Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343535303a3a2f34342d3438203d3e20323136333735.roa
File: 326131343a373538313a343535303a3a2f34342d3438203d3e20323136333735.roa (raw, json)
Hash identifier: 33Hc4k2qb/SFtHgCtF148ZPS40TPUk0mIWne3Kl1fjs=
Subject key identifier: 36:7D:09:9D:DE:D6:03:6D:8C:A7:F0:DE:A9:2C:A9:1A:1B:CA:00:13
Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Certificate serial: 5E7C96FF6F5C6BC30712AFFEC935F985145C13B7
Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343535303a3a2f34342d3438203d3e20323136333735.roa
Signing time: Fri 16 May 2025 16:39:34 +0000
ROA not before: Fri 16 May 2025 16:34:34 +0000
ROA not after: Fri 15 May 2026 16:39:34 +0000
asID: 216375
IP address blocks: 2a14:7581:4550::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:7c:96:ff:6f:5c:6b:c3:07:12:af:fe:c9:35:f9:85:14:5c:13:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Validity
Not Before: May 16 16:34:34 2025 GMT
Not After : May 15 16:39:34 2026 GMT
Subject: CN=367D099DDED6036D8CA7F0DEA92CA91A1BCA0013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:12:69:c3:e7:52:2d:20:f2:a5:45:e7:a7:
7a:4a:90:bd:02:d7:f4:c6:df:93:4e:00:3d:4b:46:
6b:d7:f3:5a:4e:31:84:10:59:68:b1:c0:f9:dd:b9:
62:fb:6a:40:7f:e8:67:99:a6:61:c5:9e:6a:4d:29:
de:ff:7a:8f:95:13:d1:17:c7:3a:95:83:dd:6f:6a:
16:c6:c8:1c:66:1e:ba:f3:a7:21:a0:86:5d:8c:7d:
8f:88:27:d5:50:f7:d5:15:b2:b3:1e:8d:6b:ac:f0:
87:3c:52:95:db:84:16:81:35:99:75:e2:c3:7f:f9:
c7:9f:d3:81:b0:79:d6:9c:c4:01:d2:1e:0d:92:e3:
25:e0:29:b7:c7:52:a8:00:97:73:ba:08:d8:9b:23:
2c:be:08:6d:af:b4:93:d5:a6:37:e7:48:e0:7f:98:
82:92:84:3f:25:58:21:4b:bd:41:40:32:f8:9c:e1:
b0:1c:4b:f3:29:c2:2d:a0:83:93:ba:dc:3b:97:e8:
d2:15:2b:97:d5:7b:f5:20:f2:33:f8:5e:69:00:b3:
0d:cb:95:1f:44:7d:60:7f:98:71:2a:87:26:63:b2:
bf:f9:9f:09:25:c2:2b:a9:52:63:1b:02:84:bc:2f:
8b:d4:cc:b4:68:fc:bc:47:fe:69:e6:a9:6b:d4:fd:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:7D:09:9D:DE:D6:03:6D:8C:A7:F0:DE:A9:2C:A9:1A:1B:CA:00:13
X509v3 Authority Key Identifier:
keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343535303a3a2f34342d3438203d3e20323136333735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:4550::/44
Signature Algorithm: sha256WithRSAEncryption
9f:fb:d7:7a:d1:60:1d:7e:8c:a3:10:9a:95:85:d2:82:78:04:
e6:4c:66:11:33:b6:06:92:16:36:1a:c8:66:95:81:b7:04:2e:
37:fb:e4:e0:b7:d5:41:7c:99:6e:04:13:c4:c1:55:29:b6:95:
50:de:52:fb:e2:b9:4e:47:26:22:b7:f7:e4:e9:74:85:be:fb:
06:13:a6:1d:72:79:e4:38:85:7a:e9:6c:ab:f1:c7:b8:ff:9d:
e0:61:d8:96:5a:2d:1c:a2:18:8a:17:d3:82:81:dc:9b:81:de:
0c:34:7d:e4:91:83:ee:b6:3e:10:06:52:f7:41:62:5c:0a:5d:
c8:f3:77:22:8f:89:1e:61:b3:06:ee:20:40:7e:ec:43:23:12:
91:9a:d8:b2:5e:c7:a4:63:17:0c:5b:c1:26:58:34:e6:3f:70:
dd:ea:e6:7e:47:30:87:79:e1:b3:2f:8e:86:87:53:81:e2:e2:
c6:af:89:58:6a:67:9d:f6:8e:4d:99:ce:87:f9:74:3e:cd:fc:
69:9b:d8:3c:2b:1c:2b:0b:3c:ce:06:d9:d4:08:09:0c:13:6c:
5c:c6:5b:e6:90:a1:bb:1e:e6:a0:ae:9a:81:5d:2c:01:a0:b0:
12:f6:23:7a:1d:44:b2:bb:d1:09:8e:e1:e1:ce:f5:6a:33:a6:
14:e4:e3:3d
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUXnyW/29ca8MHEq/+yTX5hRRcE7cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF
MEFGQjM4QzAeFw0yNTA1MTYxNjM0MzRaFw0yNjA1MTUxNjM5MzRaMDMxMTAvBgNV
BAMTKDM2N0QwOTlEREVENjAzNkQ4Q0E3RjBERUE5MkNBOTFBMUJDQTAwMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0UhJpw+dSLSDypUXnp3pKkL0C
1/TG35NOAD1LRmvX81pOMYQQWWixwPnduWL7akB/6GeZpmHFnmpNKd7/eo+VE9EX
xzqVg91vahbGyBxmHrrzpyGghl2MfY+IJ9VQ99UVsrMejWus8Ic8UpXbhBaBNZl1
4sN/+cef04GwedacxAHSHg2S4yXgKbfHUqgAl3O6CNibIyy+CG2vtJPVpjfnSOB/
mIKShD8lWCFLvUFAMvic4bAcS/Mpwi2gg5O63DuX6NIVK5fVe/Ug8jP4XmkAsw3L
lR9EfWB/mHEqhyZjsr/5nwklwiupUmMbAoS8L4vUzLRo/LxH/mnmqWvU/ZJrAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUNn0Jnd7WA22Mp/DeqSypGhvKABMwHwYDVR0j
BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4
NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE
QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM0MzUzNTMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIz
MTM2MzMzNzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gUVQMA0GCSqGSIb3DQEBCwUAA4IBAQCf
+9d60WAdfoyjEJqVhdKCeATmTGYRM7YGkhY2GshmlYG3BC43++Tgt9VBfJluBBPE
wVUptpVQ3lL74rlORyYit/fk6XSFvvsGE6YdcnnkOIV66Wyr8ce4/53gYdiWWi0c
ohiKF9OCgdybgd4MNH3kkYPutj4QBlL3QWJcCl3I83cij4keYbMG7iBAfuxDIxKR
mtiyXsekYxcMW8EmWDTmP3Dd6uZ+RzCHeeGzL46Gh1OB4uLGr4lYamed9o5Nmc6H
+XQ+zfxpm9g8KxwrCzzOBtnUCAkME2xcxlvmkKG7HuagrpqBXSwBoLAS9iN6HUSy
u9EJjuHhzvVqM6YU5OM9
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:59:41 2025 by rpki-client