Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230383a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3230383a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: j0BGJOz/lZpizpGnFh66JOBEDbpbRR2Pr+z9emh62ck=
Subject key identifier: BB:9C:82:FF:B4:FE:66:03:9E:3F:85:3E:3B:4A:BB:7D:C3:E4:B3:49
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 435B68DA805A8B84F7F335C05FB36B9906C675F3
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230383a3a2f34382d3438203d3e20323136333234.roa
Signing time: Fri 13 Sep 2024 05:22:57 +0000
ROA not before: Fri 13 Sep 2024 05:17:57 +0000
ROA not after: Fri 12 Sep 2025 05:22:57 +0000
asID: 216324
IP address blocks: 2a14:7581:208::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:5b:68:da:80:5a:8b:84:f7:f3:35:c0:5f:b3:6b:99:06:c6:75:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Sep 13 05:17:57 2024 GMT
Not After : Sep 12 05:22:57 2025 GMT
Subject: CN=BB9C82FFB4FE66039E3F853E3B4ABB7DC3E4B349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:1d:16:fe:3e:0e:fc:93:42:8e:69:0a:71:24:
c0:c6:95:7b:cd:97:02:88:34:32:c0:4d:8d:65:e4:
3c:b0:8d:22:c1:00:23:b4:20:14:a3:52:9a:83:d7:
c3:b1:77:77:dd:70:eb:c2:8a:04:85:7d:5e:84:ca:
9b:61:33:ec:f6:0f:1d:7d:a8:4d:4a:b0:31:d2:b8:
75:83:e8:8d:70:42:20:1d:82:e6:ad:23:d0:62:38:
29:45:15:d5:7f:e7:e2:48:4b:d4:6a:b5:67:66:87:
e9:86:07:90:dd:cd:d0:a2:04:ca:69:8a:90:b3:1c:
f0:fa:81:ef:3d:34:36:94:6f:50:32:f1:6c:9f:d7:
d7:ce:79:f5:46:5e:04:41:de:b7:76:c4:4e:69:e1:
1d:f4:a3:73:db:5e:44:14:3e:84:12:8a:a2:1a:0d:
5f:58:54:0e:8e:b4:7d:a4:4f:43:61:e7:ff:b4:a7:
dc:ae:4b:08:06:b4:99:9b:42:72:d1:e6:0a:14:35:
66:3d:d2:d5:74:74:81:9f:af:0c:a7:06:75:3f:68:
45:30:87:93:ed:58:f4:56:75:f9:d9:68:92:ea:4d:
16:b9:50:2e:4f:86:9b:9b:cd:51:79:37:06:72:84:
dc:24:97:b0:50:d4:52:cd:aa:83:57:2f:b6:5c:49:
d4:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9C:82:FF:B4:FE:66:03:9E:3F:85:3E:3B:4A:BB:7D:C3:E4:B3:49
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3230383a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:208::/48
Signature Algorithm: sha256WithRSAEncryption
5a:f7:b2:88:05:ef:a1:2a:25:c3:b1:f1:40:63:9f:6f:52:03:
b1:ac:99:68:40:c7:eb:cd:43:77:a4:1a:2a:02:a0:c3:33:bc:
73:48:82:05:13:2a:c1:25:5e:d8:63:c6:66:f1:ec:0f:4e:a5:
aa:45:dd:23:92:10:b2:d1:bb:5e:2e:d2:c0:dc:f5:43:4b:e8:
4e:7c:8f:f2:37:85:0d:47:22:67:f1:f2:22:55:e9:d4:63:91:
62:91:fb:a7:92:86:d1:97:f2:b2:eb:b1:04:35:65:8c:f2:b3:
23:c1:3c:e6:94:15:e6:f2:6b:0d:5f:8a:5c:c1:da:bf:04:54:
58:83:1f:12:f2:98:3a:1c:f9:7e:8e:5a:70:97:d7:fc:c0:60:
a0:c5:7b:c9:73:50:12:ec:25:35:83:f8:3b:f7:f2:7b:c7:07:
c0:e9:00:9c:ea:20:2a:7f:03:dd:9f:ee:22:b2:f3:cc:0e:0e:
16:38:2d:4b:ce:7a:d9:3b:63:8d:0a:8e:de:47:a8:b4:d0:c4:
36:71:69:aa:c9:de:23:85:88:dd:f2:4a:52:47:3a:4f:db:ca:
ee:18:39:a1:80:eb:c0:01:a8:2c:1b:ad:90:c7:ce:ae:64:54:
b0:03:34:b6:03:bf:6a:3c:f7:cd:16:a6:14:8d:85:71:b6:37:
03:0b:b6:53
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUQ1to2oBai4T38zXAX7NrmQbGdfMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDA5MTMwNTE3NTdaFw0yNTA5MTIwNTIyNTdaMDMxMTAvBgNV
BAMTKEJCOUM4MkZGQjRGRTY2MDM5RTNGODUzRTNCNEFCQjdEQzNFNEIzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmHRb+Pg78k0KOaQpxJMDGlXvN
lwKINDLATY1l5DywjSLBACO0IBSjUpqD18Oxd3fdcOvCigSFfV6EypthM+z2Dx19
qE1KsDHSuHWD6I1wQiAdguatI9BiOClFFdV/5+JIS9RqtWdmh+mGB5DdzdCiBMpp
ipCzHPD6ge89NDaUb1Ay8Wyf19fOefVGXgRB3rd2xE5p4R30o3PbXkQUPoQSiqIa
DV9YVA6OtH2kT0Nh5/+0p9yuSwgGtJmbQnLR5goUNWY90tV0dIGfrwynBnU/aEUw
h5PtWPRWdfnZaJLqTRa5UC5PhpubzVF5NwZyhNwkl7BQ1FLNqoNXL7ZcSdTvAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUu5yC/7T+ZgOeP4U+O0q7fcPks0kwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyMzAzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYECCDANBgkqhkiG9w0BAQsFAAOCAQEAWvey
iAXvoSolw7HxQGOfb1IDsayZaEDH681Dd6QaKgKgwzO8c0iCBRMqwSVe2GPGZvHs
D06lqkXdI5IQstG7Xi7SwNz1Q0voTnyP8jeFDUciZ/HyIlXp1GORYpH7p5KG0Zfy
suuxBDVljPKzI8E85pQV5vJrDV+KXMHavwRUWIMfEvKYOhz5fo5acJfX/MBgoMV7
yXNQEuwlNYP4O/fye8cHwOkAnOogKn8D3Z/uIrLzzA4OFjgtS8562TtjjQqO3keo
tNDENnFpqsneI4WI3fJKUkc6T9vK7hg5oYDrwAGoLButkMfOrmRUsAM0tgO/ajz3
zRamFI2FcbY3Awu2Uw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:01 2025 by rpki-client