Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373230343a3a2f34382d3438203d3e20323135313236.roa
File: 326131343a373538313a373230343a3a2f34382d3438203d3e20323135313236.roa (raw, json)
Hash identifier: fXcKlJp1yQtABhfFzKBrCMCvRzADVzYTgxsFcYrjDig=
Subject key identifier: 31:C7:5C:7F:67:51:5C:D4:06:82:C8:0F:79:1A:CC:97:F5:A5:9D:78
Certificate issuer: /CN=F78178425D897035E1D77343191BF013B39B03A5
Certificate serial: 7D095B7B2F43663B7440D8A01E1B0FADEC1D9F8F
Authority key identifier: F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373230343a3a2f34382d3438203d3e20323135313236.roa
Signing time: Wed 04 Feb 2026 20:33:09 +0000
ROA not before: Wed 04 Feb 2026 20:28:09 +0000
ROA not after: Wed 03 Feb 2027 20:33:09 +0000
asID: 215126
IP address blocks: 2a14:7581:7204::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:09:5b:7b:2f:43:66:3b:74:40:d8:a0:1e:1b:0f:ad:ec:1d:9f:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F78178425D897035E1D77343191BF013B39B03A5
Validity
Not Before: Feb 4 20:28:09 2026 GMT
Not After : Feb 3 20:33:09 2027 GMT
Subject: CN=31C75C7F67515CD40682C80F791ACC97F5A59D78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b7:35:ab:87:99:a5:5e:7e:b0:3b:06:2c:91:
10:3d:d0:98:96:34:08:68:74:77:99:65:fc:79:d2:
ca:c3:42:01:c9:5e:6e:ce:d5:0f:ac:17:fd:82:b4:
27:c0:5e:f3:18:bf:89:b1:e9:a5:53:c9:2d:9e:45:
3f:dc:b4:8e:1a:ec:09:7f:b1:02:b6:32:e7:bc:9f:
af:e4:0c:16:b2:11:b7:10:16:4a:57:72:32:97:2f:
d2:5a:46:41:49:f5:76:0a:e5:47:18:33:a6:dc:5a:
ec:9f:97:9b:29:88:09:aa:40:05:a8:30:20:66:dd:
1c:e8:2b:cf:6f:44:9d:9e:72:52:07:33:d9:a3:0c:
de:29:21:b5:d7:d8:8a:d5:32:4a:91:16:88:c3:cb:
f1:be:57:8f:78:28:35:0e:bf:9f:5f:5b:3b:ed:54:
b1:de:64:58:bc:25:99:81:74:4b:89:e9:de:8a:ae:
41:30:69:05:ae:7a:f5:4d:9a:10:b2:2e:56:9e:03:
6e:69:af:9c:1d:1c:95:aa:d7:83:04:8a:f5:2f:46:
ab:76:8e:f0:4d:4c:42:0e:12:75:16:4e:25:79:0f:
60:a2:47:56:ce:d4:62:56:71:9a:ae:fa:12:24:cf:
0d:5d:25:e8:3a:3e:24:2b:6a:3c:7d:b5:a0:35:4a:
75:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C7:5C:7F:67:51:5C:D4:06:82:C8:0F:79:1A:CC:97:F5:A5:9D:78
X509v3 Authority Key Identifier:
keyid:F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/F78178425D897035E1D77343191BF013B39B03A5.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a373230343a3a2f34382d3438203d3e20323135313236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:7204::/48
Signature Algorithm: sha256WithRSAEncryption
13:1f:bb:0d:95:44:f8:f5:37:f4:70:31:95:9b:88:ba:2c:76:
71:63:ac:87:44:91:3d:73:11:35:66:c0:8e:8a:17:77:32:6b:
5b:02:9c:f5:88:3f:90:a7:f0:f5:48:a6:2e:dc:e7:19:47:fb:
23:43:03:ea:74:c6:38:b6:38:fd:3c:30:95:73:bb:36:38:3d:
ed:7e:78:41:4d:a2:73:c3:aa:c8:68:be:32:d6:0f:17:c9:59:
07:f7:9b:cd:8e:8d:58:d7:93:8c:9a:5d:a1:3b:61:1c:cf:6a:
8b:ce:fa:ad:ba:3d:51:19:f9:7f:ec:45:bf:2e:46:ec:03:17:
16:d7:63:59:3c:3d:a2:03:cd:31:fb:57:ac:7a:ed:01:f7:99:
c7:40:70:26:16:d1:ff:23:c3:ce:af:d7:13:14:9b:b8:b5:f5:
7e:e4:1b:fa:fa:cc:34:0d:5b:ba:85:c4:41:b4:fd:dc:ae:3f:
06:4a:75:83:ef:f8:3d:8b:44:c2:dc:d7:c3:e8:be:0a:d8:86:
95:d8:9d:0c:15:41:c2:74:3c:d2:d4:68:90:b8:ef:d9:42:23:
8e:9a:a2:da:6d:48:85:48:35:56:df:9d:4f:86:c4:c2:d3:20:
e3:9c:c9:bc:35:1e:ce:81:69:ab:c2:8f:1a:de:82:e6:60:1b:
cc:54:63:a1
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUfQlbey9DZjt0QNigHhsPrewdn48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNC
MzlCMDNBNTAeFw0yNjAyMDQyMDI4MDlaFw0yNzAyMDMyMDMzMDlaMDMxMTAvBgNV
BAMTKDMxQzc1QzdGNjc1MTVDRDQwNjgyQzgwRjc5MUFDQzk3RjVBNTlENzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgtzWrh5mlXn6wOwYskRA90JiW
NAhodHeZZfx50srDQgHJXm7O1Q+sF/2CtCfAXvMYv4mx6aVTyS2eRT/ctI4a7Al/
sQK2Mue8n6/kDBayEbcQFkpXcjKXL9JaRkFJ9XYK5UcYM6bcWuyfl5spiAmqQAWo
MCBm3RzoK89vRJ2eclIHM9mjDN4pIbXX2IrVMkqRFojDy/G+V494KDUOv59fWzvt
VLHeZFi8JZmBdEuJ6d6KrkEwaQWuevVNmhCyLlaeA25pr5wdHJWq14MEivUvRqt2
jvBNTEIOEnUWTiV5D2CiR1bO1GJWcZqu+hIkzw1dJeg6PiQrajx9taA1SnUTAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUMcdcf2dRXNQGgsgPeRrMl/WlnXgwHwYDVR0j
BBgwFoAU94F4Ql2JcDXh13NDGRvwE7ObA6UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGUxY2IwMjMtOTAwMi00ZTk1LWJkNTctNWZiODVlZmEw
ZTk3LzAvRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNCMzlCMDNBNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNzgxNzg0MjVEODk3MDM1RTFENzczNDMx
OTFCRjAxM0IzOUIwM0E1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wZTFjYjAyMy05MDAyLTRlOTUtYmQ1Ny01ZmI4NWVmYTBlOTcvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM3MzIzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gXIEMA0GCSqGSIb3DQEBCwUAA4IBAQAT
H7sNlUT49Tf0cDGVm4i6LHZxY6yHRJE9cxE1ZsCOihd3MmtbApz1iD+Qp/D1SKYu
3OcZR/sjQwPqdMY4tjj9PDCVc7s2OD3tfnhBTaJzw6rIaL4y1g8XyVkH95vNjo1Y
15OMml2hO2Ecz2qLzvqtuj1RGfl/7EW/LkbsAxcW12NZPD2iA80x+1eseu0B95nH
QHAmFtH/I8POr9cTFJu4tfV+5Bv6+sw0DVu6hcRBtP3crj8GSnWD7/g9i0TC3NfD
6L4K2IaV2J0MFUHCdDzS1GiQuO/ZQiOOmqLabUiFSDVW351PhsTC0yDjnMm8NR7O
gWmrwo8a3oLmYBvMVGOh
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:52:17 2026 by rpki-client