Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a376330303a3a2f34382d3438203d3e20323135313236.roa
File: 326131343a373538313a376330303a3a2f34382d3438203d3e20323135313236.roa (raw, json)
Hash identifier: jEiLVwsEFjrDcZFb+eu6JdCUvvKy+1Eg5Vh2xcLYL2A=
Subject key identifier: A7:10:CA:8E:12:81:B1:33:E1:CF:66:71:64:CD:62:5A:91:7B:02:25
Certificate issuer: /CN=F78178425D897035E1D77343191BF013B39B03A5
Certificate serial: 1224842094D95E7B24E0639E6EB6C87B719C77F0
Authority key identifier: F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a376330303a3a2f34382d3438203d3e20323135313236.roa
Signing time: Wed 04 Feb 2026 21:37:51 +0000
ROA not before: Wed 04 Feb 2026 21:32:51 +0000
ROA not after: Wed 03 Feb 2027 21:37:51 +0000
asID: 215126
IP address blocks: 2a14:7581:7c00::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:24:84:20:94:d9:5e:7b:24:e0:63:9e:6e:b6:c8:7b:71:9c:77:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F78178425D897035E1D77343191BF013B39B03A5
Validity
Not Before: Feb 4 21:32:51 2026 GMT
Not After : Feb 3 21:37:51 2027 GMT
Subject: CN=A710CA8E1281B133E1CF667164CD625A917B0225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:1f:54:66:b1:94:b9:91:6f:fc:d5:d1:26:9e:
17:fd:fc:52:36:50:62:0a:e1:29:67:38:97:b9:ec:
27:76:a5:9d:58:1f:4a:40:53:17:0b:9b:c7:9b:e5:
1d:8b:0a:67:48:69:f0:91:8f:d8:29:b0:ca:4a:2e:
1a:62:58:e8:b4:0d:c5:fd:fe:2b:9c:77:29:26:7f:
2b:b7:cc:2c:f8:e6:93:74:60:a7:43:a2:73:86:65:
52:09:8e:67:a2:9b:01:ad:ac:78:cb:d5:de:78:65:
56:ca:a7:6d:31:c0:de:08:82:11:b1:74:f2:1e:2e:
08:a8:fc:dd:18:c0:9f:cb:1d:af:8d:cc:02:3e:15:
c2:48:ce:b4:9b:b3:b7:a5:bd:4e:6a:a6:93:72:32:
61:9e:04:87:a1:90:ce:7d:63:19:05:2b:01:78:7d:
d3:00:7d:94:08:08:c6:84:f6:2a:86:14:d6:82:7f:
94:7f:52:96:58:0e:af:56:53:40:41:ea:be:3c:e6:
b9:a0:cf:42:a0:9c:41:d5:04:28:d3:b5:42:bd:46:
c0:47:a2:e6:ca:a0:8a:f4:b8:9a:59:2b:66:cf:4d:
57:be:52:02:45:41:c4:2b:39:9b:64:73:cc:1e:7b:
fb:52:1f:cf:3b:e9:9a:02:45:46:95:03:35:57:5a:
e3:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:10:CA:8E:12:81:B1:33:E1:CF:66:71:64:CD:62:5A:91:7B:02:25
X509v3 Authority Key Identifier:
keyid:F7:81:78:42:5D:89:70:35:E1:D7:73:43:19:1B:F0:13:B3:9B:03:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/F78178425D897035E1D77343191BF013B39B03A5.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/F78178425D897035E1D77343191BF013B39B03A5.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0e1cb023-9002-4e95-bd57-5fb85efa0e97/0/326131343a373538313a376330303a3a2f34382d3438203d3e20323135313236.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:7c00::/48
