Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130303a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3130303a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: YvR2SDP7uSvYC3zyro7QC1DT4Tvc3lOUFtDv7iTN08w=
Subject key identifier: 48:35:D3:65:ED:23:6B:B1:1F:75:3C:10:FA:C2:D8:5A:B1:39:6E:00
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 0E33CBC24093CB3480683FB5415A6A999A2C66C8
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130303a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 04 Feb 2025 15:01:55 +0000
ROA not before: Tue 04 Feb 2025 14:56:55 +0000
ROA not after: Tue 03 Feb 2026 15:01:55 +0000
asID: 216324
IP address blocks: 2a14:7581:100::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:33:cb:c2:40:93:cb:34:80:68:3f:b5:41:5a:6a:99:9a:2c:66:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Feb 4 14:56:55 2025 GMT
Not After : Feb 3 15:01:55 2026 GMT
Subject: CN=4835D365ED236BB11F753C10FAC2D85AB1396E00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3f:c0:38:69:06:83:4a:9d:51:a5:75:0b:b5:
57:c3:d0:cb:c0:a1:7f:cf:4c:40:72:ba:0d:2c:7e:
c1:7e:1e:5d:a8:ee:1b:97:49:0f:71:1b:9a:89:43:
80:e8:4d:f1:ea:3e:7c:64:12:19:e1:1d:37:e7:60:
27:b6:f6:fc:a1:89:b4:f6:b8:7c:dc:be:f1:46:be:
76:d2:77:44:ea:f8:ad:47:af:6c:af:84:88:c1:da:
07:25:d0:3d:8a:0e:ae:30:86:21:a0:9a:9d:82:9b:
16:a4:84:77:f1:bc:f4:ce:4c:f3:37:c5:69:b7:59:
34:4f:07:ed:98:dc:3a:6a:56:30:19:39:8c:86:95:
fb:ef:f4:70:22:bf:81:ba:26:e8:b7:61:b7:27:f5:
f4:7a:69:4a:3d:64:e7:f6:eb:3c:d8:5f:5c:3e:07:
0d:65:ba:cc:af:13:ee:cf:d5:d4:83:e9:ee:f2:95:
4f:bb:92:d7:7f:81:83:a8:49:fd:80:0f:6e:04:ed:
2e:86:45:bf:ef:21:f3:41:87:c8:c6:ac:f1:e6:61:
de:d1:45:4e:23:41:ab:dc:6a:6e:83:8a:72:a5:47:
b8:a4:16:c8:be:14:e6:96:93:9f:f8:c4:da:27:a4:
67:98:81:61:3e:50:35:2d:cf:ed:a3:b7:d4:77:b5:
54:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:35:D3:65:ED:23:6B:B1:1F:75:3C:10:FA:C2:D8:5A:B1:39:6E:00
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3130303a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:100::/48
Signature Algorithm: sha256WithRSAEncryption
bc:63:f5:a6:1c:06:ab:92:0d:34:83:87:92:1e:a6:e1:da:56:
ac:d2:9b:f4:fd:03:d4:9e:a1:e9:1e:d7:03:da:e2:02:3b:e3:
81:d6:24:61:ad:8c:bc:ab:f0:7e:a7:83:6a:ad:cc:45:b4:9c:
44:c0:da:40:8d:e3:93:40:50:6d:72:c2:97:93:9c:7a:bd:45:
5a:a3:ac:54:b4:60:43:ab:f6:96:54:9d:2d:9d:23:9d:df:7a:
3e:e8:cd:b2:de:40:26:14:6d:be:4d:08:2e:31:16:75:51:d4:
50:0a:1c:65:90:17:3b:c0:a7:01:ad:93:56:ba:47:9d:28:09:
ee:67:31:c7:81:69:6e:26:ce:1d:aa:d2:79:b7:a1:16:6d:61:
73:39:86:f2:a5:80:67:3b:40:34:ce:eb:96:5e:a6:86:53:3a:
c8:35:52:5e:cb:d2:6b:b0:c8:db:7d:c8:49:8e:3b:25:23:cf:
b9:f0:d8:6e:a0:d9:88:ee:85:61:57:47:44:32:ae:a5:93:05:
cd:32:0b:4b:58:1e:b9:59:5e:13:b4:02:bd:4c:8a:ff:30:2c:
ad:2b:7f:15:b2:e2:e8:ac:1a:c0:c5:70:d8:24:c7:6f:b1:e8:
21:80:1a:07:e1:18:8d:12:fb:5d:79:51:eb:4d:41:21:32:8a:
dc:df:9c:a8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUDjPLwkCTyzSAaD+1QVpqmZosZsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNTAyMDQxNDU2NTVaFw0yNjAyMDMxNTAxNTVaMDMxMTAvBgNV
BAMTKDQ4MzVEMzY1RUQyMzZCQjExRjc1M0MxMEZBQzJEODVBQjEzOTZFMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPP8A4aQaDSp1RpXULtVfD0MvA
oX/PTEByug0sfsF+Hl2o7huXSQ9xG5qJQ4DoTfHqPnxkEhnhHTfnYCe29vyhibT2
uHzcvvFGvnbSd0Tq+K1Hr2yvhIjB2gcl0D2KDq4whiGgmp2CmxakhHfxvPTOTPM3
xWm3WTRPB+2Y3DpqVjAZOYyGlfvv9HAiv4G6Jui3Ybcn9fR6aUo9ZOf26zzYX1w+
Bw1lusyvE+7P1dSD6e7ylU+7ktd/gYOoSf2AD24E7S6GRb/vIfNBh8jGrPHmYd7R
RU4jQavcam6DinKlR7ikFsi+FOaWk5/4xNonpGeYgWE+UDUtz+2jt9R3tVTbAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUSDXTZe0ja7EfdTwQ+sLYWrE5bgAwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBADANBgkqhkiG9w0BAQsFAAOCAQEAvGP1
phwGq5INNIOHkh6m4dpWrNKb9P0D1J6h6R7XA9riAjvjgdYkYa2MvKvwfqeDaq3M
RbScRMDaQI3jk0BQbXLCl5Ocer1FWqOsVLRgQ6v2llSdLZ0jnd96PujNst5AJhRt
vk0ILjEWdVHUUAocZZAXO8CnAa2TVrpHnSgJ7mcxx4FpbibOHarSebehFm1hczmG
8qWAZztANM7rll6mhlM6yDVSXsvSa7DI233ISY47JSPPufDYbqDZiO6FYVdHRDKu
pZMFzTILS1geuVleE7QCvUyK/zAsrSt/FbLi6KwawMVw2CTHb7HoIYAaB+EYjRL7
XXlR601BITKK3N+cqA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:49 2025 by rpki-client