Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3265323a3a2f34382d3438203d3e20323136333234.roa
File: 326131343a373538313a3265323a3a2f34382d3438203d3e20323136333234.roa (raw, json)
Hash identifier: p7Wf9b8KCzrJhw+dJ2i+XEiypiWeI9yfKb75jqaiZzw=
Subject key identifier: 7E:68:56:43:54:82:40:32:8E:34:DA:EF:56:3C:BF:A4:1A:3E:7F:39
Certificate issuer: /CN=30EC341CC59263F48799F70A95490826E78E6E11
Certificate serial: 75BCF96255327980E881596BB830C377815A20BB
Authority key identifier: 30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3265323a3a2f34382d3438203d3e20323136333234.roa
Signing time: Tue 24 Dec 2024 12:06:36 +0000
ROA not before: Tue 24 Dec 2024 12:01:36 +0000
ROA not after: Tue 23 Dec 2025 12:06:36 +0000
asID: 216324
IP address blocks: 2a14:7581:2e2::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:bc:f9:62:55:32:79:80:e8:81:59:6b:b8:30:c3:77:81:5a:20:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30EC341CC59263F48799F70A95490826E78E6E11
Validity
Not Before: Dec 24 12:01:36 2024 GMT
Not After : Dec 23 12:06:36 2025 GMT
Subject: CN=7E685643548240328E34DAEF563CBFA41A3E7F39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:f5:f4:f8:da:4f:2f:36:a7:c3:5c:ee:bc:
f0:b2:30:11:53:03:36:51:2d:14:ff:ba:d3:a3:67:
17:df:e4:31:63:07:17:e2:ec:d3:13:87:4b:24:38:
22:be:f5:0f:8e:fc:2c:17:25:0b:85:9c:af:80:63:
33:24:aa:da:3a:e6:c8:68:b8:e3:60:95:4a:8a:81:
b4:e7:fc:3e:4f:05:cf:27:9b:37:72:97:13:5b:43:
2e:43:dd:92:8f:1a:77:6e:37:1d:93:ff:cf:b9:39:
87:bf:5f:b1:d5:32:83:ff:b2:3d:05:81:01:cd:9e:
e9:57:0f:09:ae:d9:57:24:8b:d2:8b:e5:94:7d:93:
68:f0:c0:64:f0:d6:d1:47:57:3f:7f:ca:56:99:54:
81:df:7b:67:c9:ae:33:87:80:24:de:08:c7:91:07:
e6:26:ac:27:a1:30:fe:db:18:ab:b6:b9:bb:bf:f2:
bb:0e:70:b6:6c:3a:22:5a:04:e0:f7:84:31:fb:a3:
dd:a2:87:51:6e:b4:86:87:b5:64:d7:be:bf:91:be:
41:73:91:1b:c9:41:ca:c2:b0:88:dc:15:4e:23:fa:
f9:58:22:c1:48:a1:c5:8c:45:52:fd:3c:bc:a3:0f:
43:c5:bc:fa:9d:0c:dd:ba:6d:c9:98:0f:47:76:05:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:68:56:43:54:82:40:32:8E:34:DA:EF:56:3C:BF:A4:1A:3E:7F:39
X509v3 Authority Key Identifier:
keyid:30:EC:34:1C:C5:92:63:F4:87:99:F7:0A:95:49:08:26:E7:8E:6E:11
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/30EC341CC59263F48799F70A95490826E78E6E11.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/30EC341CC59263F48799F70A95490826E78E6E11.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/23d5f682-b51b-4812-b8b1-430e38683748/1/326131343a373538313a3265323a3a2f34382d3438203d3e20323136333234.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:2e2::/48
