Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393130303a3a2f34302d3438203d3e203437323732.roa
File: 326130353a646663313a393130303a3a2f34302d3438203d3e203437323732.roa (raw, json)
Hash identifier: yI38OhyLka2y51xAQpBzO0c6hbjIC0CpWHt6dZ/MaC8=
Subject key identifier: 21:51:D3:01:26:3A:3C:D6:27:1D:93:23:BD:70:A1:66:0F:1E:66:5B
Certificate issuer: /CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
Certificate serial: 4DDABF4048E69C193923446394A166EE37221EC7
Authority key identifier: F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76
Authority info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393130303a3a2f34302d3438203d3e203437323732.roa
Signing time: Sat 02 Dec 2023 10:29:54 +0000
ROA not before: Sat 02 Dec 2023 10:24:54 +0000
ROA not after: Sat 30 Nov 2024 10:29:54 +0000
asID: 47272
IP address blocks: 2a05:dfc1:9100::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:da:bf:40:48:e6:9c:19:39:23:44:63:94:a1:66:ee:37:22:1e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
Validity
Not Before: Dec 2 10:24:54 2023 GMT
Not After : Nov 30 10:29:54 2024 GMT
Subject: CN=2151D301263A3CD6271D9323BD70A1660F1E665B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:16:40:08:17:4e:e1:65:9e:c6:2b:70:df:52:
e4:d6:01:8c:61:7a:9c:2a:bd:54:6d:f1:a9:54:74:
93:85:5f:2f:6e:db:a9:8d:6f:85:83:fb:26:c2:b7:
93:60:7b:99:7d:2b:30:05:c5:31:83:90:18:52:29:
20:3d:d8:66:c1:23:fa:03:02:34:04:72:c6:15:bc:
4b:0e:82:3b:81:5a:52:4e:05:a6:e9:9d:e5:1b:aa:
d3:02:0d:f9:b3:54:61:f4:f0:01:5f:77:6f:96:8e:
07:07:78:d4:40:2d:21:00:21:5d:72:b2:7b:b1:36:
c9:ef:46:61:fc:11:e7:84:a5:e7:fc:4f:95:82:c1:
40:d4:fb:cc:90:c7:4e:23:c6:94:fd:fc:77:59:00:
58:ff:ff:10:8c:71:1e:8b:fd:d5:6e:fd:b1:42:fe:
8a:bd:c1:c5:6c:4f:92:81:92:10:89:8b:02:4e:d7:
c2:6b:32:3c:53:d6:c0:55:82:a1:03:8a:36:79:6e:
c2:01:92:9e:5d:b8:2f:82:0f:e5:37:b4:03:64:f6:
4d:8d:97:f7:cb:0c:86:6b:3b:58:a7:93:98:c5:b9:
3a:38:ca:93:68:65:b8:87:be:f2:d8:7e:4f:31:43:
ba:aa:9e:b0:07:00:6d:17:74:04:5a:6f:57:70:04:
94:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:51:D3:01:26:3A:3C:D6:27:1D:93:23:BD:70:A1:66:0F:1E:66:5B
X509v3 Authority Key Identifier:
keyid:F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.crl
Authority Information Access:
CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393130303a3a2f34302d3438203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:9100::/40
Signature Algorithm: sha256WithRSAEncryption
65:02:03:e5:c8:46:2d:76:d0:10:b5:0f:9a:9f:42:7d:ae:e6:
