Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393061303a3a2f34342d3434203d3e203437323732.roa
File: 326131313a323963303a393061303a3a2f34342d3434203d3e203437323732.roa (raw, json)
Hash identifier: sqvA66ugd217ubL8FFsWa3LSVKzJSrp6bwwd0XBoZbg=
Subject key identifier: 3F:4F:0C:D3:26:B8:12:7A:DD:49:30:BC:BC:5D:BB:53:84:FD:A5:D1
Certificate issuer: /CN=CDC014669D381152AFB94B76936268BFF73E7D50
Certificate serial: 57AD15FF84CB8369F62DE28FF62C591C75DE2AE8
Authority key identifier: CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393061303a3a2f34342d3434203d3e203437323732.roa
Signing time: Sun 26 Nov 2023 11:08:45 +0000
ROA not before: Sun 26 Nov 2023 11:03:45 +0000
ROA not after: Sun 24 Nov 2024 11:08:45 +0000
asID: 47272
IP address blocks: 2a11:29c0:90a0::/44 maxlen: 44
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:ad:15:ff:84:cb:83:69:f6:2d:e2:8f:f6:2c:59:1c:75:de:2a:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDC014669D381152AFB94B76936268BFF73E7D50
Validity
Not Before: Nov 26 11:03:45 2023 GMT
Not After : Nov 24 11:08:45 2024 GMT
Subject: CN=3F4F0CD326B8127ADD4930BCBC5DBB5384FDA5D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5f:7a:6b:f1:59:d8:49:ef:aa:ae:e7:fb:a1:
d7:0d:f3:57:9c:4f:96:d7:ce:f6:95:ac:56:7e:76:
ce:db:f5:d7:eb:5f:18:85:2c:31:e7:63:a1:fc:26:
c8:64:34:c2:71:f5:32:39:83:65:28:2a:e8:0b:94:
97:2b:fd:97:19:5f:48:1c:7a:a7:eb:f9:87:c2:0b:
80:81:61:fd:16:c9:79:84:4b:0e:a2:a0:e7:17:03:
75:bf:b5:03:57:3c:69:cf:f3:51:03:96:a9:06:77:
b1:14:f7:17:c8:99:74:1f:e2:d9:d9:2c:dc:71:5d:
df:87:d1:75:d5:fb:a7:82:d8:16:9d:90:0e:55:a4:
a4:73:8b:a7:85:5f:95:07:d4:66:91:04:10:4d:41:
5f:f8:b6:5d:b6:9d:f3:14:ad:6e:db:c2:d7:88:92:
9b:ff:9d:5c:a3:9d:2d:0a:3c:2f:1b:82:bb:f3:cf:
d2:ff:ad:eb:71:5a:6d:0c:7e:9f:94:08:ea:8f:f3:
44:3b:1e:4c:73:04:31:82:42:17:01:0a:72:3e:e0:
03:1c:05:41:b9:36:09:79:7b:e2:56:b9:59:8e:ce:
b7:e7:0c:2a:31:29:b1:86:bc:8b:81:bf:b0:ff:74:
24:be:20:30:b3:32:79:bf:2e:0a:5a:36:88:9d:ce:
7e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4F:0C:D3:26:B8:12:7A:DD:49:30:BC:BC:5D:BB:53:84:FD:A5:D1
X509v3 Authority Key Identifier:
keyid:CD:C0:14:66:9D:38:11:52:AF:B9:4B:76:93:62:68:BF:F7:3E:7D:50
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/CDC014669D381152AFB94B76936268BFF73E7D50.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/81115bc6-10f6-4af3-ba09-8b687a56fbf5/0/CDC014669D381152AFB94B76936268BFF73E7D50.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3253d973-d5bf-4541-bcc1-276543a25c7d/2/326131313a323963303a393061303a3a2f34342d3434203d3e203437323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:29c0:90a0::/44
Signature Algorithm: sha256WithRSAEncryption