Signature Algorithm: sha256WithRSAEncryption
80:e7:20:a2:df:0e:01:64:d5:c8:d7:80:1a:5c:90:71:56:ec:
b2:41:2b:ee:4d:66:46:a2:09:09:27:b4:09:8c:87:4a:22:dd:
66:00:07:e5:30:e5:50:c3:17:4e:49:00:ba:c6:6f:b1:71:98:
40:62:f7:36:a1:45:57:64:46:80:2a:e8:3e:a5:9d:a5:85:28:
6e:2f:07:9b:35:2e:cb:96:ee:df:df:ba:f3:d3:c4:cf:29:9e:
3d:d2:27:d9:cb:48:dc:3e:1e:4b:51:48:4c:87:fe:f8:1a:52:
7b:29:77:2d:7f:bf:a9:e0:bf:4a:bb:d7:46:7d:41:2c:18:fa:
03:6d:e2:8c:8f:fb:e7:be:ef:16:5d:d9:a6:33:ca:8f:06:4d:
66:26:73:0a:19:85:b4:e9:8a:8e:da:40:02:2c:a8:0a:79:16:
36:93:91:db:bd:37:b5:a5:0e:4a:2b:d0:d9:e4:3b:07:ba:bf:
77:da:4c:4f:df:01:33:b3:f1:00:1d:c4:dd:db:e5:b7:4e:a5:
1a:76:ab:09:cc:6d:df:bb:3d:b5:c1:39:b7:fb:24:e3:74:6a:
83:6a:44:2e:e8:62:f5:8c:cd:b8:3b:93:b8:dc:9b:50:87:62:
59:d4:9a:ee:3b:b2:ab:e4:e3:bc:d6:c1:5b:6d:d6:e4:35:69:
9d:51:2a:a8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUdbz5YlUyeYDogVlruDDDd4FaILswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZF
NzhFNkUxMTAeFw0yNDEyMjQxMjAxMzZaFw0yNTEyMjMxMjA2MzZaMDMxMTAvBgNV
BAMTKDdFNjg1NjQzNTQ4MjQwMzI4RTM0REFFRjU2M0NCRkE0MUEzRTdGMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2hvX0+NpPLzanw1zuvPCyMBFT
AzZRLRT/utOjZxff5DFjBxfi7NMTh0skOCK+9Q+O/CwXJQuFnK+AYzMkqto65sho
uONglUqKgbTn/D5PBc8nmzdylxNbQy5D3ZKPGnduNx2T/8+5OYe/X7HVMoP/sj0F
gQHNnulXDwmu2Vcki9KL5ZR9k2jwwGTw1tFHVz9/ylaZVIHfe2fJrjOHgCTeCMeR
B+YmrCehMP7bGKu2ubu/8rsOcLZsOiJaBOD3hDH7o92ih1FutIaHtWTXvr+RvkFz
kRvJQcrCsIjcFU4j+vlYIsFIocWMRVL9PLyjD0PFvPqdDN26bcmYD0d2BbSvAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUfmhWQ1SCQDKONNrvVjy/pBo+fzkwHwYDVR0j
BBgwFoAUMOw0HMWSY/SHmfcKlUkIJueObhEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjNkNWY2ODItYjUxYi00ODEyLWI4YjEtNDMwZTM4Njgz
NzQ4LzEvMzBFQzM0MUNDNTkyNjNGNDg3OTlGNzBBOTU0OTA4MjZFNzhFNkUxMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8zMEVDMzQxQ0M1OTI2M0Y0ODc5OUY3MEE5
NTQ5MDgyNkU3OEU2RTExLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8yM2Q1ZjY4Mi1iNTFiLTQ4MTItYjhiMS00MzBlMzg2ODM3NDgvMS8zMjYxMzEz
NDNhMzczNTM4MzEzYTMyNjUzMjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NjMzMzIzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYEC4jANBgkqhkiG9w0BAQsFAAOCAQEAgOcg
ot8OAWTVyNeAGlyQcVbsskEr7k1mRqIJCSe0CYyHSiLdZgAH5TDlUMMXTkkAusZv
sXGYQGL3NqFFV2RGgCroPqWdpYUobi8HmzUuy5bu39+689PEzymePdIn2ctI3D4e
S1FITIf++BpSeyl3LX+/qeC/SrvXRn1BLBj6A23ijI/7577vFl3ZpjPKjwZNZiZz
ChmFtOmKjtpAAiyoCnkWNpOR2703taUOSivQ2eQ7B7q/d9pMT98BM7PxAB3E3dvl
t06lGnarCcxt37s9tcE5t/sk43Rqg2pELuhi9YzNuDuTuNybUIdiWdSa7juyq+Tj
vNbBW23W5DVpnVEqqA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:26:26 2025 by rpki-client