Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343836303a3a2f34342d3438203d3e20313531353434.roa
File: 326131343a373538313a343836303a3a2f34342d3438203d3e20313531353434.roa (raw, json)
Hash identifier: XJo8jS2djpRteJlKSIzBy0GSOcq3Jj/2wBDjV1PmcuQ=
Subject key identifier: 8E:30:7A:B0:03:97:44:4E:92:62:3E:4E:C5:41:5F:A8:B5:62:5F:C6
Certificate issuer: /CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Certificate serial: 1B739390073E0CA3165595A582B64F35A4FC0621
Authority key identifier: 8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343836303a3a2f34342d3438203d3e20313531353434.roa
Signing time: Fri 16 May 2025 09:37:25 +0000
ROA not before: Fri 16 May 2025 09:32:25 +0000
ROA not after: Fri 15 May 2026 09:37:25 +0000
asID: 151544
IP address blocks: 2a14:7581:4860::/44 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:73:93:90:07:3e:0c:a3:16:55:95:a5:82:b6:4f:35:a4:fc:06:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C
Validity
Not Before: May 16 09:32:25 2025 GMT
Not After : May 15 09:37:25 2026 GMT
Subject: CN=8E307AB00397444E92623E4EC5415FA8B5625FC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:c5:89:e6:79:59:62:3b:59:7c:09:d0:a6:90:
d1:b9:ec:dc:e9:ff:c1:03:b7:da:b3:75:cf:25:08:
aa:b5:1f:d8:3f:0f:e0:80:f1:c3:33:d5:94:b8:db:
f4:5d:71:82:3f:91:2e:07:a7:cc:df:d0:b8:fa:9d:
c1:0a:47:f2:9a:70:77:de:d4:58:27:d3:f0:e5:00:
ac:d8:49:26:81:ca:fa:6a:bd:28:91:40:b2:89:c0:
1c:d2:0f:c8:62:8c:45:91:61:8e:c4:a6:7b:73:81:
64:b3:a3:30:95:9c:03:c0:99:32:fe:9b:ba:2e:16:
40:d3:e3:c2:ca:82:78:1e:99:4c:df:66:ad:e1:3d:
de:d9:96:85:82:f5:3f:74:9d:5f:dc:d1:3f:26:74:
ad:c6:d8:04:a1:ef:94:a0:c7:6f:96:e4:62:1b:45:
5f:33:86:b1:92:2a:99:39:e6:b3:24:25:9c:71:f4:
d6:73:f7:93:cc:c6:25:33:8e:82:32:a8:30:5b:35:
b7:24:02:84:8c:16:3f:39:23:57:99:5d:f7:ea:8b:
d8:e5:e3:40:24:02:32:9e:14:34:43:4f:05:9b:ca:
33:63:8a:86:bd:1e:71:ed:c7:db:28:be:72:7e:6a:
3a:a3:f4:35:3c:91:80:df:cf:91:b3:47:57:b7:3e:
fa:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:30:7A:B0:03:97:44:4E:92:62:3E:4E:C5:41:5F:A8:B5:62:5F:C6
X509v3 Authority Key Identifier:
keyid:8E:07:D3:1C:64:52:F7:A6:B2:4E:63:CD:DC:49:0E:12:E0:AF:B3:8C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/8E07D31C6452F7A6B24E63CDDC490E12E0AFB38C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/311e47c4-02f0-4657-9022-d2b83cff8755/4/326131343a373538313a343836303a3a2f34342d3438203d3e20313531353434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:4860::/44
Signature Algorithm: sha256WithRSAEncryption
71:29:3d:fb:6a:d8:29:b1:25:97:50:c4:5d:9e:f4:fc:f0:e3:
bf:2c:eb:2e:02:ae:09:45:50:d2:35:77:39:5e:ae:c1:6f:bc:
9f:11:c7:f8:60:1c:b5:ca:3f:f2:b1:6e:12:2e:16:99:00:fd:
17:7b:99:b1:75:d8:24:9d:04:1d:1f:50:cf:0f:e2:6c:8e:f4:
c6:53:bf:32:14:60:2a:75:02:b5:0d:f8:f5:15:44:4c:71:04:
f6:7e:72:48:46:03:93:97:b9:99:27:2e:48:3e:33:71:e2:8c:
3f:77:c0:b3:ff:1b:57:89:c7:74:8a:1f:cf:78:62:f3:9f:c1:
ac:43:f4:c1:d0:1d:8a:64:a0:be:71:eb:e6:1b:9c:59:16:b4:
4e:5b:64:e8:97:98:1b:71:c8:bf:ac:9b:4f:2e:18:84:0d:78:
1c:55:01:cc:cc:1f:62:1b:55:75:ff:6f:83:3d:3f:0a:58:d5:
77:76:d7:75:e4:72:4d:d1:f5:09:8d:75:17:35:d1:b5:39:f5:
19:c0:af:04:00:a4:29:77:fd:89:e4:9f:cf:68:53:b6:6d:2c:
71:b4:52:08:64:8b:6f:e1:e3:aa:9f:79:00:19:99:f5:2c:5d:
2b:40:6c:87:c0:dc:7a:e0:92:42:2f:70:ef:74:89:dc:6c:08:
43:79:93:08
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUG3OTkAc+DKMWVZWlgrZPNaT8BiEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJF
MEFGQjM4QzAeFw0yNTA1MTYwOTMyMjVaFw0yNjA1MTUwOTM3MjVaMDMxMTAvBgNV
BAMTKDhFMzA3QUIwMDM5NzQ0NEU5MjYyM0U0RUM1NDE1RkE4QjU2MjVGQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgxYnmeVliO1l8CdCmkNG57Nzp
/8EDt9qzdc8lCKq1H9g/D+CA8cMz1ZS42/RdcYI/kS4Hp8zf0Lj6ncEKR/KacHfe
1Fgn0/DlAKzYSSaByvpqvSiRQLKJwBzSD8hijEWRYY7EpntzgWSzozCVnAPAmTL+
m7ouFkDT48LKgngemUzfZq3hPd7ZloWC9T90nV/c0T8mdK3G2ASh75Sgx2+W5GIb
RV8zhrGSKpk55rMkJZxx9NZz95PMxiUzjoIyqDBbNbckAoSMFj85I1eZXffqi9jl
40AkAjKeFDRDTwWbyjNjioa9HnHtx9sovnJ+ajqj9DU8kYDfz5GzR1e3PvqRAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUjjB6sAOXRE6SYj5OxUFfqLViX8YwHwYDVR0j
BBgwFoAUjgfTHGRS96ayTmPN3EkOEuCvs4wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMzExZTQ3YzQtMDJmMC00NjU3LTkwMjItZDJiODNjZmY4
NzU1LzQvOEUwN0QzMUM2NDUyRjdBNkIyNEU2M0NEREM0OTBFMTJFMEFGQjM4Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC84RTA3RDMxQzY0NTJGN0E2QjI0RTYzQ0RE
QzQ5MEUxMkUwQUZCMzhDLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8zMTFlNDdjNC0wMmYwLTQ2NTctOTAyMi1kMmI4M2NmZjg3NTUvNC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM0MzgzNjMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzEz
NTMxMzUzNDM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcEKhR1gUhgMA0GCSqGSIb3DQEBCwUAA4IBAQBx
KT37atgpsSWXUMRdnvT88OO/LOsuAq4JRVDSNXc5Xq7Bb7yfEcf4YBy1yj/ysW4S
LhaZAP0Xe5mxddgknQQdH1DPD+JsjvTGU78yFGAqdQK1Dfj1FURMcQT2fnJIRgOT
l7mZJy5IPjNx4ow/d8Cz/xtXicd0ih/PeGLzn8GsQ/TB0B2KZKC+cevmG5xZFrRO
W2Tol5gbcci/rJtPLhiEDXgcVQHMzB9iG1V1/2+DPT8KWNV3dtd15HJN0fUJjXUX
NdG1OfUZwK8EAKQpd/2J5J/PaFO2bSxxtFIIZItv4eOqn3kAGZn1LF0rQGyHwNx6
4JJCL3DvdIncbAhDeZMI
-----END CERTIFICATE-----
Generated at Sun Jun 15 19:03:27 2025 by rpki-client