Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130613a3a2f34382d3438203d3e20323135313438.roa
File: 326131343a373538313a393130613a3a2f34382d3438203d3e20323135313438.roa (raw, json)
Hash identifier: g9TWsQZsTWz7mSDp6Y61gNZDSwAn6dADsEyVm1AJtlU=
Subject key identifier: 9D:3D:0E:31:00:9C:5F:35:83:DE:DD:7A:C7:22:E4:C8:25:A6:49:A2
Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial: 1B7FBF5DE7D92AF3D74D43CD3B14872CF813D85A
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130613a3a2f34382d3438203d3e20323135313438.roa
Signing time: Fri 13 Jun 2025 06:28:34 +0000
ROA not before: Fri 13 Jun 2025 06:23:34 +0000
ROA not after: Fri 12 Jun 2026 06:28:34 +0000
asID: 215148
IP address blocks: 2a14:7581:910a::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:7f:bf:5d:e7:d9:2a:f3:d7:4d:43:cd:3b:14:87:2c:f8:13:d8:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Validity
Not Before: Jun 13 06:23:34 2025 GMT
Not After : Jun 12 06:28:34 2026 GMT
Subject: CN=9D3D0E31009C5F3583DEDD7AC722E4C825A649A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9c:44:86:4d:51:af:17:c3:25:06:34:47:3a:
78:d4:c6:03:a1:82:81:78:84:00:83:c6:9f:32:bd:
5b:ce:d1:c6:bb:f6:32:d9:e9:a5:24:0b:b7:d1:85:
36:c0:fc:8d:0d:ef:ad:59:6d:1d:87:15:6c:7f:00:
3c:5f:1c:09:6f:ef:27:90:46:6a:51:8c:69:2a:53:
33:3e:03:1f:a0:8b:21:e7:bb:6f:0e:28:fc:6f:f7:
84:9d:ed:3e:97:00:57:79:30:cd:2d:1a:31:5f:59:
d8:60:17:fc:bb:75:b6:b8:96:59:99:68:86:2d:66:
ce:b8:31:78:6d:75:eb:c1:1d:61:49:75:94:1c:4c:
f2:31:60:85:0e:ea:6a:4e:97:19:c9:59:65:a7:9a:
50:f6:b1:c3:a2:e2:e2:80:8c:8b:da:1e:e7:2a:d5:
22:2d:33:b6:f3:58:c4:e8:68:b8:3b:ad:1e:8c:86:
b9:9c:70:3e:a3:01:73:fb:d6:4b:62:7c:4d:22:5d:
da:33:be:4d:3c:37:ad:03:27:3b:29:d5:b9:d3:50:
64:06:f8:e7:5c:1f:4e:81:f3:62:42:2b:38:30:27:
58:f6:b7:e2:c3:99:d8:70:d3:28:65:f4:b0:e0:84:
a0:2c:4e:0c:b1:b9:dd:96:c2:7e:88:90:e8:3e:05:
3a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3D:0E:31:00:9C:5F:35:83:DE:DD:7A:C7:22:E4:C8:25:A6:49:A2
X509v3 Authority Key Identifier:
keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393130613a3a2f34382d3438203d3e20323135313438.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:910a::/48
Signature Algorithm: sha256WithRSAEncryption
bb:68:c1:bc:b0:1f:a4:51:13:14:08:b1:6f:22:da:a9:7b:7e:
8f:ea:5c:09:bc:49:bd:42:4d:36:e7:29:75:d0:03:5f:f6:f5:
59:f5:27:1f:e9:83:ec:86:61:eb:fd:6d:8f:b2:13:4d:5f:89:
8a:98:1c:60:c4:78:b8:2e:8d:3f:f5:43:c6:83:35:83:48:d2:
71:32:39:b9:a5:11:22:7e:d2:9a:16:38:c0:e2:91:c0:88:bb:
37:3b:c7:9c:aa:98:25:77:71:32:a1:bb:61:8f:5d:67:03:ab:
2d:bc:09:f9:40:9f:26:e3:d9:37:8f:b5:60:ff:d8:b5:f7:ef:
bb:cf:8b:02:9c:7a:b2:dd:05:c3:f8:72:3a:48:a8:87:24:2c:
bb:5c:60:a6:86:36:7c:f3:17:1a:7d:ec:9f:75:92:11:43:cc:
47:32:02:0c:ec:ba:47:9f:f6:f2:bd:c8:a2:12:31:f7:0f:f4:
ab:c7:b0:f8:d9:d4:7d:5a:8f:87:ee:7f:37:df:f5:de:e8:52:
ce:cd:79:e3:5e:ac:1b:fc:5a:86:fd:b8:1d:67:97:e8:b8:32:
46:c0:d1:e7:f7:2b:a2:ee:b1:69:ec:08:31:11:bd:2b:88:70:
d8:c7:d5:67:8b:4d:d5:ae:20:d2:26:6b:96:a8:21:33:67:df:
3f:bd:ff:dd
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUG3+/XefZKvPXTUPNOxSHLPgT2FowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNTA2MTMwNjIzMzRaFw0yNjA2MTIwNjI4MzRaMDMxMTAvBgNV
BAMTKDlEM0QwRTMxMDA5QzVGMzU4M0RFREQ3QUM3MjJFNEM4MjVBNjQ5QTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/nESGTVGvF8MlBjRHOnjUxgOh
goF4hACDxp8yvVvO0ca79jLZ6aUkC7fRhTbA/I0N761ZbR2HFWx/ADxfHAlv7yeQ
RmpRjGkqUzM+Ax+giyHnu28OKPxv94Sd7T6XAFd5MM0tGjFfWdhgF/y7dba4llmZ
aIYtZs64MXhtdevBHWFJdZQcTPIxYIUO6mpOlxnJWWWnmlD2scOi4uKAjIvaHucq
1SItM7bzWMToaLg7rR6MhrmccD6jAXP71ktifE0iXdozvk08N60DJzsp1bnTUGQG
+OdcH06B82JCKzgwJ1j2t+LDmdhw0yhl9LDghKAsTgyxud2Wwn6IkOg+BTqdAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUnT0OMQCcXzWD3t16xyLkyCWmSaIwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzEzMDYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzEzNDM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZEKMA0GCSqGSIb3DQEBCwUAA4IBAQC7
aMG8sB+kURMUCLFvItqpe36P6lwJvEm9Qk025yl10ANf9vVZ9Scf6YPshmHr/W2P
shNNX4mKmBxgxHi4Lo0/9UPGgzWDSNJxMjm5pREiftKaFjjA4pHAiLs3O8ecqpgl
d3Eyobthj11nA6stvAn5QJ8m49k3j7Vg/9i19++7z4sCnHqy3QXD+HI6SKiHJCy7
XGCmhjZ88xcafeyfdZIRQ8xHMgIM7LpHn/byvciiEjH3D/Srx7D42dR9Wo+H7n83
3/Xe6FLOzXnjXqwb/FqG/bgdZ5fouDJGwNHn9yui7rFp7AgxEb0riHDYx9Vni03V
riDSJmuWqCEzZ98/vf/d
-----END CERTIFICATE-----
Generated at Tue Aug 5 17:12:50 2025 by rpki-client