Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34302d3430203d3e203438373030.roa
File: 326131343a316563373a666530303a3a2f34302d3430203d3e203438373030.roa (raw, json)
Hash identifier: J0+DuBYy80mQEB08o9BL+Wdoa73onC7NTMAXwlWlh24=
Subject key identifier: F0:93:46:F6:D5:F3:8F:7A:D8:38:17:54:81:D3:44:AC:32:BB:2C:F2
Certificate issuer: /CN=2AFACA7F316DBE0CFF394F9D5952E52992F185F1
Certificate serial: 6496B61BA3202C04514657AEFDBDFF71CF22A35F
Authority key identifier: 2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34302d3430203d3e203438373030.roa
Signing time: Fri 15 Mar 2024 19:07:22 +0000
ROA not before: Fri 15 Mar 2024 19:02:22 +0000
ROA not after: Fri 14 Mar 2025 19:07:22 +0000
asID: 48700
IP address blocks: 2a14:1ec7:fe00::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:96:b6:1b:a3:20:2c:04:51:46:57:ae:fd:bd:ff:71:cf:22:a3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2AFACA7F316DBE0CFF394F9D5952E52992F185F1
Validity
Not Before: Mar 15 19:02:22 2024 GMT
Not After : Mar 14 19:07:22 2025 GMT
Subject: CN=F09346F6D5F38F7AD838175481D344AC32BB2CF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:2b:7f:87:87:ea:f7:ac:0c:15:0f:d1:86:4e:
66:8e:f1:f8:e4:89:7d:8f:33:a4:bf:4c:ac:c1:5a:
8f:b5:b0:c0:e9:63:89:26:93:f2:d3:b9:df:82:5a:
05:64:83:18:b6:31:0a:e6:2b:7f:89:d6:d3:79:0c:
1c:3e:67:8a:7d:54:30:e1:60:57:2d:f6:c4:d3:68:
24:00:cf:c1:b8:72:68:44:07:ba:0e:ee:93:80:8e:
77:2a:ae:86:a1:ee:27:4a:3b:4c:27:7e:42:ad:26:
2b:85:f0:3e:27:4a:41:da:86:45:3c:36:be:f9:b3:
e5:9b:fc:74:84:ea:70:bd:03:22:70:34:81:b0:87:
87:7e:a4:3c:df:ae:fa:2e:bf:87:f9:79:be:bd:d9:
6e:52:67:3d:43:8d:08:6a:52:f4:3a:20:f6:98:d0:
8c:dc:e1:a2:bc:4f:15:b4:97:29:f5:04:48:02:57:
10:59:fb:92:08:50:48:3b:4c:4b:5a:f1:da:95:e1:
d9:81:d7:31:0a:ff:5c:b4:0b:24:aa:ca:63:65:11:
f6:e2:b8:45:30:4a:45:ff:e0:4b:b6:0b:5b:25:32:
3f:89:7b:58:7d:2f:13:23:ff:0c:57:26:9e:d2:bd:
19:de:c7:fe:15:50:53:24:f1:9d:41:9f:8d:5c:9e:
fa:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:93:46:F6:D5:F3:8F:7A:D8:38:17:54:81:D3:44:AC:32:BB:2C:F2
X509v3 Authority Key Identifier:
keyid:2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34302d3430203d3e203438373030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
14:4d:37:5d:d5:04:22:a9:5a:7a:8e:57:11:86:44:45:68:a6:
50:98:43:a3:a3:e4:7d:bb:38:5f:50:48:69:27:2b:45:14:63:
25:6c:5c:f9:a0:ad:d9:f0:0a:c0:d3:cf:20:6d:2a:ae:24:46:
cf:a5:13:32:a3:ee:a8:02:26:49:18:9f:59:20:14:02:03:b9:
6f:18:0e:7a:a5:59:03:03:20:57:a3:28:e5:52:99:28:38:93:
17:2a:cf:c2:75:ae:fc:d2:12:de:47:bd:61:75:0a:58:92:6e:
8f:60:84:9e:dd:ff:1d:49:c5:b5:fa:d5:33:29:4b:c0:22:f8:
1a:a6:78:28:6b:6b:df:94:d6:2b:db:8e:de:c0:26:c0:79:34:
6f:22:99:b4:6b:b1:b8:d1:4b:05:91:c9:30:83:f5:0b:4d:7f:
9a:89:6b:41:5c:18:ad:80:50:1e:51:c7:51:6b:d8:8b:65:fa:
5a:e2:57:6c:f0:b7:f1:9a:2e:6e:8f:5a:00:c3:d0:94:49:6f:
f3:5f:4c:fc:49:5a:4a:99:66:55:93:3e:a7:ab:20:5e:04:9e:
0a:13:06:00:0d:da:54:a2:50:1c:95:2b:df:46:41:b7:93:f2:
3d:cb:0a:21:63:32:0c:b0:ac:e7:7c:19:8a:9c:03:62:53:01:
a6:cb:ad:79
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgIUZJa2G6MgLARRRleu/b3/cc8io18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFGQUNBN0YzMTZEQkUwQ0ZGMzk0RjlENTk1MkU1Mjk5
MkYxODVGMTAeFw0yNDAzMTUxOTAyMjJaFw0yNTAzMTQxOTA3MjJaMDMxMTAvBgNV
BAMTKEYwOTM0NkY2RDVGMzhGN0FEODM4MTc1NDgxRDM0NEFDMzJCQjJDRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPK3+Hh+r3rAwVD9GGTmaO8fjk
iX2PM6S/TKzBWo+1sMDpY4kmk/LTud+CWgVkgxi2MQrmK3+J1tN5DBw+Z4p9VDDh
YFct9sTTaCQAz8G4cmhEB7oO7pOAjncqroah7idKO0wnfkKtJiuF8D4nSkHahkU8
Nr75s+Wb/HSE6nC9AyJwNIGwh4d+pDzfrvouv4f5eb692W5SZz1DjQhqUvQ6IPaY
0Izc4aK8TxW0lyn1BEgCVxBZ+5IIUEg7TEta8dqV4dmB1zEK/1y0CySqymNlEfbi
uEUwSkX/4Eu2C1slMj+Je1h9LxMj/wxXJp7SvRnex/4VUFMk8Z1Bn41cnvqBAgMB
AAGjggKCMIICfjAdBgNVHQ4EFgQU8JNG9tXzj3rYOBdUgdNErDK7LPIwHwYDVR0j
BBgwFoAUKvrKfzFtvgz/OU+dWVLlKZLxhfEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzMvMkFGQUNBN0YzMTZEQkUwQ0ZGMzk0RjlENTk1MkU1Mjk5MkYxODVGMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yQUZBQ0E3RjMxNkRCRTBDRkYzOTRGOUQ1
OTUyRTUyOTkyRjE4NUYxLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82Y2E4MTFmOC1kMDc1LTRlNTAtOWJiZi03YjJkMDkwNzE2OGYvMy8zMjYxMzEz
NDNhMzE2NTYzMzczYTY2NjUzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzQz
ODM3MzAzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACoUHsf+MA0GCSqGSIb3DQEBCwUAA4IBAQAUTTdd
1QQiqVp6jlcRhkRFaKZQmEOjo+R9uzhfUEhpJytFFGMlbFz5oK3Z8ArA088gbSqu
JEbPpRMyo+6oAiZJGJ9ZIBQCA7lvGA56pVkDAyBXoyjlUpkoOJMXKs/Cda780hLe
R71hdQpYkm6PYISe3f8dScW1+tUzKUvAIvgapngoa2vflNYr247ewCbAeTRvIpm0
a7G40UsFkckwg/ULTX+aiWtBXBitgFAeUcdRa9iLZfpa4lds8Lfxmi5uj1oAw9CU
SW/zX0z8SVpKmWZVkz6nqyBeBJ4KEwYADdpUolAclSvfRkG3k/I9ywohYzIMsKzn
fBmKnANiUwGmy615
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:11:55 2025 by rpki-client