Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa
File: 326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa (raw, json)
Hash identifier: d9ZCJaD2oVTYuo68mtbUiiX6SpxQJ389309XsJcG8v8=
Subject key identifier: C3:91:46:6D:C1:78:73:B5:55:55:BC:DC:97:CB:81:9F:85:65:EF:FA
Certificate issuer: /CN=2AFACA7F316DBE0CFF394F9D5952E52992F185F1
Certificate serial: 7ECF88AEB72237F0C2087D9F2974AE3339CAA8F6
Authority key identifier: 2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa
Signing time: Sat 27 Apr 2024 07:33:59 +0000
ROA not before: Sat 27 Apr 2024 07:28:59 +0000
ROA not after: Sat 26 Apr 2025 07:33:59 +0000
asID: 215747
IP address blocks: 2a14:1ec7:fe00::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:cf:88:ae:b7:22:37:f0:c2:08:7d:9f:29:74:ae:33:39:ca:a8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2AFACA7F316DBE0CFF394F9D5952E52992F185F1
Validity
Not Before: Apr 27 07:28:59 2024 GMT
Not After : Apr 26 07:33:59 2025 GMT
Subject: CN=C391466DC17873B55555BCDC97CB819F8565EFFA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:23:4d:48:71:ab:81:25:d0:6b:57:cb:10:c2:
53:ff:dc:32:f3:c9:54:d1:19:e0:5a:4e:5b:40:54:
49:2c:5c:8a:a0:fb:94:82:96:cd:88:a9:08:23:15:
37:cd:de:cb:d2:df:0b:8a:e6:21:0a:ca:e4:73:76:
36:59:4e:77:d4:27:9d:a3:42:be:6d:ac:5f:7d:57:
fe:b0:49:cb:4e:49:f1:0d:18:34:f3:40:96:b4:a3:
70:f8:4b:bd:77:22:b5:dc:5c:a7:5b:cd:82:9a:8a:
cc:3e:3b:ba:a9:7b:ab:e1:2e:83:a9:98:11:57:75:
ef:e2:75:97:dd:4e:3a:08:6e:97:c7:84:b1:51:00:
16:a9:6d:69:e0:54:76:31:f7:02:01:e6:84:8a:9c:
10:78:bc:9d:81:25:56:1e:4d:89:bf:5b:c7:cb:a9:
81:9e:40:8a:7d:13:59:5a:bb:07:ce:33:3e:41:04:
98:ad:32:44:90:4e:68:b4:0d:49:b9:7f:39:89:e7:
c4:9f:b1:43:61:73:53:01:09:86:03:11:ff:c5:47:
1b:bb:38:7a:88:c7:95:73:4b:d2:dc:4a:f9:6f:6f:
14:44:c5:4c:a8:94:da:a3:86:1f:bf:12:e9:2b:f6:
b9:a7:cb:27:f8:fb:5e:60:d1:41:1a:e5:f6:56:6c:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:91:46:6D:C1:78:73:B5:55:55:BC:DC:97:CB:81:9F:85:65:EF:FA
X509v3 Authority Key Identifier:
keyid:2A:FA:CA:7F:31:6D:BE:0C:FF:39:4F:9D:59:52:E5:29:92:F1:85:F1
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/2AFACA7F316DBE0CFF394F9D5952E52992F185F1.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ca811f8-d075-4e50-9bbf-7b2d0907168f/3/326131343a316563373a666530303a3a2f34342d3438203d3e20323135373437.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:fe00::/44
Signature Algorithm: sha256WithRSAEncryption
39:8b:2c:d5:21:4b:4c:a5:ac:d3:35:f3:ee:e7:2c:7a:25:63:
22:93:aa:b4:02:42:05:d0:39:fe:90:99:ce:53:6b:a3:fc:25:
