Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393138343a3a2f34382d3438203d3e20323135363833.roa
File: 326130353a646663313a393138343a3a2f34382d3438203d3e20323135363833.roa (raw, json)
Hash identifier: eus559xzHyAstiFeVb3DrGh/kvswPKgceNVS76gZL8s=
Subject key identifier: 0A:33:57:2F:7E:FA:29:3F:19:6E:A4:C6:80:14:89:12:50:DA:B5:05
Certificate issuer: /CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
Certificate serial: 0F853DEFCB8855CC3DAEF89A88E50BEF2408E139
Authority key identifier: F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76
Authority info access: rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393138343a3a2f34382d3438203d3e20323135363833.roa
Signing time: Wed 14 Feb 2024 18:40:48 +0000
ROA not before: Wed 14 Feb 2024 18:35:48 +0000
ROA not after: Wed 12 Feb 2025 18:40:48 +0000
asID: 215683
IP address blocks: 2a05:dfc1:9184::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:85:3d:ef:cb:88:55:cc:3d:ae:f8:9a:88:e5:0b:ef:24:08:e1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76
Validity
Not Before: Feb 14 18:35:48 2024 GMT
Not After : Feb 12 18:40:48 2025 GMT
Subject: CN=0A33572F7EFA293F196EA4C68014891250DAB505
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fe:86:da:3e:55:07:e1:f3:0e:cd:12:b0:17:
32:45:9f:23:27:71:07:ff:5a:67:d1:4c:2e:e5:1c:
f8:b0:b3:a3:c4:f5:9c:ad:ce:1f:55:97:b8:ee:6b:
ec:a8:f8:a5:25:b4:dd:72:8b:14:d9:cc:b8:d9:26:
5d:78:ff:28:28:97:a6:e0:c8:fd:fd:4f:6a:c7:15:
3a:fe:a5:24:94:a8:9e:31:95:67:99:b5:58:ce:39:
9d:dd:04:90:03:80:88:3a:b8:10:e3:cc:51:8c:24:
be:29:10:30:10:c0:9a:53:eb:fc:1f:22:ee:6b:6b:
89:f3:ea:09:a1:5f:13:88:ba:fa:a9:0f:95:90:77:
a9:c9:88:8f:75:fa:84:85:d9:42:04:36:d5:54:35:
79:e9:4e:1e:88:5f:f6:3d:a2:21:ed:84:17:44:4a:
cf:8d:be:0d:01:c0:e5:d4:d0:59:41:b8:28:4a:d6:
40:9f:52:78:3c:18:d7:5c:f3:7b:38:61:b7:7c:c8:
be:b1:3f:0c:ae:8e:e3:57:89:9b:e0:30:27:7d:72:
08:f4:5a:f8:19:a8:32:30:23:a3:5b:f5:da:72:11:
1f:2d:13:bd:43:0c:c7:7d:59:18:2c:82:de:90:de:
21:65:4a:17:fb:e7:a3:4b:aa:7e:6d:ef:5d:1c:73:
01:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:33:57:2F:7E:FA:29:3F:19:6E:A4:C6:80:14:89:12:50:DA:B5:05
X509v3 Authority Key Identifier:
keyid:F7:37:D8:1B:FB:EF:FD:EE:C9:EC:32:B7:B8:64:11:2D:E0:5E:7B:76
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.crl
Authority Information Access:
CA Issuers - URI:rsync://cloudie-repo.rpki.app/repo/CLOUDIE-RPKI/0/F737D81BFBEFFDEEC9EC32B7B864112DE05E7B76.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/1/326130353a646663313a393138343a3a2f34382d3438203d3e20323135363833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:dfc1:9184::/48
Signature Algorithm: sha256WithRSAEncryption