b4:70:82:80:38:4e:22:65:2d:76:f7:f4:b3:e5:98:3c:8d:d6:
af:2d:c8:c5:8a:e9:e6:5c:df:45:6c:f9:53:ce:18:52:cd:cb:
f8:7f:df:cb:80:23:27:43:09:51:8c:d5:d8:67:94:55:f7:7d:
10:e9:1b:01:f9:8e:79:52:41:94:97:e5:0c:0e:d4:f4:52:f0:
53:b3:33:52:09:46:a0:8c:e1:c1:1a:c6:3f:5c:e1:f0:e6:33:
31:d0:d6:16:a1:6b:ee:df:4a:26:fd:f9:f2:c2:3a:cc:78:c2:
c0:25:df:54:4d:0b:28:a0:5d:b7:15:a0:35:1b:dd:e4:59:17:
90:49:2b:e1:ff:fb:c5:84:f5:49:b5:67:8b:a6:4d:45:ef:1b:
92:73:60:88:1d:b6:fa:16:fc:b1:e2:c8:2c:81:85:7b:c4:df:
ee:06:7a:4b:0b:4e:14:db:90:b1:c1:43:0f:60:7d:1c:8b:52:
e8:f1:ab:19:a1:e8:e3:64:02:a8:26:b6:73:50:97:0d:6b:a0:
fc:06:04:46:6b:55:ec:98:24:39:1a:46:f9:62:93:ef:a3:8d:
9d:e5:d3:97:b5:13:0e:51:1f:ab:2a:d3:f3:f8:35:a5:3e:a1:
fe:d3:ff:55
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgIUTdq/QEjmnBk5I0RjlKFm7jciHscwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRF
MDVFN0I3NjAeFw0yMzEyMDIxMDI0NTRaFw0yNDExMzAxMDI5NTRaMDMxMTAvBgNV
BAMTKDIxNTFEMzAxMjYzQTNDRDYyNzFEOTMyM0JENzBBMTY2MEYxRTY2NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8FkAIF07hZZ7GK3DfUuTWAYxh
epwqvVRt8alUdJOFXy9u26mNb4WD+ybCt5Nge5l9KzAFxTGDkBhSKSA92GbBI/oD
AjQEcsYVvEsOgjuBWlJOBabpneUbqtMCDfmzVGH08AFfd2+WjgcHeNRALSEAIV1y
snuxNsnvRmH8EeeEpef8T5WCwUDU+8yQx04jxpT9/HdZAFj//xCMcR6L/dVu/bFC
/oq9wcVsT5KBkhCJiwJO18JrMjxT1sBVgqEDijZ5bsIBkp5duC+CD+U3tANk9k2N
l/fLDIZrO1ink5jFuTo4ypNoZbiHvvLYfk8xQ7qqnrAHAG0XdARab1dwBJR7AgMB
AAGjggJdMIICWTAdBgNVHQ4EFgQUIVHTASY6PNYnHZMjvXChZg8eZlswHwYDVR0j
BBgwFoAU9zfYG/vv/e7J7DK3uGQRLeBee3YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzEvRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRFMDVFN0I3Ni5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0Y3MzdEODFCRkJFRkZE
RUVDOUVDMzJCN0I4NjQxMTJERTA1RTdCNzYuY2VyMIG1BggrBgEFBQcBCwSBqDCB
pTCBogYIKwYBBQUHMAuGgZVyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3
ZC8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzkzMTMwMzAzYTNhMmYzNDMwMmQzNDM4
MjAzZDNlMjAzNDM3MzIzNzMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgXfwZEwDQYJKoZIhvcNAQEL
BQADggEBAGUCA+XIRi120BC1D5qfQn2u5rRwgoA4TiJlLXb39LPlmDyN1q8tyMWK
6eZc30Vs+VPOGFLNy/h/38uAIydDCVGM1dhnlFX3fRDpGwH5jnlSQZSX5QwO1PRS
8FOzM1IJRqCM4cEaxj9c4fDmMzHQ1haha+7fSib9+fLCOsx4wsAl31RNCyigXbcV
oDUb3eRZF5BJK+H/+8WE9Um1Z4umTUXvG5JzYIgdtvoW/LHiyCyBhXvE3+4GeksL
ThTbkLHBQw9gfRyLUujxqxmh6ONkAqgmtnNQlw1roPwGBEZrVeyYJDkaRvlik++j
jZ3l05e1Ew5RH6sq0/P4NaU+of7T/1U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:40:11 2025 by rpki-client