Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030323a3a2f34382d3438203d3e203530313034.roa
File: 326131343a373538343a333030323a3a2f34382d3438203d3e203530313034.roa (raw, json)
Hash identifier: Crxg8Afd9H4uvcM/AEMgGkuEVpajXoOdPvRiA2PLFc4=
Subject key identifier: 3D:51:27:F2:0A:D1:51:61:14:D1:3A:CB:DD:7A:E3:FD:56:8E:7A:DD
Certificate issuer: /CN=946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C
Certificate serial: 465358097D43106F15665F6994B8836F4C9B1327
Authority key identifier: 94:6D:E1:5D:34:BE:AE:24:E2:9E:A1:6A:3F:E1:E6:59:1B:27:AD:9C
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030323a3a2f34382d3438203d3e203530313034.roa
Signing time: Tue 17 Jun 2025 09:43:24 +0000
ROA not before: Tue 17 Jun 2025 09:38:24 +0000
ROA not after: Tue 16 Jun 2026 09:43:24 +0000
asID: 50104
IP address blocks: 2a14:7584:3002::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:53:58:09:7d:43:10:6f:15:66:5f:69:94:b8:83:6f:4c:9b:13:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C
Validity
Not Before: Jun 17 09:38:24 2025 GMT
Not After : Jun 16 09:43:24 2026 GMT
Subject: CN=3D5127F20AD1516114D13ACBDD7AE3FD568E7ADD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:38:ef:e3:a2:6e:f3:ca:a8:bd:49:bc:d8:d4:
9c:8f:1e:ae:43:d6:7e:ca:45:61:7e:8b:9e:11:6a:
c1:c1:11:04:f0:11:44:4b:ee:e7:68:81:b7:f2:ca:
2a:5f:d0:e1:e0:62:23:fb:8d:b4:a3:f7:05:74:48:
50:56:61:aa:f9:eb:cf:f2:08:5f:9b:55:4f:58:a8:
8c:60:81:dd:bc:32:3d:eb:6b:1b:bf:39:2e:0c:b9:
fd:45:5b:3f:b1:80:9c:7f:79:43:9a:f5:e2:21:9e:
51:2a:42:e9:8a:74:41:f0:97:9d:0b:1e:67:81:c9:
74:c2:be:f7:b6:30:48:c8:71:df:4a:df:79:07:04:
89:e0:59:40:93:e3:3a:ab:e1:da:ff:98:3a:8a:af:
0d:0e:05:bd:c0:85:4d:f6:66:75:4a:c6:67:87:4a:
d5:84:60:53:ca:ea:6c:46:c0:93:96:49:6b:89:1b:
53:75:76:f6:24:2d:14:4a:80:72:2d:93:c3:c0:eb:
90:8c:88:57:08:0f:66:da:36:47:73:8c:e2:0a:29:
3c:a0:a9:f6:0d:30:78:fa:49:a0:ef:45:c8:9f:92:
76:d6:e2:aa:1a:39:50:15:80:37:12:5c:06:ad:04:
89:d4:3d:9d:06:4b:99:2b:f0:b7:e1:e5:12:79:10:
1b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:51:27:F2:0A:D1:51:61:14:D1:3A:CB:DD:7A:E3:FD:56:8E:7A:DD
X509v3 Authority Key Identifier:
keyid:94:6D:E1:5D:34:BE:AE:24:E2:9E:A1:6A:3F:E1:E6:59:1B:27:AD:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/946DE15D34BEAE24E29EA16A3FE1E6591B27AD9C.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1bd306b4-e5c3-48f9-b2ee-36a9bdded8c4/7/326131343a373538343a333030323a3a2f34382d3438203d3e203530313034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:3002::/48
Signature Algorithm: sha256WithRSAEncryption
b0:9d:32:4d:ba:fa:fd:e8:b7:19:dc:e7:55:a9:9c:0c:df:ef:
a5:10:f5:8f:1c:d0:87:13:a2:19:b3:b8:ba:c9:b1:c9:4a:f1:
21:be:c7:b8:18:b7:56:ab:b6:59:21:d5:9d:27:51:b7:43:99:
6f:2c:fa:55:b5:f5:cf:0c:e5:9e:be:6b:a0:47:14:59:9a:4f:
16:e5:e7:2c:f8:97:c0:7b:4a:32:c4:c6:45:2e:af:80:c6:80:
8e:08:cd:a5:61:f4:e1:43:66:1e:99:7d:d1:0d:82:e8:f0:fc:
aa:59:4e:49:99:59:e9:3b:1b:22:44:8f:05:08:fd:fb:24:f5:
ec:28:c5:28:7f:c7:fa:c6:8b:82:a3:a4:a3:8f:3a:89:0e:4f:
72:df:79:26:fd:39:2a:5a:21:a2:28:05:7f:06:65:3d:ac:0b:
0f:0a:e1:44:68:c8:d9:40:94:31:a7:9a:3a:4a:34:2c:da:9a:
70:40:69:72:98:0e:51:80:4a:a9:cf:ac:96:5c:31:e5:94:03:
c1:a4:7b:6f:90:1c:7f:00:16:ed:c6:11:85:d6:70:3f:a1:01:
41:98:09:19:86:83:9d:1d:9c:17:12:a7:27:22:01:3d:9f:1e:
54:ba:b5:2a:05:4f:e0:b2:59:2d:72:a0:0c:0d:4a:55:79:62:
6b:11:7a:68
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgIURlNYCX1DEG8VZl9plLiDb0ybEycwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTQ2REUxNUQzNEJFQUUyNEUyOUVBMTZBM0ZFMUU2NTkx
QjI3QUQ5QzAeFw0yNTA2MTcwOTM4MjRaFw0yNjA2MTYwOTQzMjRaMDMxMTAvBgNV
BAMTKDNENTEyN0YyMEFEMTUxNjExNEQxM0FDQkREN0FFM0ZENTY4RTdBREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOO/jom7zyqi9SbzY1JyPHq5D
1n7KRWF+i54RasHBEQTwEURL7udogbfyyipf0OHgYiP7jbSj9wV0SFBWYar568/y
CF+bVU9YqIxggd28Mj3raxu/OS4Muf1FWz+xgJx/eUOa9eIhnlEqQumKdEHwl50L
HmeByXTCvve2MEjIcd9K33kHBIngWUCT4zqr4dr/mDqKrw0OBb3AhU32ZnVKxmeH
StWEYFPK6mxGwJOWSWuJG1N1dvYkLRRKgHItk8PA65CMiFcID2baNkdzjOIKKTyg
qfYNMHj6SaDvRcifknbW4qoaOVAVgDcSXAatBInUPZ0GS5kr8Lfh5RJ5EBsVAgMB
AAGjggKDMIICfzAdBgNVHQ4EFgQUPVEn8grRUWEU0TrL3Xrj/VaOet0wHwYDVR0j
BBgwFoAUlG3hXTS+riTinqFqP+HmWRsnrZwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWJkMzA2YjQtZTVjMy00OGY5LWIyZWUtMzZhOWJkZGVk
OGM0LzcvOTQ2REUxNUQzNEJFQUUyNEUyOUVBMTZBM0ZFMUU2NTkxQjI3QUQ5Qy5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC85NDZERTE1RDM0QkVBRTI0RTI5RUExNkEz
RkUxRTY1OTFCMjdBRDlDLmNlcjCBtQYIKwYBBQUHAQsEgagwgaUwgaIGCCsGAQUF
BzALhoGVcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS8xYmQzMDZiNC1lNWMzLTQ4ZjktYjJlZS0zNmE5YmRkZWQ4YzQvNy8zMjYxMzEz
NDNhMzczNTM4MzQzYTMzMzAzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzUz
MDMxMzAzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcB
BwEB/wQTMBEwDwQCAAIwCQMHACoUdYQwAjANBgkqhkiG9w0BAQsFAAOCAQEAsJ0y
Tbr6/ei3GdznVamcDN/vpRD1jxzQhxOiGbO4usmxyUrxIb7HuBi3Vqu2WSHVnSdR
t0OZbyz6VbX1zwzlnr5roEcUWZpPFuXnLPiXwHtKMsTGRS6vgMaAjgjNpWH04UNm
Hpl90Q2C6PD8qllOSZlZ6TsbIkSPBQj9+yT17CjFKH/H+saLgqOko486iQ5Pct95
Jv05KlohoigFfwZlPawLDwrhRGjI2UCUMaeaOko0LNqacEBpcpgOUYBKqc+sllwx
5ZQDwaR7b5AcfwAW7cYRhdZwP6EBQZgJGYaDnR2cFxKnJyIBPZ8eVLq1KgVP4LJZ
LXKgDA1KVXliaxF6aA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:30:02 2025 by rpki-client