Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/8/326130363a613030353a6432643a3a2f34382d3438203d3e203530313034.roa
File: 326130363a613030353a6432643a3a2f34382d3438203d3e203530313034.roa (raw, json)
Hash identifier: CAs4yn2E+Z/tR5i90G5tFQhJLWheBQDwrBHMrZXdGBo=
Subject key identifier: 89:AF:FF:EA:3C:BE:EF:C1:EE:55:BB:F8:78:8B:10:43:40:A0:0A:D1
Certificate issuer: /CN=6578E79662000496EB1540D8BD8FA65ED8D63A62
Certificate serial: 65A3409ABE882995DCF2D6FA5A56720CDCB89394
Authority key identifier: 65:78:E7:96:62:00:04:96:EB:15:40:D8:BD:8F:A6:5E:D8:D6:3A:62
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6578E79662000496EB1540D8BD8FA65ED8D63A62.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/8/326130363a613030353a6432643a3a2f34382d3438203d3e203530313034.roa
Signing time: Thu 03 Jul 2025 23:54:20 +0000
ROA not before: Thu 03 Jul 2025 23:49:20 +0000
ROA not after: Thu 02 Jul 2026 23:54:20 +0000
asID: 50104
IP address blocks: 2a06:a005:d2d::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:a3:40:9a:be:88:29:95:dc:f2:d6:fa:5a:56:72:0c:dc:b8:93:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6578E79662000496EB1540D8BD8FA65ED8D63A62
Validity
Not Before: Jul 3 23:49:20 2025 GMT
Not After : Jul 2 23:54:20 2026 GMT
Subject: CN=89AFFFEA3CBEEFC1EE55BBF8788B104340A00AD1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:60:f7:16:de:a7:5f:3d:99:5a:bc:18:77:27:
5a:fe:02:ab:b2:18:7c:26:ff:a8:77:cb:47:0b:dc:
6b:da:b4:23:6a:2f:44:82:e0:54:7d:f1:e3:5a:64:
ae:a4:69:f9:71:7c:a5:89:b3:11:a9:82:5d:39:dc:
c3:b2:a2:68:0f:8b:be:7a:fe:a6:34:a6:28:d9:af:
31:33:60:93:71:af:49:d9:20:6a:83:e6:92:cd:69:
59:9e:c4:c7:03:50:db:e1:6c:8b:28:d4:e1:ed:dd:
95:83:22:20:4d:12:2e:7d:fd:f8:27:e8:38:b6:75:
99:00:92:6e:86:ac:57:a9:2f:fe:ba:37:ad:3b:64:
94:7b:8c:d3:87:21:58:02:17:87:b3:84:4f:7a:89:
3f:d8:63:3a:53:7a:d2:05:9f:10:f7:7a:f4:3a:a8:
44:88:d2:a3:47:b7:f6:9b:7a:4e:54:00:94:7d:0c:
48:c4:8b:3e:c2:b6:91:2c:12:2e:4f:85:62:3c:7d:
b4:a6:e2:f5:a5:55:ae:82:6f:97:6c:bd:fd:b4:dd:
60:e4:db:82:4a:bb:7c:5b:a6:0c:9e:f5:6e:32:16:
15:c8:af:7b:f2:b1:4d:a6:8b:27:23:a4:1e:c4:b9:
39:42:46:22:de:c3:66:f5:a7:00:bc:83:4f:97:84:
73:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:AF:FF:EA:3C:BE:EF:C1:EE:55:BB:F8:78:8B:10:43:40:A0:0A:D1
X509v3 Authority Key Identifier:
keyid:65:78:E7:96:62:00:04:96:EB:15:40:D8:BD:8F:A6:5E:D8:D6:3A:62
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/8/6578E79662000496EB1540D8BD8FA65ED8D63A62.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/6578E79662000496EB1540D8BD8FA65ED8D63A62.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/8/326130363a613030353a6432643a3a2f34382d3438203d3e203530313034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:a005:d2d::/48
