Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030373a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030373a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: wqeE5nh7JbnsQnlIfSuErABB8uVketpTJgfWTfxeIvg=
Subject key identifier: D3:5A:83:E0:C2:15:8F:56:75:7D:9E:5A:82:EE:4D:E3:3B:08:60:3D
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 687D7F978CDDB264E42AD4C9BBD25BD36C084849
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030373a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:18 +0000
ROA not before: Wed 05 Mar 2025 15:57:18 +0000
ROA not after: Wed 04 Mar 2026 16:02:18 +0000
asID: 215364
IP address blocks: 2a14:7581:1007::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:7d:7f:97:8c:dd:b2:64:e4:2a:d4:c9:bb:d2:5b:d3:6c:08:48:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:18 2025 GMT
Not After : Mar 4 16:02:18 2026 GMT
Subject: CN=D35A83E0C2158F56757D9E5A82EE4DE33B08603D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:be:64:27:62:cc:32:aa:30:76:85:aa:ed:af:
d0:d5:49:78:a4:0f:a1:2d:ce:d6:f1:b7:bc:14:8c:
8e:e7:b0:d7:0c:ae:aa:4a:e1:54:6f:9d:06:a4:96:
7a:2b:cb:73:fa:44:4d:15:65:72:d8:d2:ec:2a:f4:
b4:48:3e:41:18:ff:98:24:64:18:98:2e:36:2a:77:
31:e5:57:08:2d:56:7c:b1:d8:22:da:54:df:be:13:
1e:c8:fa:63:0d:eb:fe:e8:3b:f1:19:b5:5f:1d:72:
65:d9:4a:00:5a:cb:56:6b:0a:d9:23:84:c0:32:e6:
f7:6a:af:a7:c6:f1:54:92:e7:da:48:fd:af:c2:f8:
d0:10:a6:6b:00:8b:75:fe:38:d1:f2:ce:11:56:77:
10:2b:7c:be:29:74:6d:fc:c3:ec:30:1a:7c:8f:02:
80:0d:74:40:ef:0c:3b:18:5d:f4:29:64:d8:e9:bb:
40:e5:b8:e7:1b:22:d4:83:76:64:94:a9:67:f2:7f:
9c:7a:bc:55:7c:fb:22:3e:e4:fd:77:2e:01:7f:ab:
12:1f:79:f7:45:72:01:fc:e5:de:48:0a:e2:c7:2c:
a5:8a:3a:cb:02:9c:73:30:d6:81:04:21:cc:cc:76:
23:99:28:f3:22:98:39:e7:2c:73:3d:b0:c6:a3:e1:
2d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5A:83:E0:C2:15:8F:56:75:7D:9E:5A:82:EE:4D:E3:3B:08:60:3D
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030373a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1007::/48
Signature Algorithm: sha256WithRSAEncryption
0e:e2:20:a5:69:58:58:f6:59:eb:e0:db:84:e8:66:34:aa:1b:
bb:3e:75:b5:42:39:de:4c:37:30:9f:fa:32:ae:95:03:36:2e:
d7:2f:c4:b8:06:03:eb:36:c2:a9:0b:5e:5d:b8:fd:4f:2f:1c:
af:c1:20:54:13:52:e1:02:ff:6e:d1:c3:11:74:2c:f5:a0:f4:
55:36:4e:a2:7d:5e:05:6a:10:86:1e:b2:d5:1d:71:79:f2:64:
68:08:c0:8a:65:81:d1:4d:b3:2d:5d:df:af:d1:fa:5f:79:78:
1c:01:a4:ce:95:8e:3f:f8:87:df:bd:ea:7a:0d:6f:72:50:15:
92:0e:db:88:b8:fe:22:6f:be:05:d3:74:e2:c5:0c:90:a4:3f:
7e:a9:a8:9d:ae:ab:e7:30:2d:5d:59:24:d2:13:66:ad:4d:52:
db:04:bf:00:79:21:bc:4e:0a:a9:60:34:a0:ee:55:6d:32:a9:
cb:66:5c:ad:32:04:b3:df:c2:b5:65:d5:35:84:15:c8:9c:28:
46:16:f0:9d:c9:85:d2:93:b9:18:20:ea:87:da:cc:c8:58:25:
03:1e:fc:15:b4:2f:1d:44:f5:2c:05:75:6e:dd:cc:72:6b:cd:
fc:22:d6:c2:da:e6:42:19:fe:62:74:9c:66:10:84:eb:e0:79:
61:db:9a:96
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUaH1/l4zdsmTkKtTJu9Jb02wISEkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MThaFw0yNjAzMDQxNjAyMThaMDMxMTAvBgNV
BAMTKEQzNUE4M0UwQzIxNThGNTY3NTdEOUU1QTgyRUU0REUzM0IwODYwM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGvmQnYswyqjB2hartr9DVSXik
D6Etztbxt7wUjI7nsNcMrqpK4VRvnQaklnory3P6RE0VZXLY0uwq9LRIPkEY/5gk
ZBiYLjYqdzHlVwgtVnyx2CLaVN++Ex7I+mMN6/7oO/EZtV8dcmXZSgBay1ZrCtkj
hMAy5vdqr6fG8VSS59pI/a/C+NAQpmsAi3X+ONHyzhFWdxArfL4pdG38w+wwGnyP
AoANdEDvDDsYXfQpZNjpu0DluOcbItSDdmSUqWfyf5x6vFV8+yI+5P13LgF/qxIf
efdFcgH85d5ICuLHLKWKOssCnHMw1oEEIczMdiOZKPMimDnnLHM9sMaj4S1bAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQU01qD4MIVj1Z1fZ5agu5N4zsIYD0wHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDM3M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRAHMA0GCSqGSIb3DQEBCwUAA4IBAQAO
4iClaVhY9lnr4NuE6GY0qhu7PnW1QjneTDcwn/oyrpUDNi7XL8S4BgPrNsKpC15d
uP1PLxyvwSBUE1LhAv9u0cMRdCz1oPRVNk6ifV4FahCGHrLVHXF58mRoCMCKZYHR
TbMtXd+v0fpfeXgcAaTOlY4/+Iffvep6DW9yUBWSDtuIuP4ib74F03TixQyQpD9+
qaidrqvnMC1dWSTSE2atTVLbBL8AeSG8TgqpYDSg7lVtMqnLZlytMgSz38K1ZdU1
hBXInChGFvCdyYXSk7kYIOqH2szIWCUDHvwVtC8dRPUsBXVu3cxya838ItbC2uZC
Gf5idJxmEITr4Hlh25qW
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:08 2025 by rpki-client