Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/40ca266a-df83-4bb2-8007-4f85b893dc70/0/326131343a373538303a6130313a3a2f34382d3438203d3e20323135353433.roa
File: 326131343a373538303a6130313a3a2f34382d3438203d3e20323135353433.roa (raw, json)
Hash identifier: 9e2yjigX5+cNnGpC5dYpYp4x5beQHVuns4hEprR01WE=
Subject key identifier: 55:DE:3A:1C:BE:1E:EE:05:E7:5A:1E:C2:3E:B8:3D:30:1A:0B:B4:BB
Certificate issuer: /CN=21B5CB0BFB54183A6334820D704EDBF79B04CB48
Certificate serial: 40AE1B39C551F340291B7775508913831E6DB9C3
Authority key identifier: 21:B5:CB:0B:FB:54:18:3A:63:34:82:0D:70:4E:DB:F7:9B:04:CB:48
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21B5CB0BFB54183A6334820D704EDBF79B04CB48.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/40ca266a-df83-4bb2-8007-4f85b893dc70/0/326131343a373538303a6130313a3a2f34382d3438203d3e20323135353433.roa
Signing time: Tue 25 Mar 2025 02:49:59 +0000
ROA not before: Tue 25 Mar 2025 02:44:59 +0000
ROA not after: Tue 24 Mar 2026 02:49:59 +0000
asID: 215543
IP address blocks: 2a14:7580:a01::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:ae:1b:39:c5:51:f3:40:29:1b:77:75:50:89:13:83:1e:6d:b9:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21B5CB0BFB54183A6334820D704EDBF79B04CB48
Validity
Not Before: Mar 25 02:44:59 2025 GMT
Not After : Mar 24 02:49:59 2026 GMT
Subject: CN=55DE3A1CBE1EEE05E75A1EC23EB83D301A0BB4BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:a3:9a:a5:ab:d6:2d:e2:1c:27:74:a1:79:cb:
7e:d2:54:50:61:f9:cd:cc:f2:bd:57:b3:f4:7a:91:
a6:79:17:61:f3:8b:3c:2f:e0:e5:6b:e8:d4:bd:fa:
65:f4:37:76:c0:42:6c:aa:23:07:4f:af:e9:2f:3c:
41:9c:6d:ec:3a:36:5f:ae:d2:ae:23:33:51:7d:e8:
89:59:1c:68:cd:5d:b6:f9:b1:62:fa:63:80:e2:ea:
07:1e:4c:a3:71:4d:a3:b9:1e:9b:59:74:e9:bb:7c:
f1:b1:32:f8:47:f9:90:fa:9a:7a:63:74:7d:e5:69:
84:af:59:1d:bd:12:7f:a5:9a:68:84:74:e7:95:34:
9f:10:20:08:86:8b:73:a0:eb:4a:f0:8d:46:aa:bf:
ab:fe:1c:90:3a:c6:3b:a5:6e:bd:74:ee:54:50:bf:
7c:29:39:13:1a:cb:99:43:08:23:7a:bf:5d:94:0c:
87:70:05:b2:90:68:84:ef:12:fb:3a:22:a7:a4:5c:
eb:2e:64:ee:12:9e:bf:91:ca:51:15:91:ba:65:72:
70:9f:b2:28:3f:1f:20:27:5f:df:5e:0f:7a:24:14:
bc:3b:06:38:30:37:d4:18:a8:8b:65:2b:4e:1c:ed:
77:ff:c9:34:bf:d9:88:84:fd:fb:a3:cb:6b:c1:61:
95:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:DE:3A:1C:BE:1E:EE:05:E7:5A:1E:C2:3E:B8:3D:30:1A:0B:B4:BB
X509v3 Authority Key Identifier:
keyid:21:B5:CB:0B:FB:54:18:3A:63:34:82:0D:70:4E:DB:F7:9B:04:CB:48
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/40ca266a-df83-4bb2-8007-4f85b893dc70/0/21B5CB0BFB54183A6334820D704EDBF79B04CB48.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/21B5CB0BFB54183A6334820D704EDBF79B04CB48.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/40ca266a-df83-4bb2-8007-4f85b893dc70/0/326131343a373538303a6130313a3a2f34382d3438203d3e20323135353433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:a01::/48