Signature Algorithm: sha256WithRSAEncryption
1e:27:a0:1f:67:2c:8e:ba:c9:81:b7:66:45:ec:ae:47:f4:ee:
0f:b5:b0:38:0c:b6:45:64:bf:a3:78:f7:ee:88:43:c7:88:19:
3c:1e:8c:85:4e:27:76:a4:f6:b0:a6:e0:3c:05:c9:85:63:b1:
91:0b:bd:b4:e0:c9:93:44:3b:d4:75:36:3d:86:c3:88:2e:d8:
ea:72:26:c6:1e:1b:6f:84:1b:8e:34:d9:d9:44:2d:88:ea:d1:
29:28:df:83:70:ff:45:4a:e1:44:59:11:2a:42:4e:ef:e2:d7:
44:b9:8a:77:f2:68:fa:53:f4:65:c2:bc:27:ac:f7:a2:bd:82:
76:52:5b:b5:98:36:c1:76:28:1c:5f:12:0c:4f:ce:9a:53:57:
87:0e:76:a6:8d:43:a0:5b:48:d3:9b:47:23:43:9b:d1:d8:bb:
8f:44:b0:34:5b:6f:a7:43:83:51:ad:fa:8a:26:89:66:71:47:
b9:9b:32:87:ff:19:7f:4a:51:6a:d4:a6:27:10:28:71:7e:29:
50:44:bb:f5:9a:40:f7:8e:bd:0f:47:44:52:b3:2a:e3:62:a2:
02:ab:cd:dc:9f:bb:0e:4a:f2:73:bb:c6:5f:cc:4e:9f:d6:24:
00:0b:c8:44:30:26:85:5c:a7:9e:e4:e8:88:54:a1:47:5a:7f:
e2:e3:64:16
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgIUZaNAmr6IKZXc8tb6WlZyDNy4k5QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjU3OEU3OTY2MjAwMDQ5NkVCMTU0MEQ4QkQ4RkE2NUVE
OEQ2M0E2MjAeFw0yNTA3MDMyMzQ5MjBaFw0yNjA3MDIyMzU0MjBaMDMxMTAvBgNV
BAMTKDg5QUZGRkVBM0NCRUVGQzFFRTU1QkJGODc4OEIxMDQzNDBBMDBBRDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQYPcW3qdfPZlavBh3J1r+Aquy
GHwm/6h3y0cL3GvatCNqL0SC4FR98eNaZK6kaflxfKWJsxGpgl053MOyomgPi756
/qY0pijZrzEzYJNxr0nZIGqD5pLNaVmexMcDUNvhbIso1OHt3ZWDIiBNEi59/fgn
6Di2dZkAkm6GrFepL/66N607ZJR7jNOHIVgCF4ezhE96iT/YYzpTetIFnxD3evQ6
qESI0qNHt/abek5UAJR9DEjEiz7CtpEsEi5PhWI8fbSm4vWlVa6Cb5dsvf203WDk
24JKu3xbpgye9W4yFhXIr3vysU2miycjpB7EuTlCRiLew2b1pwC8g0+XhHMLAgMB
AAGjggJ2MIICcjAdBgNVHQ4EFgQUia//6jy+78HuVbv4eIsQQ0CgCtEwHwYDVR0j
BBgwFoAUZXjnlmIABJbrFUDYvY+mXtjWOmIwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJkMzA2YjQtZTVjMy00OGY5LWIyZWUtMzZhOWJkZGVk
OGM0LzgvNjU3OEU3OTY2MjAwMDQ5NkVCMTU0MEQ4QkQ4RkE2NUVEOEQ2M0E2Mi5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzcvNjU3OEU3OTY2MjAwMDQ5NkVCMTU0MEQ4QkQ4RkE2NUVEOEQ2
M0E2Mi5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWJkMzA2YjQt
ZTVjMy00OGY5LWIyZWUtMzZhOWJkZGVkOGM0LzgvMzI2MTMwMzYzYTYxMzAzMDM1
M2E2NDMyNjQzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNTMwMzEzMDM0LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKgagBQ0tMA0GCSqGSIb3DQEBCwUAA4IBAQAeJ6AfZyyOusmBt2ZF7K5H
9O4PtbA4DLZFZL+jePfuiEPHiBk8HoyFTid2pPawpuA8BcmFY7GRC7204MmTRDvU
dTY9hsOILtjqcibGHhtvhBuONNnZRC2I6tEpKN+DcP9FSuFEWREqQk7v4tdEuYp3
8mj6U/RlwrwnrPeivYJ2Ulu1mDbBdigcXxIMT86aU1eHDnamjUOgW0jTm0cjQ5vR
2LuPRLA0W2+nQ4NRrfqKJolmcUe5mzKH/xl/SlFq1KYnEChxfilQRLv1mkD3jr0P
R0RSsyrjYqICq83cn7sOSvJzu8ZfzE6f1iQAC8hEMCaFXKee5OiIVKFHWn/i42QW
-----END CERTIFICATE-----
Generated at Mon Aug 4 19:02:03 2025 by rpki-client