Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/326131333a393634343a343030303a3a2f34302d3430203d3e20323034323931.roa
File: 326131333a393634343a343030303a3a2f34302d3430203d3e20323034323931.roa (raw, json)
Hash identifier: 1o4m8PJbpPTt/WwCt8wMPBTEbmCl+8vcVtrKZbTYjFM=
Subject key identifier: 99:3B:51:E5:61:17:90:71:EB:F9:44:7D:42:93:DB:FF:BF:82:95:72
Certificate issuer: /CN=8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C
Certificate serial: 751E140EA85A8252FFD3289A4E985E652E0165D0
Authority key identifier: 8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/326131333a393634343a343030303a3a2f34302d3430203d3e20323034323931.roa
Signing time: Thu 10 Jul 2025 17:53:21 +0000
ROA not before: Thu 10 Jul 2025 17:48:21 +0000
ROA not after: Thu 09 Jul 2026 17:53:21 +0000
asID: 204291
IP address blocks: 2a13:9644:4000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:1e:14:0e:a8:5a:82:52:ff:d3:28:9a:4e:98:5e:65:2e:01:65:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C
Validity
Not Before: Jul 10 17:48:21 2025 GMT
Not After : Jul 9 17:53:21 2026 GMT
Subject: CN=993B51E561179071EBF9447D4293DBFFBF829572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:28:ea:84:7b:01:e2:3c:f8:d6:63:83:68:00:
5f:b1:05:47:18:2f:31:27:35:24:75:e7:ef:3a:07:
b5:1c:13:01:db:16:0d:5c:aa:51:34:3a:41:c0:5e:
c5:cd:a3:cf:6e:f8:e6:18:de:a7:09:d4:e3:32:7b:
42:14:e5:f0:95:34:e6:fc:f3:62:f2:19:df:51:08:
c8:ed:00:cb:47:83:0e:b0:f9:b3:d9:16:6b:ff:02:
79:90:65:5d:fd:c2:90:52:82:9b:f0:02:25:5c:7c:
6f:b5:e2:95:86:f4:9c:f9:aa:72:4f:45:d1:b5:64:
22:74:49:cb:a8:06:39:bf:1e:b5:07:dc:7e:99:df:
92:6d:da:cc:0b:40:c9:9b:88:05:ba:8e:90:0b:4e:
bb:a0:5b:db:59:a6:0b:64:eb:89:6e:7a:24:88:63:
a5:9a:d9:2d:0d:50:34:76:cb:41:d1:a5:ef:15:a3:
f2:3d:b3:80:71:64:f4:1d:30:9d:28:27:ed:16:ba:
61:45:1b:04:63:75:bb:e4:64:29:f6:6c:55:da:29:
c9:90:2c:35:1d:c9:00:83:0f:ab:bc:2b:eb:dc:aa:
8f:0f:5e:ab:bc:6a:b9:d2:91:d3:1a:66:59:86:39:
22:07:11:f4:13:f0:71:cc:73:7d:b3:07:f0:b2:7c:
89:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:3B:51:E5:61:17:90:71:EB:F9:44:7D:42:93:DB:FF:BF:82:95:72
X509v3 Authority Key Identifier:
keyid:8B:AD:30:7C:D4:DF:11:01:4E:40:ED:DF:FF:D6:0F:9A:09:E6:E9:5C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/8BAD307CD4DF11014E40EDDFFFD60F9A09E6E95C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/65eae745-8ac9-4e71-bc94-fcb261703f96/1/326131333a393634343a343030303a3a2f34302d3430203d3e20323034323931.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9644:4000::/40
Signature Algorithm: sha256WithRSAEncryption
a2:50:90:ef:f0:f5:77:86:3a:13:12:5f:e6:5f:6b:6d:02:c3:
0c:6d:4a:e9:49:8c:9e:66:7d:f6:2c:02:86:c1:ea:17:75:a4:
9f:15:05:62:6f:97:ae:a6:db:af:6a:23:ff:fa:c3:64:bd:61:
df:b0:f4:c4:d7:e9:1c:4a:76:c1:f4:38:08:26:b6:9e:48:5b:
90:78:1b:90:da:c0:8a:78:da:af:33:7b:f7:e5:a2:b1:e7:bf:
36:44:17:b2:0c:bf:c8:74:4e:19:5e:6d:2d:ee:1e:ae:e2:58:
cb:21:4c:27:7d:67:46:3c:e0:3a:68:32:ba:f0:6e:7b:0d:b2:
df:90:53:97:6d:1c:e6:28:1a:5e:7d:65:1e:77:01:e8:e4:ab:
bd:4f:e7:1b:cb:e9:ca:2b:65:b4:9c:e4:3d:02:89:bd:67:ca:
bf:51:7c:5f:90:1c:4e:77:ca:76:19:3c:c8:53:c6:1e:a8:9a:
09:26:4b:1f:f3:3b:76:5a:10:dd:00:ca:92:a7:dd:af:01:e4:
9c:a0:4c:51:61:68:10:3d:13:54:cb:50:fa:82:85:f0:41:81:
17:5c:15:1d:85:33:ab:9b:f6:a5:6a:b3:7e:0e:32:8d:50:99:
4b:89:12:b3:3e:78:a9:95:0b:ca:8f:6b:df:5c:3d:ff:10:8e:
c5:f9:52:37
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUdR4UDqhaglL/0yiaTpheZS4BZdAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJBRDMwN0NENERGMTEwMTRFNDBFRERGRkZENjBGOUEw
OUU2RTk1QzAeFw0yNTA3MTAxNzQ4MjFaFw0yNjA3MDkxNzUzMjFaMDMxMTAvBgNV
BAMTKDk5M0I1MUU1NjExNzkwNzFFQkY5NDQ3RDQyOTNEQkZGQkY4Mjk1NzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDKOqEewHiPPjWY4NoAF+xBUcY
LzEnNSR15+86B7UcEwHbFg1cqlE0OkHAXsXNo89u+OYY3qcJ1OMye0IU5fCVNOb8
82LyGd9RCMjtAMtHgw6w+bPZFmv/AnmQZV39wpBSgpvwAiVcfG+14pWG9Jz5qnJP
RdG1ZCJ0ScuoBjm/HrUH3H6Z35Jt2swLQMmbiAW6jpALTrugW9tZpgtk64lueiSI
Y6Wa2S0NUDR2y0HRpe8Vo/I9s4BxZPQdMJ0oJ+0WumFFGwRjdbvkZCn2bFXaKcmQ
LDUdyQCDD6u8K+vcqo8PXqu8arnSkdMaZlmGOSIHEfQT8HHMc32zB/CyfIkdAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUmTtR5WEXkHHr+UR9QpPb/7+ClXIwHwYDVR0j
BBgwFoAUi60wfNTfEQFOQO3f/9YPmgnm6VwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjVlYWU3NDUtOGFjOS00ZTcxLWJjOTQtZmNiMjYxNzAz
Zjk2LzEvOEJBRDMwN0NENERGMTEwMTRFNDBFRERGRkZENjBGOUEwOUU2RTk1Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9lMzBkZTg0Yi00MDBhLTRm
ZDEtYWI4YS1lNzYxNmUyNDViNDkvMC84QkFEMzA3Q0Q0REYxMTAxNEU0MEVEREZG
RkQ2MEY5QTA5RTZFOTVDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82NWVhZTc0NS04YWM5LTRlNzEtYmM5NC1mY2IyNjE3MDNmOTYvMS8zMjYxMzEz
MzNhMzkzNjM0MzQzYTM0MzAzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
MDM0MzIzOTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUF
BwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOWREAwDQYJKoZIhvcNAQELBQADggEBAKJQ
kO/w9XeGOhMSX+Zfa20CwwxtSulJjJ5mffYsAobB6hd1pJ8VBWJvl66m269qI//6
w2S9Yd+w9MTX6RxKdsH0OAgmtp5IW5B4G5DawIp42q8ze/florHnvzZEF7IMv8h0
ThlebS3uHq7iWMshTCd9Z0Y84DpoMrrwbnsNst+QU5dtHOYoGl59ZR53Aejkq71P
5xvL6corZbSc5D0Cib1nyr9RfF+QHE53ynYZPMhTxh6omgkmSx/zO3ZaEN0AypKn
3a8B5JygTFFhaBA9E1TLUPqChfBBgRdcFR2FM6ub9qVqs34OMo1QmUuJErM+eKmV
C8qPa99cPf8QjsX5Ujc=
-----END CERTIFICATE-----
Generated at Tue Sep 9 17:30:47 2025 by rpki-client