Signature Algorithm: sha256WithRSAEncryption
06:82:03:0f:79:53:0f:0f:2c:d0:0e:c9:2d:e8:5b:4d:e9:bd:
54:fa:97:f1:83:ff:ad:f5:21:5a:8b:a7:15:ff:ea:ff:77:22:
5f:a4:d1:d6:8f:81:9a:21:73:cc:f0:73:aa:95:c0:64:99:60:
8b:4a:35:28:1f:b1:60:5d:6c:ef:c8:0b:46:7c:18:f1:69:ad:
56:a3:bb:49:69:fa:ed:cc:81:90:42:09:68:7d:6b:d7:59:63:
54:4e:c1:77:68:18:e3:06:d4:aa:76:63:eb:30:22:64:ef:8d:
88:7b:1a:54:60:4a:f1:c8:f2:70:05:b9:32:6a:3d:c3:85:fc:
e5:1d:38:8e:67:0a:09:49:09:c5:e7:16:56:da:7a:e7:d1:45:
24:89:55:80:cb:43:e4:0f:1b:9f:2d:2d:46:d8:81:5f:9f:4f:
c2:fd:6d:c0:e7:48:25:c9:fb:98:0c:73:59:76:c8:b1:4d:dc:
cc:c6:0e:fb:7a:7c:7a:19:a8:fc:35:68:41:aa:18:31:df:5c:
a6:83:1b:66:c3:f0:7d:15:1d:a2:40:1b:47:7d:15:e1:86:25:
2a:e2:d4:9d:9f:13:a8:1d:54:d9:f3:cf:96:d1:f1:cb:a2:bc:
34:73:4f:95:05:c1:1d:bc:e8:d4:fb:f5:91:22:ff:7c:f7:b9:
0c:09:31:06
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIUQK4bOcVR80ApG3d1UIkTgx5tucMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjFCNUNCMEJGQjU0MTgzQTYzMzQ4MjBENzA0RURCRjc5
QjA0Q0I0ODAeFw0yNTAzMjUwMjQ0NTlaFw0yNjAzMjQwMjQ5NTlaMDMxMTAvBgNV
BAMTKDU1REUzQTFDQkUxRUVFMDVFNzVBMUVDMjNFQjgzRDMwMUEwQkI0QkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWo5qlq9Yt4hwndKF5y37SVFBh
+c3M8r1Xs/R6kaZ5F2Hzizwv4OVr6NS9+mX0N3bAQmyqIwdPr+kvPEGcbew6Nl+u
0q4jM1F96IlZHGjNXbb5sWL6Y4Di6gceTKNxTaO5HptZdOm7fPGxMvhH+ZD6mnpj
dH3laYSvWR29En+lmmiEdOeVNJ8QIAiGi3Og60rwjUaqv6v+HJA6xjulbr107lRQ
v3wpORMay5lDCCN6v12UDIdwBbKQaITvEvs6IqekXOsuZO4Snr+RylEVkbplcnCf
sig/HyAnX99eD3okFLw7BjgwN9QYqItlK04c7Xf/yTS/2YiE/fujy2vBYZUFAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUVd46HL4e7gXnWh7CPrg9MBoLtLswHwYDVR0j
BBgwFoAUIbXLC/tUGDpjNIINcE7b95sEy0gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNDBjYTI2NmEtZGY4My00YmIyLTgwMDctNGY4NWI4OTNk
YzcwLzAvMjFCNUNCMEJGQjU0MTgzQTYzMzQ4MjBENzA0RURCRjc5QjA0Q0I0OC5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC8yMUI1Q0IwQkZCNTQxODNBNjMzNDgyMEQ3
MDRFREJGNzlCMDRDQjQ4LmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS80MGNhMjY2YS1kZjgzLTRiYjItODAwNy00Zjg1Yjg5M2RjNzAvMC8zMjYxMzEz
NDNhMzczNTM4MzAzYTYxMzAzMTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzEz
NTM1MzQzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYAKATANBgkqhkiG9w0BAQsFAAOCAQEABoID
D3lTDw8s0A7JLehbTem9VPqX8YP/rfUhWounFf/q/3ciX6TR1o+BmiFzzPBzqpXA
ZJlgi0o1KB+xYF1s78gLRnwY8WmtVqO7SWn67cyBkEIJaH1r11ljVE7Bd2gY4wbU
qnZj6zAiZO+NiHsaVGBK8cjycAW5Mmo9w4X85R04jmcKCUkJxecWVtp659FFJIlV
gMtD5A8bny0tRtiBX59Pwv1twOdIJcn7mAxzWXbIsU3czMYO+3p8ehmo/DVoQaoY
Md9cpoMbZsPwfRUdokAbR30V4YYlKuLUnZ8TqB1U2fPPltHxy6K8NHNPlQXBHbzo
1Pv1kSL/fPe5DAkxBg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 05:59:25 2025 by rpki-client