82:e5:43:ec:2a:db:db:d9:e2:71:31:bc:e3:63:29:05:1d:c1:
5e:72:b7:d0:f4:5e:45:12:db:e3:5e:a8:d3:78:bd:3f:3f:61:
cc:f0:0d:a5:f7:44:70:2f:e1:72:e9:e8:3e:a1:62:c1:ac:3a:
0f:28:72:f0:9e:5b:9b:c6:dd:37:55:09:e2:bf:86:be:67:45:
bb:e3:dd:c6:76:30:00:4e:dd:12:87:c7:30:78:96:88:be:a7:
39:20:e9:82:62:f3:e9:bb:9f:ef:7b:54:6f:34:28:16:92:45:
76:9c:c7:58:00:86:66:38:1a:96:98:27:7d:a7:07:88:40:07:
30:9d:c5:52:9e:c6:f4:c6:8c:43:8b:f8:3d:35:90:24:c2:59:
4a:d3:c1:d6:c9:c8:37:7d:de:28:fa:c5:99:20:7d:2f:78:5f:
e0:e8:ee:57:48:4d:aa:c8:9b:cb:2d:0d:cc:71:9e:0a:5d:f2:
4f:bc:b2:85:6a:43:2a:c9:8c:bb:6c:68:23:7e:ab:9b:44:01:
77:d2:d8:7a:93:b1:db:1b:be:83:bf:c6:56:f9:16:9c:72:ba:
bc:d9:7d:b1:30:35:d4:ff:ff:39:05:91:f8:54:57:c3:92:a1:
be:7e:42:c6:e9:a9:f0:a8:36:a2:20:8f:f1:d6:02:b3:c0:66:
9b:df:4d:52
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUD4U978uIVcw9rviaiOUL7yQI4TkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRF
MDVFN0I3NjAeFw0yNDAyMTQxODM1NDhaFw0yNTAyMTIxODQwNDhaMDMxMTAvBgNV
BAMTKDBBMzM1NzJGN0VGQTI5M0YxOTZFQTRDNjgwMTQ4OTEyNTBEQUI1MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+/obaPlUH4fMOzRKwFzJFnyMn
cQf/WmfRTC7lHPiws6PE9Zytzh9Vl7jua+yo+KUltN1yixTZzLjZJl14/ygol6bg
yP39T2rHFTr+pSSUqJ4xlWeZtVjOOZ3dBJADgIg6uBDjzFGMJL4pEDAQwJpT6/wf
Iu5ra4nz6gmhXxOIuvqpD5WQd6nJiI91+oSF2UIENtVUNXnpTh6IX/Y9oiHthBdE
Ss+Nvg0BwOXU0FlBuChK1kCfUng8GNdc83s4Ybd8yL6xPwyujuNXiZvgMCd9cgj0
WvgZqDIwI6Nb9dpyER8tE71DDMd9WRgsgt6Q3iFlShf756NLqn5t710ccwHLAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUCjNXL376KT8ZbqTGgBSJElDatQUwHwYDVR0j
BBgwFoAU9zfYG/vv/e7J7DK3uGQRLeBee3YwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzEvRjczN0Q4MUJGQkVGRkRFRUM5RUMzMkI3Qjg2NDExMkRFMDVFN0I3Ni5j
cmwwegYIKwYBBQUHAQEEbjBsMGoGCCsGAQUFBzAChl5yc3luYzovL2Nsb3VkaWUt
cmVwby5ycGtpLmFwcC9yZXBvL0NMT1VESUUtUlBLSS8wL0Y3MzdEODFCRkJFRkZE
RUVDOUVDMzJCN0I4NjQxMTJERTA1RTdCNzYuY2VyMIG3BggrBgEFBQcBCwSBqjCB
pzCBpAYIKwYBBQUHMAuGgZdyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBlLm5l
dC9yZXBvc2l0b3J5LzMyNTNkOTczLWQ1YmYtNDU0MS1iY2MxLTI3NjU0M2EyNWM3
ZC8xLzMyNjEzMDM1M2E2NDY2NjMzMTNhMzkzMTM4MzQzYTNhMmYzNDM4MmQzNDM4
MjAzZDNlMjAzMjMxMzUzNjM4MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqBd/BkYQwDQYJKoZIhvcN
AQELBQADggEBAILlQ+wq29vZ4nExvONjKQUdwV5yt9D0XkUS2+NeqNN4vT8/Yczw
DaX3RHAv4XLp6D6hYsGsOg8ocvCeW5vG3TdVCeK/hr5nRbvj3cZ2MABO3RKHxzB4
loi+pzkg6YJi8+m7n+97VG80KBaSRXacx1gAhmY4GpaYJ32nB4hABzCdxVKexvTG
jEOL+D01kCTCWUrTwdbJyDd93ij6xZkgfS94X+Do7ldITarIm8stDcxxngpd8k+8
soVqQyrJjLtsaCN+q5tEAXfS2HqTsdsbvoO/xlb5FpxyurzZfbEwNdT//zkFkfhU
V8OSob5+QsbpqfCoNqIgj/HWArPAZpvfTVI=
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:33:20 2025 by rpki-client