68:9e:b4:1d:d2:d2:42:17:31:04:eb:ba:27:3c:72:7c:60:69:
17:49:57:6f:a7:37:b2:aa:6e:f3:6d:5e:c0:42:80:bc:b4:e9:
c1:f7:3f:cb:82:a7:7a:ce:d7:f6:ba:ed:8d:aa:99:f9:57:4e:
3f:31:8a:35:28:e0:a3:f4:9c:4f:cb:e8:39:c7:cd:fb:58:4a:
0e:7a:6b:0f:da:36:b9:67:0c:16:f0:99:48:0e:51:a3:18:82:
27:10:da:6b:46:e9:d3:a7:8d:0f:4a:ec:41:2c:cb:3f:7a:ce:
2b:97:91:1e:c5:44:54:04:73:c9:10:83:ee:a0:0d:1a:c2:db:
73:d6:f0:51:ae:d3:eb:9d:5d:54:64:9c:75:8d:56:b1:8d:0d:
52:ed:9e:67:3e:bc:2e:29:a5:e6:bd:25:e5:ee:19:27:a9:da:
ab:f8:39:6e:0b:33:bb:66:0d:58:c5:e8:7a:6f:6f:f1:4e:f3:
67:6c:24:cf:37:42:22:f7:bb:85:2a:dd:c7:c3:eb:46:c6:d2:
2e:83:29:1f:46:9a:0f:e7:ec:74:5d:52:5e:62:53:3d:1d:6e:
e5:57:f3:fe
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUfs+IrrciN/DCCH2fKXSuMznKqPYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkFGQUNBN0YzMTZEQkUwQ0ZGMzk0RjlENTk1MkU1Mjk5
MkYxODVGMTAeFw0yNDA0MjcwNzI4NTlaFw0yNTA0MjYwNzMzNTlaMDMxMTAvBgNV
BAMTKEMzOTE0NjZEQzE3ODczQjU1NTU1QkNEQzk3Q0I4MTlGODU2NUVGRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPI01IcauBJdBrV8sQwlP/3DLz
yVTRGeBaTltAVEksXIqg+5SCls2IqQgjFTfN3svS3wuK5iEKyuRzdjZZTnfUJ52j
Qr5trF99V/6wSctOSfENGDTzQJa0o3D4S713IrXcXKdbzYKaisw+O7qpe6vhLoOp
mBFXde/idZfdTjoIbpfHhLFRABapbWngVHYx9wIB5oSKnBB4vJ2BJVYeTYm/W8fL
qYGeQIp9E1lauwfOMz5BBJitMkSQTmi0DUm5fzmJ58SfsUNhc1MBCYYDEf/FRxu7
OHqIx5VzS9LcSvlvbxRExUyolNqjhh+/Eukr9rmnyyf4+15g0UEa5fZWbGRpAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUw5FGbcF4c7VVVbzcl8uBn4Vl7/owHwYDVR0j
BBgwFoAUKvrKfzFtvgz/OU+dWVLlKZLxhfEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmNhODExZjgtZDA3NS00ZTUwLTliYmYtN2IyZDA5MDcx
NjhmLzMvMkFGQUNBN0YzMTZEQkUwQ0ZGMzk0RjlENTk1MkU1Mjk5MkYxODVGMS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8yQUZBQ0E3RjMxNkRCRTBDRkYzOTRGOUQ1
OTUyRTUyOTkyRjE4NUYxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS82Y2E4MTFmOC1kMDc1LTRlNTAtOWJiZi03YjJkMDkwNzE2OGYvMy8zMjYxMzEz
NDNhMzE2NTYzMzczYTY2NjUzMDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MTM1MzczNDM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhQex/4AMA0GCSqGSIb3DQEBCwUAA4IBAQA5
iyzVIUtMpazTNfPu5yx6JWMik6q0AkIF0Dn+kJnOU2uj/CVonrQd0tJCFzEE67on
PHJ8YGkXSVdvpzeyqm7zbV7AQoC8tOnB9z/Lgqd6ztf2uu2Nqpn5V04/MYo1KOCj
9JxPy+g5x837WEoOemsP2ja5ZwwW8JlIDlGjGIInENprRunTp40PSuxBLMs/es4r
l5EexURUBHPJEIPuoA0awttz1vBRrtPrnV1UZJx1jVaxjQ1S7Z5nPrwuKaXmvSXl
7hknqdqr+DluCzO7Zg1Yxeh6b2/xTvNnbCTPN0Ii97uFKt3Hw+tGxtIugykfRpoP
5+x0XVJeYlM9HW7lV/P+
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:17:19 2025 by rpki-client