Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030383a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a313030383a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: NNqmnSlBiewKjjUv0IQFmsLoHs8dIOQnPfgO0+urSwI=
Subject key identifier: 3F:F7:B0:74:4D:7B:33:5E:66:D3:CD:B0:26:F3:2B:29:65:10:16:42
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 2BCA904C6FEC46F31D35DCA0B8B04CFD196730B2
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030383a3a2f34382d3438203d3e20323135333634.roa
Signing time: Wed 05 Mar 2025 16:02:17 +0000
ROA not before: Wed 05 Mar 2025 15:57:17 +0000
ROA not after: Wed 04 Mar 2026 16:02:17 +0000
asID: 215364
IP address blocks: 2a14:7581:1008::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ca:90:4c:6f:ec:46:f3:1d:35:dc:a0:b8:b0:4c:fd:19:67:30:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Mar 5 15:57:17 2025 GMT
Not After : Mar 4 16:02:17 2026 GMT
Subject: CN=3FF7B0744D7B335E66D3CDB026F32B2965101642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ea:ed:cf:27:b9:c6:8b:37:82:f9:45:97:33:
61:d2:91:1f:2b:28:c5:c2:cc:2b:8d:c6:6e:db:75:
e9:69:d1:a4:2d:cd:71:d7:77:a3:53:4b:a5:e3:68:
58:c2:9b:63:61:e3:9f:92:36:fa:22:91:a6:6f:c6:
a3:e1:87:70:7b:44:d8:db:38:74:e1:0f:e2:e0:a0:
c6:9d:5d:9b:17:4b:80:20:87:57:d0:fb:e9:94:f6:
f9:30:65:62:da:ed:0d:90:75:50:c3:b1:b5:f3:a6:
17:ad:7c:bf:1e:b0:f4:72:ac:60:e4:5b:7d:19:e8:
ea:1d:02:0e:ba:cd:d7:2a:c3:64:4c:99:e3:a5:c6:
3b:86:4c:83:2c:3e:33:26:36:dc:15:5a:a8:13:f3:
3e:8e:ee:20:69:71:9a:15:70:46:7d:bf:fb:04:0e:
ce:f5:e7:a4:39:64:5d:c9:c9:db:be:1d:2c:08:2b:
79:b3:96:4d:31:68:de:0f:3f:55:3e:04:b1:0c:ec:
97:2f:67:9f:8a:63:a0:a9:2a:02:f1:af:59:ca:23:
3b:70:02:a1:6f:f1:81:ab:db:7e:86:84:ff:c1:dd:
2b:5a:d3:f8:e4:8b:6c:9f:d0:ba:5a:3c:c0:3a:8c:
20:be:7c:15:03:8d:dd:e4:a7:44:ad:c5:81:bc:bd:
67:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:F7:B0:74:4D:7B:33:5E:66:D3:CD:B0:26:F3:2B:29:65:10:16:42
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a313030383a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1008::/48
Signature Algorithm: sha256WithRSAEncryption
24:1c:25:dd:7f:ef:59:85:12:58:7d:99:31:09:11:6c:76:64:
da:ce:c3:b9:be:77:0c:8d:b3:a8:c1:94:d0:a8:97:f7:2d:08:
9d:4c:9f:13:24:58:27:68:ea:62:e8:31:1a:fe:43:b9:73:d0:
b9:e7:c3:26:30:4b:92:7c:d2:2c:fb:ec:58:c8:cc:01:c9:f4:
aa:f7:8e:68:d6:f7:c6:c6:5a:cc:ba:7c:d9:bb:f8:b2:cd:97:
54:68:36:02:f5:e9:a7:f7:01:c7:43:79:42:be:4f:7c:71:8b:
6f:f5:e5:c5:29:16:b7:ce:71:cd:8b:50:fd:cc:65:0d:79:43:
05:06:4b:bf:e1:9a:10:b5:da:2f:07:44:25:e9:f4:2a:6e:24:
7d:33:7d:90:a8:48:f2:10:6c:bf:e3:17:44:ac:3d:fc:7b:85:
5e:09:9c:db:7d:52:57:3c:24:10:e8:f8:7e:b6:08:ed:2a:cf:
fb:34:6b:d2:8f:3e:d0:e4:76:5d:75:ed:db:6f:ee:d5:ea:fb:
c6:74:ed:4f:a6:9e:38:07:92:80:76:21:65:fc:e1:1e:e0:0b:
e3:b8:83:f1:bf:1d:a2:4c:c0:39:6b:b7:cb:c1:1a:2a:cc:72:
4c:b0:e3:d6:99:30:c5:9a:c9:ac:fa:59:e8:69:23:cc:a7:c2:
ef:b6:a6:46
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUK8qQTG/sRvMdNdyguLBM/RlnMLIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAzMDUxNTU3MTdaFw0yNjAzMDQxNjAyMTdaMDMxMTAvBgNV
BAMTKDNGRjdCMDc0NEQ3QjMzNUU2NkQzQ0RCMDI2RjMyQjI5NjUxMDE2NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj6u3PJ7nGizeC+UWXM2HSkR8r
KMXCzCuNxm7bdelp0aQtzXHXd6NTS6XjaFjCm2Nh45+SNvoikaZvxqPhh3B7RNjb
OHThD+LgoMadXZsXS4Agh1fQ++mU9vkwZWLa7Q2QdVDDsbXzphetfL8esPRyrGDk
W30Z6OodAg66zdcqw2RMmeOlxjuGTIMsPjMmNtwVWqgT8z6O7iBpcZoVcEZ9v/sE
Ds7156Q5ZF3Jydu+HSwIK3mzlk0xaN4PP1U+BLEM7JcvZ5+KY6CpKgLxr1nKIztw
AqFv8YGr236GhP/B3Sta0/jki2yf0LpaPMA6jCC+fBUDjd3kp0StxYG8vWd7AgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUP/ewdE17M15m082wJvMrKWUQFkIwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gRAIMA0GCSqGSIb3DQEBCwUAA4IBAQAk
HCXdf+9ZhRJYfZkxCRFsdmTazsO5vncMjbOowZTQqJf3LQidTJ8TJFgnaOpi6DEa
/kO5c9C558MmMEuSfNIs++xYyMwByfSq945o1vfGxlrMunzZu/iyzZdUaDYC9emn
9wHHQ3lCvk98cYtv9eXFKRa3znHNi1D9zGUNeUMFBku/4ZoQtdovB0Ql6fQqbiR9
M32QqEjyEGy/4xdErD38e4VeCZzbfVJXPCQQ6Ph+tgjtKs/7NGvSjz7Q5HZdde3b
b+7V6vvGdO1Ppp44B5KAdiFl/OEe4AvjuIPxvx2iTMA5a7fLwRoqzHJMsOPWmTDF
msms+lnoaSPMp8LvtqZG
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:19 2025 by rpki-client