c3:01:6d:2b:ab:be:
6b:69:39:ba:13:65:a4:16:fa:1b:4f:59:90:a7:37:ee:a9:52:
8f:a7:70:8d:7f:97:9b:b6:85:13:ca:8f:8e:44:02:73:c2:a0:
ab:ce:e3:76:31:4d:67:f0:70:5a:e6:2a:bc:52:f2:b3:ee:ae:
52:f0:39:44:8b:b8:95:1a:57:9a:62:60:db:38:02:a0:c7:c5:
9e:1f:ff:a1:79:5e:f3:92:4d:5e:a2:6c:06:c8:99:a7:fb:6b:
0a:c7:1f:ad
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUM4GhKHlYnBqEJ68ppmXCJrdfYzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNzU3MjJaFw0yNjAzMDQxODAyMjJaMDMxMTAvBgNV
BAMTKDhDODMwQkQ5MkQ0ODQyOERBOTBGNkU3MzY5NDlGNkZFRkZBMEYxMjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC42A8cEtmDuHI4GQ+PMjQaqLL
IOfIB645adqPMeUMDI/3firoSSXwoq45E5kDZuxEkoyKKFMR5O3q1GJfKWeJWqts
fOoYiQz2xOtPzFNiga+KF8574VK5kxeujbsRBX6v3O5d90LPmPsokhewPURkDfHA
ZJfLE05rPoJrGfRSjWJR2Coldk6q2eFSoW6KANyR99QH3dvT+dAMErqoCRc/FlN+
mIdCxhEiRwV6QQx0SwueZsH78kS+zlZ7guOcigJV63DqrpyNk5a4niMK2G07WHip
AizR9WEeWFjdHIM97HelLdT+PgU2qzsQ9fUMBYcAbBpasufjGIFkX5uJ4o0hAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjIML2S1IQo2pD25zaUn2/v+g8SMwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRACMA0GCSqGSIb3DQEBCwUAA4IBAQBe
8CF6SSPaBb4V4NW+A3EpVGML6Bl+wTpEeevEk1Hqp1q0dKg2Eb4+B9lFDg3tNqZo
sg28/URLXvybnw70oGRJlAmY48dfeI7DDOhW3I8K78A9Fkm0YZlcbudU7k11J7ad
X05BdqjCaP1ifimm+2le+N9dbHKf4HotvYJS+NQ/nNSTRagZfoBYu1M1PsrSZyGV
+JMsABCd9NVgDTHDAW0rq75raTm6E2WkFvobT1mQpzfuqVKPp3CNf5ebtoUTyo+O
RAJzwqCrzuN2MU1n8HBa5iq8UvKz7q5S8DlEi7iVGleaYmDbOAKgx8WeH/+heV7z
kk1eomwGyJmn+2sKxx+t
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:39 2025 by rpki-client