Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373130313a3a2f34382d3438203d3e20323135313236.roa
File: 326131343a373538313a373130313a3a2f34382d3438203d3e20323135313236.roa (raw, json)
Hash identifier: sb7jt5ThbDMAcAj1Thx/mJswnV1hzPiUiLvz0P8Hkbs=
Subject key identifier: 53:43:8A:67:E3:46:80:08:E9:CA:44:22:9F:90:D7:95:C8:D7:B9:73
Certificate issuer: /CN=F78178425D897035E1D77343191BF013B39B03A5
Certificate serial: 68B418D4453B2357708BCB6C755E8D6A49C6A8F9
Authority key identifier: F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373130313a3a2f34382d3438203d3e20323135313236.roa
Signing time: Wed 04 Feb 2026 20:30:43 +0000
ROA not before: Wed 04 Feb 2026 20:25:43 +0000
ROA not after: Wed 03 Feb 2027 20:30:43 +0000
asID: 215126
IP address blocks: 2a14:7581:7101::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:b4:18:d4:45:3b:23:57:70:8b:cb:6c:75:5e:8d:6a:49:c6:a8:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F78178425D897035E1D77343191BF013B39B03A5
Validity
Not Before: Feb 4 20:25:43 2026 GMT
Not After : Feb 3 20:30:43 2027 GMT
Subject: CN=53438A67E3468008E9CA44229F90D795C8D7B973
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f7:e6:8a:c5:42:99:63:dc:0c:b6:50:62:e8:
05:ad:2b:57:40:20:b9:e3:8e:38:c2:af:67:58:92:
fb:5a:f8:34:13:2f:e0:4f:b3:ad:75:37:08:97:2e:
91:79:ae:af:2a:33:51:30:bc:05:78:aa:f5:9a:06:
e0:25:63:7d:01:19:40:5f:d9:41:18:2d:2a:e9:03:
34:09:1d:79:bf:03:65:3e:84:8d:00:7c:66:38:cc:
18:db:57:d6:70:ac:a4:82:a1:01:44:20:ff:79:b0:
56:b9:a3:d3:03:3a:f3:f1:f3:30:46:f9:d4:65:8c:
47:1c:3f:78:22:c6:52:4a:62:0a:60:c5:0b:9f:4f:
4c:99:35:de:d0:d3:85:42:b3:2d:7a:98:79:bd:cb:
ce:30:3b:36:bf:7a:03:c1:93:ef:36:ba:27:b9:85:
0e:cc:bf:dc:3e:44:52:e1:96:76:b6:9a:dc:cb:b1:
fd:ea:76:b2:ba:00:24:23:eb:11:a4:4b:ba:b9:54:
b6:05:c6:23:5c:27:dd:3c:c4:d1:5c:b2:54:49:67:
e0:9f:05:5a:6c:7a:a8:00:1f:30:75:9f:3a:27:87:
b0:f5:c0:cc:71:56:b7:9f:79:d7:50:fe:5c:30:6f:
e0:37:60:6a:3f:fb:48:c0:5c:03:17:30:5e:0e:56:
c4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:43:8A:67:E3:46:80:08:E9:CA:44:22:9F:90:D7:95:C8:D7:B9:73
X509v3 Authority Key Identifier:
keyid:F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/F78178425D897035E1D77343191BF013B39B03A5.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373130313a3a2f34382d3438203d3e20323135313236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:7101::/48
Signature Algorithm: sha256WithRSAEncryption
a4:1a:ff:45:96:36:0d:c3:b6:8c:1d:fd:ff:81:84:37:14:2a:
