Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3161313a3a2f34382d3438203d3e20323135363137.roa
File: 326131343a373538313a3161313a3a2f34382d3438203d3e20323135363137.roa (raw, json)
Hash identifier: cS4y9h6YjLLDwjOrPHsuaXLfBo58JaRb7D8MmA/1nns=
Subject key identifier: 47:52:EC:C5:EF:03:E8:B5:97:B0:4C:12:86:40:09:C4:DD:0F:70:A2
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 5A7F310945FA61E50B34F909F39EDD2FEF530076
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3161313a3a2f34382d3438203d3e20323135363137.roa
Signing time: Mon 09 Dec 2024 13:19:38 +0000
ROA not before: Mon 09 Dec 2024 13:14:38 +0000
ROA not after: Mon 08 Dec 2025 13:19:38 +0000
asID: 215617
IP address blocks: 2a14:7581:1a1::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:7f:31:09:45:fa:61:e5:0b:34:f9:09:f3:9e:dd:2f:ef:53:00:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Dec 9 13:14:38 2024 GMT
Not After : Dec 8 13:19:38 2025 GMT
Subject: CN=4752ECC5EF03E8B597B04C12864009C4DD0F70A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a1:db:fb:80:97:0c:cd:5e:e2:99:88:bd:8f:
ab:f3:e2:ff:09:bb:b3:2b:51:68:86:14:81:6b:a6:
70:d1:8f:ec:c8:03:1a:64:0e:9d:44:c0:11:e0:10:
c7:e8:bb:13:9f:c2:8c:15:40:3c:19:f5:ea:bf:65:
55:b2:14:bd:f0:14:1a:e5:9c:90:95:cb:96:a0:06:
89:2c:1e:90:d8:85:a6:10:1e:69:6d:5c:f1:12:c7:
30:32:91:0f:88:ea:2c:5a:f5:06:94:73:ad:1c:1d:
fe:d9:d0:b4:06:10:6b:17:66:24:6e:94:33:0e:8d:
66:df:cf:c0:a5:05:7d:3c:2c:da:29:67:06:cc:19:
3a:be:3d:5b:4e:d2:69:15:1b:4f:b9:8b:ea:8e:85:
09:76:26:94:b2:5e:dd:b1:23:ab:20:66:17:17:b0:
60:94:40:ae:0e:14:c5:02:e4:8c:ff:12:9c:c4:9b:
ef:4b:e4:ad:c4:63:35:95:73:b1:62:00:3a:0d:d2:
b1:63:36:41:09:de:b4:db:78:8a:54:3c:07:ac:2b:
8b:ac:c5:85:fe:b0:5e:3c:af:c0:e3:f9:38:20:6a:
51:59:aa:fa:24:2e:bf:f6:02:af:ba:6e:95:43:08:
dd:fd:29:2c:31:5f:db:97:c7:1d:ad:76:dd:af:f5:
e8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:52:EC:C5:EF:03:E8:B5:97:B0:4C:12:86:40:09:C4:DD:0F:70:A2
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3161313a3a2f34382d3438203d3e20323135363137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:1a1::/48
Signature Algorithm: sha256WithRSAEncryption
21:d1:3c:88:10:ca:f9:5f:d8:3d:d7:11:89:5f:25:d5:4e:4b:
26:aa:63:cc:93:58:1e:5a:64:ba:a9:8f:41:13:96:b0:3d:25:
dc:60:94:88:e6:97:f9:10:47:0a:a7:f2:79:c5:6d:3c:fc:4b:
47:f5:81:37:9b:23:16:dc:5c:1a:a3:f7:46:30:2d:87:de:21:
29:78:36:50:8b:47:1e:07:db:37:da:72:b8:8a:65:89:28:bb:
ae:d7:a0:53:f1:ea:df:7d:b2:89:95:f1:e4:e0:2b:67:5f:43:
fd:96:00:4f:b6:83:e6:68:68:74:07:97:2e:38:cb:b1:a5:24:
a7:3a:08:a8:95:da:3e:45:a7:4e:af:7e:a0:c2:87:c8:65:c7:
09:66:a0:2d:e0:39:a5:ce:13:7d:78:54:92:5b:38:89:8a:e1:
a8:a6:c6:42:fc:a1:94:70:c1:e3:c7:31:fb:64:61:b7:c8:59:
4e:6b:25:ad:45:68:f3:d4:f3:a7:56:ff:fe:b9:2b:30:7e:b2:
b6:8e:ce:b3:8e:af:c7:5d:00:50:a4:23:b9:80:d2:c2:e6:19:
ad:6a:98:44:76:28:67:81:28:f5:93:e4:db:d1:1b:b3:22:f5:
9a:d9:0d:9f:6d:ae:d6:c2:ce:74:c3:6f:b4:f8:ea:36:f8:73:
63:a4:fa:1a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUWn8xCUX6YeULNPkJ857dL+9TAHYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDEyMDkxMzE0MzhaFw0yNTEyMDgxMzE5MzhaMDMxMTAvBgNV
BAMTKDQ3NTJFQ0M1RUYwM0U4QjU5N0IwNEMxMjg2NDAwOUM0REQwRjcwQTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLodv7gJcMzV7imYi9j6vz4v8J
u7MrUWiGFIFrpnDRj+zIAxpkDp1EwBHgEMfouxOfwowVQDwZ9eq/ZVWyFL3wFBrl
nJCVy5agBoksHpDYhaYQHmltXPESxzAykQ+I6ixa9QaUc60cHf7Z0LQGEGsXZiRu
lDMOjWbfz8ClBX08LNopZwbMGTq+PVtO0mkVG0+5i+qOhQl2JpSyXt2xI6sgZhcX
sGCUQK4OFMUC5Iz/EpzEm+9L5K3EYzWVc7FiADoN0rFjNkEJ3rTbeIpUPAesK4us
xYX+sF48r8Dj+TggalFZqvokLr/2Aq+6bpVDCN39KSwxX9uXxx2tdt2v9ei3AgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUR1Lsxe8D6LWXsEwShkAJxN0PcKIwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMxNjEzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM2MzEzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEBoTANBgkqhkiG9w0BAQsFAAOCAQEAIdE8
iBDK+V/YPdcRiV8l1U5LJqpjzJNYHlpkuqmPQROWsD0l3GCUiOaX+RBHCqfyecVt
PPxLR/WBN5sjFtxcGqP3RjAth94hKXg2UItHHgfbN9pyuIpliSi7rtegU/Hq332y
iZXx5OArZ19D/ZYAT7aD5mhodAeXLjjLsaUkpzoIqJXaPkWnTq9+oMKHyGXHCWag
LeA5pc4TfXhUkls4iYrhqKbGQvyhlHDB48cx+2Rht8hZTmslrUVo89Tzp1b//rkr
MH6yto7Os46vx10AUKQjuYDSwuYZrWqYRHYoZ4Eo9ZPk29EbsyL1mtkNn22u1sLO
dMNvtPjqNvhzY6T6Gg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:32:32 2025 by rpki-client