Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa
File: 326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa (raw, json)
Hash identifier: qIIt+cTTwVZI44h26+Dfh/OdwupwjIao/nCCvF4mbD0=
Subject key identifier: 02:B5:DF:A4:94:44:DF:07:88:2B:8C:DD:89:20:6D:D8:21:D5:7B:7B
Certificate issuer: /CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B
Certificate serial: 39E47F577898F03C7685565571AAE6ECE340E967
Authority key identifier: 9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa
Signing time: Sun 29 Mar 2026 19:22:11 +0000
ROA not before: Sun 29 Mar 2026 19:17:11 +0000
ROA not after: Sun 28 Mar 2027 19:22:11 +0000
asID: 215956
IP address blocks: 2a14:7580:ee08::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:e4:7f:57:78:98:f0:3c:76:85:56:55:71:aa:e6:ec:e3:40:e9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B
Validity
Not Before: Mar 29 19:17:11 2026 GMT
Not After : Mar 28 19:22:11 2027 GMT
Subject: CN=02B5DFA49444DF07882B8CDD89206DD821D57B7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:88:3a:81:aa:2d:9e:c2:86:2c:76:c7:e3:cf:
0d:cc:bd:99:88:10:93:f2:ef:53:ee:06:6b:5d:79:
11:a9:46:e5:64:9e:c7:f7:3f:ad:19:31:28:e8:cc:
9e:2c:5f:ca:0b:fd:91:e4:82:8a:1c:fd:6f:05:a9:
f9:b4:37:7e:44:f6:13:69:24:ef:1f:ba:be:d5:d9:
59:18:a9:fd:2e:a8:17:0a:02:b3:0a:c5:74:7c:23:
b5:de:77:03:56:c3:c9:85:66:fc:e3:cf:0d:7b:27:
20:00:33:e9:e5:18:af:5a:ad:3f:f8:48:77:8d:2c:
2f:a3:85:35:08:2b:5e:44:4b:8c:32:1a:b5:c3:7a:
c4:72:fe:d1:30:1d:c1:f0:80:bb:67:76:30:52:50:
9a:ce:a3:f2:2e:01:b5:4f:49:01:09:7d:a4:32:5c:
df:b1:e4:41:e9:f3:27:92:fb:72:0f:b8:7a:a7:70:
26:66:59:ed:49:20:22:29:26:03:53:eb:ca:9c:da:
5a:a2:ed:c4:57:3c:64:da:f1:97:ca:4a:dc:d6:56:
10:53:f8:06:20:ca:77:be:5a:9d:44:2a:c6:e5:b2:
54:b5:ef:ba:69:94:f7:f3:36:90:2d:d9:6b:95:20:
94:4a:f2:0d:be:56:3c:bb:49:25:9e:07:7e:14:1b:
99:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B5:DF:A4:94:44:DF:07:88:2B:8C:DD:89:20:6D:D8:21:D5:7B:7B
X509v3 Authority Key Identifier:
keyid:9C:82:12:C5:D1:DD:E8:4B:55:73:EF:C7:3D:AB:84:2D:9B:8D:90:2B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/9C8212C5D1DDE84B5573EFC73DAB842D9B8D902B.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ebf04c7c-f82d-471d-85ad-98c65de1c912/3/326131343a373538303a656530383a3a2f34382d3438203d3e20323135393536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7580:ee08::/48
Signature Algorithm: sha256WithRSAEncryption
52:4d:d4:8b:0b:e7:38:ed:eb:94:ee:45:8b:b8:cd:9c:c8:4b:
2a:66:30:cb:ef:2c:31:a3:b5:7d:a3:b8:eb:d7:3f:83:5e:41:
b5:76:46:6b:37:d2:26:c4:77:5c:87:ae:16:ab:f6:ad:f1:f0:
02:73:67:90:af:05:f7:43:f7:c0:2a:a7:6f:ce:00:83:1b:d7:
8f:8f:5e:77:4d:94:96:7f:43:5b:29:aa:5c:93:10:60:11:35:
ed:91:5d:42:99:d3:76:22:25:af:aa:e5:45:48:20:94:63:a8:
19:63:4d:81:af:78:ea:1a:42:32:97:f3:e5:ab:f3:56:5b:25:
6a:7f:91:87:9d:90:15:53:c7:25:d4:d7:66:c0:a9:24:73:68:
63:0b:0d:54:24:c5:a0:ee:bc:5c:be:9a:fe:95:0f:02:db:db:
34:23:77:f4:12:e4:cf:6f:c0:e1:ad:59:30:21:a0:4e:a6:fd:
d4:ca:98:5b:9c:02:98:37:ae:65:c9:56:07:0c:ec:b7:a2:ac:
6c:bd:d2:64:aa:f9:76:9d:72:b0:d7:32:13:e8:9c:41:64:ee:
8c:db:b4:30:3e:7d:56:7e:bd:e7:44:46:12:65:78:6f:6b:96:
80:1b:d9:80:7b:fd:dc:d8:31:c5:6d:a9:ba:f2:54:61:30:ee:
bb:86:80:1f
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUOeR/V3iY8Dx2hVZVcarm7ONA6WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5
QjhEOTAyQjAeFw0yNjAzMjkxOTE3MTFaFw0yNzAzMjgxOTIyMTFaMDMxMTAvBgNV
BAMTKDAyQjVERkE0OTQ0NERGMDc4ODJCOENERDg5MjA2REQ4MjFENTdCN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOiDqBqi2ewoYsdsfjzw3MvZmI
EJPy71PuBmtdeRGpRuVknsf3P60ZMSjozJ4sX8oL/ZHkgooc/W8Fqfm0N35E9hNp
JO8fur7V2VkYqf0uqBcKArMKxXR8I7XedwNWw8mFZvzjzw17JyAAM+nlGK9arT/4
SHeNLC+jhTUIK15ES4wyGrXDesRy/tEwHcHwgLtndjBSUJrOo/IuAbVPSQEJfaQy
XN+x5EHp8yeS+3IPuHqncCZmWe1JICIpJgNT68qc2lqi7cRXPGTa8ZfKStzWVhBT
+AYgyne+Wp1EKsblslS177pplPfzNpAt2WuVIJRK8g2+Vjy7SSWeB34UG5kXAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUArXfpJRE3weIK4zdiSBt2CHVe3swHwYDVR0j
BBgwFoAUnIISxdHd6EtVc+/HPauELZuNkCswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWJmMDRjN2MtZjgyZC00NzFkLTg1YWQtOThjNjVkZTFj
OTEyLzMvOUM4MjEyQzVEMURERTg0QjU1NzNFRkM3M0RBQjg0MkQ5QjhEOTAyQi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85QzgyMTJDNUQxRERFODRCNTU3M0VGQzcz
REFCODQyRDlCOEQ5MDJCLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9lYmYwNGM3Yy1mODJkLTQ3MWQtODVhZC05OGM2NWRlMWM5MTIvMy8zMjYxMzEz
NDNhMzczNTM4MzAzYTY1NjUzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzkzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gO4IMA0GCSqGSIb3DQEBCwUAA4IBAQBS
TdSLC+c47euU7kWLuM2cyEsqZjDL7ywxo7V9o7jr1z+DXkG1dkZrN9ImxHdch64W
q/at8fACc2eQrwX3Q/fAKqdvzgCDG9ePj153TZSWf0NbKapckxBgETXtkV1CmdN2
IiWvquVFSCCUY6gZY02Br3jqGkIyl/Plq/NWWyVqf5GHnZAVU8cl1NdmwKkkc2hj
Cw1UJMWg7rxcvpr+lQ8C29s0I3f0EuTPb8DhrVkwIaBOpv3UyphbnAKYN65lyVYH
DOy3oqxsvdJkqvl2nXKw1zIT6JxBZO6M27QwPn1Wfr3nREYSZXhva5aAG9mAe/3c
2DHFbam68lRhMO67hoAf
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:04:04 2026 by rpki-client