56:f4:8b:39:58:2c:e3:16:3b:25:3e:42:e9:11:5a:05:8b:c2:
16:27:0f:b8:fc:1a:b5:f2:20:de:71:ea:fa:9d:06:36:26:cb:
65:99:32:09:1e:2f:3e:5b:d1:f4:ea:22:84:8b:26:2f:59:0d:
2d:c3:56:05:b4:2c:e3:83:ec:c9:12:63:95:67:bb:f3:5b:c1:
e6:7d:50:ef:fb:c5:a5:a6:a9:be:76:da:2d:7f:12:19:94:fa:
b6:a1:9b:0e:91:f9:d2:9a:7c:62:22:50:76:e0:fd:35:89:84:
d6:70:e1:81:c7:7e:5f:55:00:08:aa:28:f1:9e:23:7e:cf:be:
9e:b2:09:1c:7b:ef:9c:ce:9d:43:7c:e4:7a:fc:7a:09:74:38:
5b:a0:3b:72:b4:d5:17:56:75:bd:d7:3a:9d:93:d5:d9:ca:45:
d7:4e:b4:c7:d4:f2:86:e4:52:06:b5:b0:6e:c9:36:b7:44:bf:
c5:6e:99:35:fb:52:59:c5:0d:dd:33:04:81:76:0d:e2:2c:64:
7a:9a:a6:b1:e3:a5:32:0c:4f:8e:01:ae:44:79:03:ec:d0:40:
d8:96:49:dc:27:32:72:4b:cc:0b:2b:cd:d3:2e:c3:27:e1:dc:
ec:65:e8:5c
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUaLQY1EU7I1dwi8tsdV6NaknGqPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNC
MzlCMDNBNTAeFw0yNjAyMDQyMDI1NDNaFw0yNzAyMDMyMDMwNDNaMDMxMTAvBgNV
BAMTKDUzNDM4QTY3RTM0NjgwMDhFOUNBNDQyMjlGOTBENzk1QzhEN0I5NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB9+aKxUKZY9wMtlBi6AWtK1dA
ILnjjjjCr2dYkvta+DQTL+BPs611NwiXLpF5rq8qM1EwvAV4qvWaBuAlY30BGUBf
2UEYLSrpAzQJHXm/A2U+hI0AfGY4zBjbV9ZwrKSCoQFEIP95sFa5o9MDOvPx8zBG
+dRljEccP3gixlJKYgpgxQufT0yZNd7Q04VCsy16mHm9y84wOza/egPBk+82uie5
hQ7Mv9w+RFLhlna2mtzLsf3qdrK6ACQj6xGkS7q5VLYFxiNcJ908xNFcslRJZ+Cf
BVpseqgAHzB1nzonh7D1wMxxVrefeddQ/lwwb+A3YGo/+0jAXAMXMF4OVsQxAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUU0OKZ+NGgAjpykQin5DXlcjXuXMwHwYDVR0j
BBgwFoAU94F4Ql2JcDXh13NDGRvwE7ObA6UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGUxY2IwMjMtOTAwMi00ZTk1LWJkNTctNWZiODVlZmEw
ZTk3LzAvRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNCMzlCMDNBNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNzgxNzg0MjVEODk3MDM1RTFENzczNDMx
OTFCRjAxM0IzOUIwM0E1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wZTFjYjAyMy05MDAyLTRlOTUtYmQ1Ny01ZmI4NWVmYTBlOTcvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM3MzEzMDMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gXEBMA0GCSqGSIb3DQEBCwUAA4IBAQCk
Gv9FljYNw7aMHf3/gYQ3FCpW9Is5WCzjFjslPkLpEVoFi8IWJw+4/Bq18iDecer6
nQY2JstlmTIJHi8+W9H06iKEiyYvWQ0tw1YFtCzjg+zJEmOVZ7vzW8HmfVDv+8Wl
pqm+dtotfxIZlPq2oZsOkfnSmnxiIlB24P01iYTWcOGBx35fVQAIqijxniN+z76e
sgkce++czp1DfOR6/HoJdDhboDtytNUXVnW91zqdk9XZykXXTrTH1PKG5FIGtbBu
yTa3RL/Fbpk1+1JZxQ3dMwSBdg3iLGR6mqax46UyDE+OAa5EeQPs0EDYlkncJzJy
S8wLK83TLsMn4dzsZehc
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:32:09 2026 by rpki-client