Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835663a3a2f34382d3438203d3e20323135333739.roa
File: 326131343a373538313a343835663a3a2f34382d3438203d3e20323135333739.roa (raw, json)
Hash identifier: LiQaiw5undZF8O9ZPrbB+SuBZXPDpvcvnNafAQKgteo=
Subject key identifier: 44:F4:E9:81:F7:38:1C:25:84:48:5A:1E:F2:1D:8C:70:6E:A8:65:48
Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Certificate serial: 1AFEABD2A4D75D92ED81AE258DFC1DFCC4B47551
Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835663a3a2f34382d3438203d3e20323135333739.roa
Signing time: Sun 04 May 2025 11:03:12 +0000
ROA not before: Sun 04 May 2025 10:58:12 +0000
ROA not after: Sun 03 May 2026 11:03:12 +0000
asID: 215379
IP address blocks: 2a14:7581:485f::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:fe:ab:d2:a4:d7:5d:92:ed:81:ae:25:8d:fc:1d:fc:c4:b4:75:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Validity
Not Before: May 4 10:58:12 2025 GMT
Not After : May 3 11:03:12 2026 GMT
Subject: CN=44F4E981F7381C2584485A1EF21D8C706EA86548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:72:f1:f6:41:df:54:31:41:03:d9:44:f4:67:
57:18:1c:a5:4a:67:0e:eb:89:c1:9b:92:a3:de:0e:
00:38:01:11:1e:98:31:d1:15:b0:58:dd:aa:59:53:
7c:5e:09:b4:a4:ed:55:76:d0:ce:f9:b0:33:21:3c:
0d:df:1f:4b:53:77:00:d8:ec:7b:24:16:b0:b2:24:
ec:ef:0d:44:64:e3:d1:ad:3d:d8:93:fe:88:ce:eb:
e3:6a:d0:e0:4a:11:60:44:be:9d:c1:81:c7:1a:f5:
a5:ae:75:00:45:9e:b0:cf:6a:78:6d:20:aa:a6:59:
78:5c:48:59:84:c4:0b:90:f4:7a:eb:63:16:a8:16:
58:2b:90:a8:9f:7c:70:77:d7:c1:f6:2c:e6:f6:cf:
62:e0:0a:14:7e:e2:b3:9e:ff:38:a6:17:4c:82:83:
6b:aa:e5:92:96:b9:de:c6:71:6b:e9:e2:52:f7:63:
83:3b:07:db:de:01:d9:91:56:00:f3:8e:16:0e:af:
e1:af:af:02:f1:84:0a:7f:24:db:8f:6d:97:69:ba:
1d:49:77:4c:c7:b0:6e:34:b4:92:ce:bf:fb:2e:d7:
ac:e1:4a:b5:9e:df:c1:96:c3:94:90:53:9d:b6:de:
cd:9e:ca:90:7f:d8:04:ba:4e:6e:1a:25:4a:35:ee:
30:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:F4:E9:81:F7:38:1C:25:84:48:5A:1E:F2:1D:8C:70:6E:A8:65:48
X509v3 Authority Key Identifier:
keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343835663a3a2f34382d3438203d3e20323135333739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:485f::/48
Signature Algorithm: sha256WithRSAEncryption
2f:2a:04:d3:26:49:31:26:53:e7:69:c4:92:70:72:c8:02:93:
32:a9:33:c9:c4:03:37:f5:01:0a:4c:bd:65:7b:0e:f2:48:b3:
bf:b0:77:25:33:41:5f:73:2a:9c:f0:60:3b:15:27:c0:c9:59:
8f:dc:64:d4:da:9a:4a:fc:3e:f7:8f:85:8e:97:b5:39:3d:76:
cd:b1:88:51:69:9f:42:58:5c:a8:8c:e8:07:d2:eb:1c:03:5b:
ab:f5:52:65:1c:85:19:4b:15:83:5c:49:70:a4:3c:3e:5c:cf:
0b:04:d4:50:d8:b0:b5:30:57:bd:fe:6b:3b:85:e9:c6:8f:83:
6f:8f:94:e2:4b:20:ff:e2:2d:68:a4:69:da:0d:65:11:a9:72:
8d:f9:6a:68:26:8d:37:b7:30:bf:3f:92:fa:9a:2a:80:ab:6a:
bf:0f:a5:14:fa:08:79:31:62:51:39:dd:8f:ff:b6:7f:44:5c:
13:0e:72:39:0c:53:86:ee:26:a7:ef:62:ed:8d:63:f4:da:b9:
45:7f:de:2a:67:0c:aa:94:84:48:8a:6a:b7:4c:f0:20:6b:26:
25:be:bc:4f:12:bd:fd:4a:95:6f:be:0a:cc:a9:dc:7f:3b:e4:
00:c0:89:b6:44:1a:eb:a8:e5:95:39:05:2c:1b:ff:be:7d:7a:
9f:88:3f:49
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUGv6r0qTXXZLtga4ljfwd/MS0dVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF
MEFGQjM4QzAeFw0yNTA1MDQxMDU4MTJaFw0yNjA1MDMxMTAzMTJaMDMxMTAvBgNV
BAMTKDQ0RjRFOTgxRjczODFDMjU4NDQ4NUExRUYyMUQ4QzcwNkVBODY1NDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVcvH2Qd9UMUED2UT0Z1cYHKVK
Zw7ricGbkqPeDgA4AREemDHRFbBY3apZU3xeCbSk7VV20M75sDMhPA3fH0tTdwDY
7HskFrCyJOzvDURk49GtPdiT/ojO6+Nq0OBKEWBEvp3Bgcca9aWudQBFnrDPanht
IKqmWXhcSFmExAuQ9HrrYxaoFlgrkKiffHB318H2LOb2z2LgChR+4rOe/zimF0yC
g2uq5ZKWud7GcWvp4lL3Y4M7B9veAdmRVgDzjhYOr+GvrwLxhAp/JNuPbZdpuh1J
d0zHsG40tJLOv/su16zhSrWe38GWw5SQU5223s2eypB/2AS6Tm4aJUo17jDPAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQURPTpgfc4HCWESFoe8h2McG6oZUgwHwYDVR0j
BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4
NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE
QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM0MzgzNTY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNzM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gUhfMA0GCSqGSIb3DQEBCwUAA4IBAQAv
KgTTJkkxJlPnacSScHLIApMyqTPJxAM39QEKTL1lew7ySLO/sHclM0Ffcyqc8GA7
FSfAyVmP3GTU2ppK/D73j4WOl7U5PXbNsYhRaZ9CWFyojOgH0uscA1ur9VJlHIUZ
SxWDXElwpDw+XM8LBNRQ2LC1MFe9/ms7henGj4Nvj5TiSyD/4i1opGnaDWURqXKN
+WpoJo03tzC/P5L6miqAq2q/D6UU+gh5MWJROd2P/7Z/RFwTDnI5DFOG7ian72Lt
jWP02rlFf94qZwyqlIRIimq3TPAgayYlvrxPEr39SpVvvgrMqdx/O+QAwIm2RBrr
qOWVOQUsG/++fXqfiD9J
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:02:33 2025 by rpki-client