Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530353a3a2f34382d3438203d3e20323135393536.roa
File: 326131343a373538303a656530353a3a2f34382d3438203d3e20323135393536.roa (raw, json)
Hash identifier: lpSHB8UhoxFIzm9zm1FqQzCchD9v4xRMEYLt9qSvwQI=
Subject key identifier: 24:CC:ED:63:09:13:35:70:71:CD:C2:70:29:4B:24:46:64:85:57:E4
Certificate issuer: /CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B
Certificate serial: 656EBEFD1CFB21405D003163174386494E92D8F6
Authority key identifier: 9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530353a3a2f34382d3438203d3e20323135393536.roa
Signing time: Sun 29 Mar 2026 19:22:07 +0000
ROA not before: Sun 29 Mar 2026 19:17:07 +0000
ROA not after: Sun 28 Mar 2027 19:22:07 +0000
asID: 215956
IP address blocks: 2a14:7580:ee05::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:6e:be:fd:1c:fb:21:40:5d:00:31:63:17:43:86:49:4e:92:d8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B
Validity
Not Before: Mar 29 19:17:07 2026 GMT
Not After : Mar 28 19:22:07 2027 GMT
Subject: CN=24CCED630913357071CDC270294B2446648557E4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5a:00:ae:3c:4f:0f:ee:93:0b:73:9b:ab:37:
75:c1:c3:64:43:dd:44:59:04:47:52:bc:92:30:db:
4a:66:f1:da:ea:03:83:2d:a4:58:54:d2:8b:1d:66:
d6:54:05:73:4b:41:a1:8a:f8:2f:b5:39:dd:e7:f2:
0f:60:c0:aa:60:94:16:29:e2:29:e4:db:dc:c9:12:
21:a8:dc:74:d6:b7:36:23:26:fe:28:22:04:a9:fe:
c5:da:e9:3b:77:88:31:a8:4e:d9:62:e0:5f:64:a0:
80:6f:20:af:16:df:0d:b0:16:48:a1:6f:a2:99:c2:
dd:cf:12:0c:ca:17:5a:9d:e9:dc:36:ea:34:c2:16:
50:e8:d0:79:b1:5b:cd:de:c1:de:20:6e:e0:0f:8b:
1d:14:78:a0:1f:f4:e5:ca:95:17:f4:5f:18:85:7e:
26:9a:f9:3c:cb:65:f9:2c:c0:67:ca:75:1b:84:41:
ae:e2:69:e3:f3:a7:c7:6b:ef:0f:e0:9e:4a:22:f9:
57:a0:c7:c4:80:e7:f2:2c:75:ad:eb:38:e0:b3:1a:
1a:45:7b:c7:1b:75:88:60:7b:94:90:cb:85:25:a1:
69:7f:9f:0e:13:58:64:64:d3:d9:0d:6b:16:ad:39:
43:25:84:95:93:a5:30:31:0c:1a:1d:db:3f:a6:37:
f1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:CC:ED:63:09:13:35:70:71:CD:C2:70:29:4B:24:46:64:85:57:E4
X509v3 Authority Key Identifier:
keyid:9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530353a3a2f34382d3438203d3e20323135393536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ee05::/48
Signature Algorithm: sha256WithRSAEncryption
79:8d:b0:97:1f:66:d1:24:a4:d1:10:f4:fc:b8:e0:a2:5d:a8:
0b:fa:f5:93:8c:23:37:aa:a1:af:c7:8d:6b:5e:b7:c0:04:3e:
8f:88:ac:f6:b2:ea:15:3c:37:e2:ab:73:7d:54:80:03:bf:98:
7a:59:5f:91:89:03:d7:ea:e3:a4:5e:d2:64:ba:9d:cb:a5:95:
70:ee:4e:90:42:cb:e1:e6:34:2b:21:04:6b:47:10:7d:77:7a:
0a:c5:9f:63:4f:30:ca:53:3c:c5:8b:9f:73:4b:fe:2e:d2:da:
83:a5:af:c6:f6:6a:9a:32:c5:65:0d:94:9d:d0:7d:70:aa:f1:
74:e3:b1:6a:ab:c9:a2:dd:43:91:10:4e:d1:a8:df:69:49:55:
6b:f5:9e:57:9c:d5:2f:cc:19:c3:bf:e5:a0:b5:c5:51:8d:08:
93:76:8d:be:d4:dc:de:56:54:8f:b4:f7:56:5f:fb:48:2e:c6:
8f:69:f2:a9:1b:8f:8d:49:07:b0:a1:22:70:7f:b3:ba:f7:53:
26:78:0f:15:71:00:c5:3d:66:e0:00:d3:36:c1:09:1c:e7:22:
06:37:cc:23:f0:17:3b:aa:b0:6a:82:24:a8:c5:44:8a:30:82:
84:6f:99:6c:65:0c:d9:ff:e3:4f:88:6f:92:1c:43:0b:a9:ab:
3e:7b:63:42
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUZW6+/Rz7IUBdADFjF0OGSU6S2PYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5
QjhEOTAyQjAeFw0yNjAzMjkxOTE3MDdaFw0yNzAzMjgxOTIyMDdaMDMxMTAvBgNV
BAMTKDI0Q0NFRDYzMDkxMzM1NzA3MUNEQzI3MDI5NEIyNDQ2NjQ4NTU3RTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpWgCuPE8P7pMLc5urN3XBw2RD
3URZBEdSvJIw20pm8drqA4MtpFhU0osdZtZUBXNLQaGK+C+1Od3n8g9gwKpglBYp
4ink29zJEiGo3HTWtzYjJv4oIgSp/sXa6Tt3iDGoTtli4F9koIBvIK8W3w2wFkih
b6KZwt3PEgzKF1qd6dw26jTCFlDo0HmxW83ewd4gbuAPix0UeKAf9OXKlRf0XxiF
fiaa+TzLZfkswGfKdRuEQa7iaePzp8dr7w/gnkoi+Vegx8SA5/Isda3rOOCzGhpF
e8cbdYhge5SQy4UloWl/nw4TWGRk09kNaxatOUMlhJWTpTAxDBod2z+mN/EpAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUJMztYwkTNXBxzcJwKUskRmSFV+QwHwYDVR0j
BBgwFoAUnIISxdHd6EtVc+/HPauELZuNkCswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj
OTEyLzMvOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5QjhEOTAyQi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85QzgyMTJDNUQxRERFODRCNTU3M0VGQzcz
REFCODQyRDlCOEQ5MDJCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lYmYwNGM3Yy1mODJkLTQ3MWQtODVhZC05OGM2NWRlMWM5MTIvMy8zMjYxMzEz
NDNhMzczNTM4MzAzYTY1NjUzMDM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gO4FMA0GCSqGSIb3DQEBCwUAA4IBAQB5
jbCXH2bRJKTREPT8uOCiXagL+vWTjCM3qqGvx41rXrfABD6PiKz2suoVPDfiq3N9
VIADv5h6WV+RiQPX6uOkXtJkup3LpZVw7k6QQsvh5jQrIQRrRxB9d3oKxZ9jTzDK
UzzFi59zS/4u0tqDpa/G9mqaMsVlDZSd0H1wqvF047Fqq8mi3UOREE7RqN9pSVVr
9Z5XnNUvzBnDv+WgtcVRjQiTdo2+1NzeVlSPtPdWX/tILsaPafKpG4+NSQewoSJw
f7O691MmeA8VcQDFPWbgANM2wQkc5yIGN8wj8Bc7qrBqgiSoxUSKMIKEb5lsZQzZ
/+NPiG+SHEMLqas+e2NC
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:37:54 2026 by rpki-client