Signature Algorithm: sha256WithRSAEncryption
23:57:52:4b:16:02:fd:10:20:84:84:7e:51:41:ca:88:ae:b8:
91:ea:79:d3:af:bd:10:0f:c1:15:6e:8a:16:14:7f:12:ea:e4:
66:84:b1:ab:f6:b7:8d:53:ff:6d:5e:9a:0a:41:ea:5c:29:27:
3a:44:60:31:95:73:22:45:02:11:c6:6b:43:d0:6a:2d:f2:48:
ac:d0:d5:ad:1f:23:10:3f:60:88:22:be:9f:79:95:83:27:82:
ee:84:bd:d9:89:db:db:e9:8b:19:58:75:6c:28:c9:f0:06:84:
a2:47:75:45:4d:a6:69:02:fb:7d:64:44:39:1d:fc:65:17:e8:
2a:d2:a2:38:fd:0b:10:a0:4f:18:b6:72:ac:5c:3b:b2:f2:f8:
78:45:02:fc:e2:44:3e:0f:03:7d:3b:05:17:c3:ca:95:2f:5f:
37:fd:fa:10:f3:2f:07:fb:cb:7a:3a:9a:80:d8:70:20:fc:16:
8c:ff:69:74:4f:1d:1d:b9:6e:84:5b:e0:a9:38:90:af:16:0b:
0b:3f:08:bf:7b:be:35:03:15:a2:db:da:df:5d:9f:51:52:8d:
4f:03:9f:9d:55:c6:42:7f:12:85:11:39:ae:1c:00:02:33:63:
c4:ff:1f:1a:cc:43:2b:23:4f:ed:2a:82:12:bc:03:67:70:6f:
c8:d9:df:f8
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUEiSEIJTZXnsk4GOebrbIe3Gcd/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNC
MzlCMDNBNTAeFw0yNjAyMDQyMTMyNTFaFw0yNzAyMDMyMTM3NTFaMDMxMTAvBgNV
BAMTKEE3MTBDQThFMTI4MUIxMzNFMUNGNjY3MTY0Q0Q2MjVBOTE3QjAyMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRH1RmsZS5kW/81dEmnhf9/FI2
UGIK4SlnOJe57Cd2pZ1YH0pAUxcLm8eb5R2LCmdIafCRj9gpsMpKLhpiWOi0DcX9
/iucdykmfyu3zCz45pN0YKdDonOGZVIJjmeimwGtrHjL1d54ZVbKp20xwN4IghGx
dPIeLgio/N0YwJ/LHa+NzAI+FcJIzrSbs7elvU5qppNyMmGeBIehkM59YxkFKwF4
fdMAfZQICMaE9iqGFNaCf5R/UpZYDq9WU0BB6r485rmgz0KgnEHVBCjTtUK9RsBH
oubKoIr0uJpZK2bPTVe+UgJFQcQrOZtkc8wee/tSH8876ZoCRUaVAzVXWuMZAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUpxDKjhKBsTPhz2ZxZM1iWpF7AiUwHwYDVR0j
BBgwFoAU94F4Ql2JcDXh13NDGRvwE7ObA6UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGUxY2IwMjMtOTAwMi00ZTk1LWJkNTctNWZiODVlZmEw
ZTk3LzAvRjc4MTc4NDI1RDg5NzAzNUUxRDc3MzQzMTkxQkYwMTNCMzlCMDNBNS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9GNzgxNzg0MjVEODk3MDM1RTFENzczNDMx
OTFCRjAxM0IzOUIwM0E1LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8wZTFjYjAyMy05MDAyLTRlOTUtYmQ1Ny01ZmI4NWVmYTBlOTcvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM3NjMzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gXwAMA0GCSqGSIb3DQEBCwUAA4IBAQAj
V1JLFgL9ECCEhH5RQcqIrriR6nnTr70QD8EVbooWFH8S6uRmhLGr9reNU/9tXpoK
QepcKSc6RGAxlXMiRQIRxmtD0Got8kis0NWtHyMQP2CIIr6feZWDJ4LuhL3Zidvb
6YsZWHVsKMnwBoSiR3VFTaZpAvt9ZEQ5HfxlF+gq0qI4/QsQoE8YtnKsXDuy8vh4
RQL84kQ+DwN9OwUXw8qVL183/foQ8y8H+8t6OpqA2HAg/BaM/2l0Tx0duW6EW+Cp
OJCvFgsLPwi/e741AxWi29rfXZ9RUo1PA5+dVcZCfxKFETmuHAACM2PE/x8azEMr
I0/tKoISvANncG/I2d/4
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:52:13 2026 by rpki-client