Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030333a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030333a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: 5GpojzizKt2bZ5refnbD+zMiFRRNOw/yzNlbrl849C4=
Subject key identifier: 1E:DC:AA:96:86:38:EE:98:6C:41:FF:8D:51:09:F8:D8:73:54:E1:E1
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 2CB904418D374AD334560D0EFA03283A443D3866
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030333a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:18 +0000
ROA not before: Wed 05 Mar 2025 15:57:18 +0000
ROA not after: Wed 04 Mar 2026 16:02:18 +0000
asID: 215364
IP address blocks: 2a14:7581:1003::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:b9:04:41:8d:37:4a:d3:34:56:0d:0e:fa:03:28:3a:44:3d:38:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:18 2025 GMT
Not After : Mar 4 16:02:18 2026 GMT
Subject: CN=1EDCAA968638EE986C41FF8D5109F8D87354E1E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9c:4c:47:26:e0:76:eb:68:57:67:04:1d:ab:
81:d2:e0:21:75:a3:7e:e1:98:76:3d:98:77:69:81:
1a:4c:79:31:d3:3a:7d:30:b3:05:d9:f1:89:cd:e4:
02:91:b6:cc:ec:c0:69:ab:e1:08:91:dc:a1:60:97:
16:34:15:13:e3:84:4a:19:92:3e:cb:68:51:af:e0:
23:eb:85:cb:81:64:f5:99:0b:5e:96:ba:69:81:ca:
c3:d3:9c:e2:68:90:56:06:cd:7b:65:4d:bf:a7:1c:
a7:57:3b:45:e1:ae:6d:bd:d8:53:e0:3a:1e:1b:aa:
43:d0:73:51:58:8d:45:69:b7:53:59:02:40:be:d2:
1d:bd:41:44:0e:9b:67:62:1f:6d:6e:43:14:eb:22:
00:9d:d8:11:b8:d7:6c:ae:60:58:39:b6:9b:82:41:
52:93:a7:c2:41:77:a5:30:91:50:b4:18:0c:e2:39:
34:7b:98:1c:5c:ba:6d:b8:26:87:cb:c1:a2:6c:88:
8c:ca:69:8c:bb:60:4b:a6:4f:c2:ad:63:7b:cc:79:
c5:76:a3:17:8e:a0:5c:ae:18:af:49:fc:8e:ef:3b:
79:36:bf:f7:55:6e:9c:be:37:da:4a:3b:31:33:89:
c3:ad:ec:55:62:d3:e1:d5:b5:9b:53:b7:1c:13:28:
b1:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:DC:AA:96:86:38:EE:98:6C:41:FF:8D:51:09:F8:D8:73:54:E1:E1
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030333a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1003::/48
Signature Algorithm: sha256WithRSAEncryption
10:ec:c6:da:c8:8e:d2:c7:0f:1e:f1:57:56:40:17:a8:75:fc:
ec:58:36:3d:35:cb:52:02:de:23:b1:fe:73:dc:c2:cf:0a:54:
aa:44:6a:32:3d:f4:bb:37:ed:35:4f:fa:7a:63:74:6c:7f:6b:
90:69:da:a8:d6:41:cc:a3:15:9e:e6:8f:2c:5a:78:74:d6:66:
d9:0b:5a:5f:fc:70:bd:0e:b2:70:92:3b:85:ea:30:c5:b6:20:
79:3b:57:63:85:03:dd:91:02:59:5e:ad:9a:d8:e4:d0:8a:b3:
33:2b:79:2f:f7:fe:ab:56:69:45:3f:84:3b:66:68:da:20:9c:
9b:0a:25:8b:d6:e6:98:60:74:76:d8:cd:94:ef:67:d9:42:ff:
c9:da:b6:52:e8:16:d6:a0:2e:42:f1:48:49:c1:07:8c:6c:2b:
e5:41:38:52:36:f6:a2:f6:b7:67:ae:23:6e:c5:24:61:ed:14:
2d:6e:81:02:e7:83:fe:8d:47:94:3b:f3:1a:96:d9:09:2c:cf:
f7:d7:90:42:42:c1:a9:ce:c9:f2:d3:4b:e6:fb:8b:6f:c0:a1:
7f:c6:f5:35:bc:ae:67:30:da:42:24:42:cc:12:88:40:12:ef:
a7:c9:ad:9d:9b:36:4a:83:3e:b4:6b:f1:84:a8:1d:ef:70:08:
19:14:b2:5c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIULLkEQY03StM0Vg0O+gMoOkQ9OGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MThaFw0yNjAzMDQxNjAyMThaMDMxMTAvBgNV
BAMTKDFFRENBQTk2ODYzOEVFOTg2QzQxRkY4RDUxMDlGOEQ4NzM1NEUxRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMnExHJuB262hXZwQdq4HS4CF1
o37hmHY9mHdpgRpMeTHTOn0wswXZ8YnN5AKRtszswGmr4QiR3KFglxY0FRPjhEoZ
kj7LaFGv4CPrhcuBZPWZC16WummBysPTnOJokFYGzXtlTb+nHKdXO0Xhrm292FPg
Oh4bqkPQc1FYjUVpt1NZAkC+0h29QUQOm2diH21uQxTrIgCd2BG412yuYFg5tpuC
QVKTp8JBd6UwkVC0GAziOTR7mBxcum24JofLwaJsiIzKaYy7YEumT8KtY3vMecV2
oxeOoFyuGK9J/I7vO3k2v/dVbpy+N9pKOzEzicOt7FVi0+HVtZtTtxwTKLG3AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUHtyqloY47phsQf+NUQn42HNU4eEwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRADMA0GCSqGSIb3DQEBCwUAA4IBAQAQ
7MbayI7Sxw8e8VdWQBeodfzsWDY9NctSAt4jsf5z3MLPClSqRGoyPfS7N+01T/p6
Y3Rsf2uQadqo1kHMoxWe5o8sWnh01mbZC1pf/HC9DrJwkjuF6jDFtiB5O1djhQPd
kQJZXq2a2OTQirMzK3kv9/6rVmlFP4Q7ZmjaIJybCiWL1uaYYHR22M2U72fZQv/J
2rZS6BbWoC5C8UhJwQeMbCvlQThSNvai9rdnriNuxSRh7RQtboEC54P+jUeUO/Ma
ltkJLM/315BCQsGpzsny00vm+4tvwKF/xvU1vK5nMNpCJELMEohAEu+nya2dmzZK
gz60a/GEqB3vcAgZFLJc
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:05 2025 by rpki-client