Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
File: 3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa (raw, json)
Hash identifier: P1YvFhvfJ0KLwLKtlGSocdPNjfWjFzO8fstLaWYxdLs=
Subject key identifier: E7:E6:A7:A7:9A:9B:05:CA:C3:1A:27:7B:E3:57:F6:6F:8C:55:FA:8F
Certificate issuer: /CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Certificate serial: 3DA357B604E27D505891CA0030F7429458724709
Authority key identifier: 55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
Signing time: Sun 08 Mar 2026 07:04:42 +0000
ROA not before: Sun 08 Mar 2026 06:59:42 +0000
ROA not after: Sun 07 Mar 2027 07:04:42 +0000
asID: 214785
IP address blocks: 193.200.102.0/23 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:a3:57:b6:04:e2:7d:50:58:91:ca:00:30:f7:42:94:58:72:47:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Validity
Not Before: Mar 8 06:59:42 2026 GMT
Not After : Mar 7 07:04:42 2027 GMT
Subject: CN=E7E6A7A79A9B05CAC31A277BE357F66F8C55FA8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:cc:4f:cc:b3:4c:c0:31:da:cf:63:a6:0f:ae:
f1:81:b5:bf:02:fc:21:ff:b0:1c:c0:a4:ce:37:55:
1c:86:0d:10:5f:0d:8b:fc:78:cb:7a:f5:7e:cc:a2:
3c:77:8a:7f:57:97:5e:13:f0:20:c9:fc:df:b7:b0:
a8:32:5f:d2:86:55:24:19:23:ee:d6:b0:7d:e2:df:
02:7b:04:dd:10:f2:19:d6:b1:8b:23:b8:d3:bb:63:
b4:09:48:78:25:90:38:8d:46:c2:e8:cb:e1:9e:29:
55:85:c3:dd:55:59:98:da:39:12:72:9b:21:98:21:
74:04:6c:2b:a0:a2:16:f3:5b:c4:a4:a5:80:42:52:
df:9d:da:fc:d5:0a:9c:0c:b0:14:be:97:8b:a9:4a:
37:8e:2b:63:5d:dd:d0:1c:d0:10:73:81:94:4c:73:
65:f2:f5:63:a8:84:80:f1:ab:3f:ba:a1:f1:e1:6b:
44:ae:4b:f3:e0:e4:25:cc:04:77:0e:b0:d5:9c:5c:
ef:ac:79:81:5d:fe:e3:10:5b:de:83:26:f8:7e:ae:
52:f3:70:9b:18:c6:ad:fc:a0:b1:c1:b1:d9:fc:43:
fc:04:6c:41:81:70:6b:2b:dd:cf:4e:fd:f0:00:77:
74:8d:87:3c:f9:f1:fc:b1:92:3c:1e:88:2e:87:9d:
54:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E6:A7:A7:9A:9B:05:CA:C3:1A:27:7B:E3:57:F6:6F:8C:55:FA:8F
X509v3 Authority Key Identifier:
keyid:55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230302e3130322e302f32332d3234203d3e20323134373835.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.102.0/23
Signature Algorithm: sha256WithRSAEncryption
22:21:7d:c3:5d:22:a6:2c:d0:87:d9:16:86:06:71:f7:96:37:
3c:15:55:1e:0a:a2:6c:d3:f0:dc:6f:8c:c4:b6:10:b6:89:93:
d3:2d:42:50:1d:73:65:43:c4:a3:89:46:77:0c:0c:54:78:7b:
73:a0:2d:d8:cd:6b:05:08:0a:f2:16:e2:df:c8:a3:40:82:30:
f1:34:d9:43:52:1d:42:18:18:ce:32:22:48:d0:f1:01:08:d4:
ee:03:d3:7e:07:67:8a:11:0a:c9:f9:45:48:c1:bc:98:5b:ec:
98:9e:3f:22:e2:8c:00:3d:34:ee:ba:7d:f7:5f:64:d6:a4:a5:
97:88:ef:d0:72:a2:3a:f6:27:2f:a0:43:d0:68:2a:aa:d0:af:
34:6d:e5:71:87:4f:b5:09:39:b3:f3:21:d4:1f:dc:bb:d4:56:
ab:e9:e8:48:f1:f8:04:3b:14:b4:97:33:93:a6:ae:40:df:61:
76:cc:9f:c7:a8:49:db:96:14:4a:ae:d4:52:af:21:7e:59:d1:
1a:36:73:54:18:cf:98:92:12:aa:a7:9f:35:c0:1f:3f:74:1a:
f0:29:14:bb:cc:c4:ea:98:79:52:cb:1b:24:5f:c6:8c:de:f4:
44:fe:f8:3a:3b:26:1e:45:94:25:5a:05:1f:70:4b:f8:05:46:
2c:29:ff:f0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPaNXtgTifVBYkcoAMPdClFhyRwkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUxMWY2ZDdkZWY0YzBmZmI2ZTJiM2IzZjBjNDQ1NWRj
ZDE0YzE2MDAeFw0yNjAzMDgwNjU5NDJaFw0yNzAzMDcwNzA0NDJaMDMxMTAvBgNV
BAMTKEU3RTZBN0E3OUE5QjA1Q0FDMzFBMjc3QkUzNTdGNjZGOEM1NUZBOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDzE/Ms0zAMdrPY6YPrvGBtb8C
/CH/sBzApM43VRyGDRBfDYv8eMt69X7Mojx3in9Xl14T8CDJ/N+3sKgyX9KGVSQZ
I+7WsH3i3wJ7BN0Q8hnWsYsjuNO7Y7QJSHglkDiNRsLoy+GeKVWFw91VWZjaORJy
myGYIXQEbCugohbzW8SkpYBCUt+d2vzVCpwMsBS+l4upSjeOK2Nd3dAc0BBzgZRM
c2Xy9WOohIDxqz+6ofHha0SuS/Pg5CXMBHcOsNWcXO+seYFd/uMQW96DJvh+rlLz
cJsYxq38oLHBsdn8Q/wEbEGBcGsr3c9O/fAAd3SNhzz58fyxkjweiC6HnVTNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU5+anp5qbBcrDGid741f2b4xV+o8wHwYDVR0j
BBgwFoAUVRH21970wP+24rOz8MRFXc0UwWAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQtMDMzOC00YjVmLTgyMDQtMDAwNGE2NjEw
NWM5LzAvNTUxMUY2RDdERUY0QzBGRkI2RTJCM0IzRjBDNDQ1NURDRDE0QzE2MC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZSSDIxOTcwd1AtMjRyT3o4TVJGWGMw
VXdXQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQt
MDMzOC00YjVmLTgyMDQtMDAwNGE2NjEwNWM5LzAvMzEzOTMzMmUzMjMwMzAyZTMx
MzAzMjJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDMyMzEzNDM3MzgzNS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAcHIZjANBgkqhkiG9w0BAQsFAAOCAQEAIiF9w10ipizQh9kWhgZx95Y3PBVV
HgqibNPw3G+MxLYQtomT0y1CUB1zZUPEo4lGdwwMVHh7c6At2M1rBQgK8hbi38ij
QIIw8TTZQ1IdQhgYzjIiSNDxAQjU7gPTfgdnihEKyflFSMG8mFvsmJ4/IuKMAD00
7rp9919k1qSll4jv0HKiOvYnL6BD0GgqqtCvNG3lcYdPtQk5s/Mh1B/cu9RWq+no
SPH4BDsUtJczk6auQN9hdsyfx6hJ25YUSq7UUq8hflnRGjZzVBjPmJISqqefNcAf
P3Qa8CkUu8zE6ph5UssbJF/GjN70RP74OjsmHkWUJVoFH3BL+AVGLCn/8A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:05:18 2026 by rpki-client