Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030343a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030343a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: C7N+D22gCOgPQZZMtrTq7FWJtgzmuDQvpuSvIDs/4/0=
Subject key identifier: 7A:08:C4:09:F3:6E:D2:6A:B1:C5:C7:E5:81:54:B6:79:9A:BD:1F:B6
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 7B77708B149EECDD9793E89FABFEF448955EEA8D
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030343a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:17 +0000
ROA not before: Wed 05 Mar 2025 15:57:17 +0000
ROA not after: Wed 04 Mar 2026 16:02:17 +0000
asID: 215364
IP address blocks: 2a14:7581:1004::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:77:70:8b:14:9e:ec:dd:97:93:e8:9f:ab:fe:f4:48:95:5e:ea:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:17 2025 GMT
Not After : Mar 4 16:02:17 2026 GMT
Subject: CN=7A08C409F36ED26AB1C5C7E58154B6799ABD1FB6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:59:e5:22:5a:d7:6f:01:c2:e0:1c:a0:eb:9d:
0a:26:98:33:95:4a:25:4a:36:22:77:68:f0:5c:7a:
c8:80:55:15:1b:3b:84:93:94:c3:2f:12:53:29:42:
c8:71:94:86:20:7b:70:76:41:3b:64:84:2c:06:a5:
10:ec:17:b6:f0:8b:90:96:4d:24:ac:37:ca:58:16:
76:0d:69:4d:37:ff:80:83:c2:cd:61:45:2b:6c:98:
f0:0e:96:34:a5:8e:f4:8f:c0:3d:e4:79:74:15:40:
4d:f9:be:3a:dd:22:fe:fa:e2:ba:c3:63:2c:fb:67:
2e:03:8b:01:e7:10:ef:2f:64:54:8d:65:2d:e9:28:
23:57:1d:39:a1:68:a4:13:25:97:95:03:9a:ed:a9:
f1:f2:74:1d:8a:e1:1b:1a:9e:72:e5:e0:4b:bf:e1:
a9:18:df:10:8e:f8:9d:47:c8:66:81:f5:cf:70:3f:
59:4a:07:9c:85:10:1f:f9:f1:c3:30:e1:13:eb:7c:
dc:ab:04:95:bf:87:95:c8:0b:ff:8a:6c:9b:52:64:
42:e1:2e:3c:d8:d4:7b:54:e6:16:2d:6d:ee:b5:52:
a3:39:bb:94:11:c2:c2:c3:59:2e:cc:89:b0:61:50:
9f:af:07:d7:a0:1b:cb:44:d2:8c:59:98:27:9b:92:
44:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:08:C4:09:F3:6E:D2:6A:B1:C5:C7:E5:81:54:B6:79:9A:BD:1F:B6
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030343a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1004::/48
Signature Algorithm: sha256WithRSAEncryption
80:9e:b8:22:bb:9d:9c:2a:42:22:c9:da:4e:cc:7b:ab:a9:dc:
59:26:d2:5d:bc:fa:f2:50:72:60:06:d9:e5:38:f5:97:78:92:
49:0d:bb:d3:a3:96:48:f1:af:a4:d5:79:b5:c6:a9:e4:e6:52:
fe:3c:1d:cf:f7:74:e7:ff:f6:84:ca:d6:08:e3:1f:81:89:69:
d6:9c:01:4e:f6:23:d0:87:3d:bc:3b:96:f9:bb:2e:1c:ba:25:
77:65:08:c1:ea:2f:76:42:34:5d:32:cb:15:cd:70:81:df:03:
45:50:4f:e8:49:e9:db:00:fa:15:ab:39:67:16:5f:24:70:f4:
a0:8f:7b:f3:6c:c7:24:27:19:08:10:98:4a:5f:bf:e4:44:03:
3f:a0:8d:b2:fc:06:c5:ac:d8:2f:dd:68:99:cf:09:f3:31:73:
22:c5:9e:8d:4f:f1:21:15:a3:21:cd:8a:c8:65:56:29:21:7c:
87:29:ef:1e:24:7c:64:a3:db:d7:6b:96:c3:97:4e:60:2a:68:
88:c1:5f:d4:0d:e8:25:d6:1e:0a:3b:e0:29:64:3e:b0:5b:0c:
c5:59:bd:e5:c7:05:25:34:70:02:64:19:0c:e1:32:f5:fd:0c:
c1:07:b7:09:39:58:75:38:81:1b:01:68:99:51:0f:ac:4b:94:
c5:63:b0:48
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUe3dwixSe7N2Xk+ifq/70SJVe6o0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MTdaFw0yNjAzMDQxNjAyMTdaMDMxMTAvBgNV
BAMTKDdBMDhDNDA5RjM2RUQyNkFCMUM1QzdFNTgxNTRCNjc5OUFCRDFGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJWeUiWtdvAcLgHKDrnQommDOV
SiVKNiJ3aPBcesiAVRUbO4STlMMvElMpQshxlIYge3B2QTtkhCwGpRDsF7bwi5CW
TSSsN8pYFnYNaU03/4CDws1hRStsmPAOljSljvSPwD3keXQVQE35vjrdIv764rrD
Yyz7Zy4DiwHnEO8vZFSNZS3pKCNXHTmhaKQTJZeVA5rtqfHydB2K4RsannLl4Eu/
4akY3xCO+J1HyGaB9c9wP1lKB5yFEB/58cMw4RPrfNyrBJW/h5XIC/+KbJtSZELh
LjzY1HtU5hYtbe61UqM5u5QRwsLDWS7MibBhUJ+vB9egG8tE0oxZmCebkkQRAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUegjECfNu0mqxxcflgVS2eZq9H7YwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRAEMA0GCSqGSIb3DQEBCwUAA4IBAQCA
nrgiu52cKkIiydpOzHurqdxZJtJdvPryUHJgBtnlOPWXeJJJDbvTo5ZI8a+k1Xm1
xqnk5lL+PB3P93Tn//aEytYI4x+BiWnWnAFO9iPQhz28O5b5uy4cuiV3ZQjB6i92
QjRdMssVzXCB3wNFUE/oSenbAPoVqzlnFl8kcPSgj3vzbMckJxkIEJhKX7/kRAM/
oI2y/AbFrNgv3WiZzwnzMXMixZ6NT/EhFaMhzYrIZVYpIXyHKe8eJHxko9vXa5bD
l05gKmiIwV/UDegl1h4KO+ApZD6wWwzFWb3lxwUlNHACZBkM4TL1/QzBB7cJOVh1
OIEbAWiZUQ+sS5TFY7BI
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:19 2025 by rpki-client