4a:41:5a:5d:8f:3a:88:97:60:dd:e1:24:88:63:eb:04:96:b6:
a6:e8:5b:47:81:f8:4b:69:3c:52:79:60:86:10:e5:01:80:64:
e9:51:27:8d:48:f0:2a:87:f8:f7:dd:64:18:22:bd:ce:f1:40:
b7:75:7d:ad:3f:c6:f4:85:d7:15:0e:fa:fc:32:cc:6b:e3:16:
a1:82:8d:44:c5:19:2d:7a:7e:ca:40:03:6e:16:9a:6e:73:30:
83:ff:33:44:c4:66:1d:f6:79:aa:46:2c:88:6d:78:4a:1e:6d:
ae:e0:2f:55:6b:a9:d8:a4:1e:6c:68:8e:9e:09:ad:80:56:8b:
80:44:26:9f:4f:a7:2b:0b:6a:57:43:a1:cf:56:b1:a1:d7:4b:
54:93:35:a3:ca:f5:7d:a6:9b:fd:50:ce:ee:f9:80:1f:af:04:
57:94:15:4e:2b:22:52:fa:eb:24:30:84:6a:22:72:14:78:8c:
71:0e:74:c0:02:dd:b5:99:f5:5c:40:3f:a0:ef:02:74:68:29:
50:f4:e6:72:6f:04:15:64:26:7f:2d:7c:d9:8e:79:82:e0:84:
6d:de:92:90:27:00:ce:9b:d1:4d:3b:0c:6e:8c:5a:d7:ff:df:
8a:45:71:1e:5e:e6:0b:33:01:c4:f1:47:f1:1b:fc:14:91:49:
a7:89:8e:b8
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUV60V/4TLg2n2LeKP9ixZHHXeKugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZG
NzNFN0Q1MDAeFw0yMzExMjYxMTAzNDVaFw0yNDExMjQxMTA4NDVaMDMxMTAvBgNV
BAMTKDNGNEYwQ0QzMjZCODEyN0FERDQ5MzBCQ0JDNURCQjUzODRGREE1RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNX3pr8VnYSe+qruf7odcN81ec
T5bXzvaVrFZ+ds7b9dfrXxiFLDHnY6H8JshkNMJx9TI5g2UoKugLlJcr/ZcZX0gc
eqfr+YfCC4CBYf0WyXmESw6ioOcXA3W/tQNXPGnP81EDlqkGd7EU9xfImXQf4tnZ
LNxxXd+H0XXV+6eC2BadkA5VpKRzi6eFX5UH1GaRBBBNQV/4tl22nfMUrW7bwteI
kpv/nVyjnS0KPC8bgrvzz9L/retxWm0Mfp+UCOqP80Q7HkxzBDGCQhcBCnI+4AMc
BUG5Ngl5e+JWuVmOzrfnDCoxKbGGvIuBv7D/dCS+IDCzMnm/LgpaNoidzn5xAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUP08M0ya4EnrdSTC8vF27U4T9pdEwHwYDVR0j
BBgwFoAUzcAUZp04EVKvuUt2k2Jov/c+fVAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzI1M2Q5NzMtZDViZi00NTQxLWJjYzEtMjc2NTQzYTI1
YzdkLzIvQ0RDMDE0NjY5RDM4MTE1MkFGQjk0Qjc2OTM2MjY4QkZGNzNFN0Q1MC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84MTExNWJjNi0xMGY2LTRh
ZjMtYmEwOS04YjY4N2E1NmZiZjUvMC9DREMwMTQ2NjlEMzgxMTUyQUZCOTRCNzY5
MzYyNjhCRkY3M0U3RDUwLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMjUzZDk3My1kNWJmLTQ1NDEtYmNjMS0yNzY1NDNhMjVjN2QvMi8zMjYxMzEz
MTNhMzIzOTYzMzAzYTM5MzA2MTMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzQz
NzMyMzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHBCoRKcCQoDANBgkqhkiG9w0BAQsFAAOCAQEASkFa
XY86iJdg3eEkiGPrBJa2puhbR4H4S2k8UnlghhDlAYBk6VEnjUjwKof4991kGCK9
zvFAt3V9rT/G9IXXFQ76/DLMa+MWoYKNRMUZLXp+ykADbhaabnMwg/8zRMRmHfZ5
qkYsiG14Sh5truAvVWup2KQebGiOngmtgFaLgEQmn0+nKwtqV0Ohz1axoddLVJM1
o8r1faab/VDO7vmAH68EV5QVTisiUvrrJDCEaiJyFHiMcQ50wALdtZn1XEA/oO8C
dGgpUPTmcm8EFWQmfy182Y55guCEbd6SkCcAzpvRTTsMboxa1//fikVxHl7mCzMB
xPFH8Rv8FJFJp4mOuA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:43:13 2025 by rpki-client