Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37322e302f32342d3234203d3e20313439343537.roa
File: 3139332e3230312e37322e302f32342d3234203d3e20313439343537.roa (raw, json)
Hash identifier: PuSZf8/jzrtr0migP7/4g5DF4z8M0xmK8ErPtY4S89U=
Subject key identifier: 53:8F:5E:D6:0C:CB:10:12:CA:FC:80:AC:E6:05:6F:A8:CD:58:C8:5A
Certificate issuer: /CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Certificate serial: 36C083380F5160A33D008D6AA17DACC6396575BC
Authority key identifier: 55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37322e302f32342d3234203d3e20313439343537.roa
Signing time: Sun 08 Mar 2026 07:04:42 +0000
ROA not before: Sun 08 Mar 2026 06:59:42 +0000
ROA not after: Sun 07 Mar 2027 07:04:42 +0000
asID: 149457
IP address blocks: 193.201.72.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:c0:83:38:0f:51:60:a3:3d:00:8d:6a:a1:7d:ac:c6:39:65:75:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Validity
Not Before: Mar 8 06:59:42 2026 GMT
Not After : Mar 7 07:04:42 2027 GMT
Subject: CN=538F5ED60CCB1012CAFC80ACE6056FA8CD58C85A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:60:a5:fc:b6:f8:4f:17:9f:c9:89:a5:2b:
ad:34:f0:d0:0f:2a:aa:8d:23:46:16:83:97:de:7d:
6e:3a:7c:f3:73:dd:f1:8f:d3:d7:70:ca:9e:62:af:
07:03:4a:e1:90:cc:26:af:ad:0c:6e:1f:f3:8c:5f:
71:3b:5d:9a:98:1a:50:34:ae:7a:d8:e9:5b:5a:52:
ae:f4:91:56:19:99:24:ba:18:c7:7b:a2:2c:27:5d:
7d:5c:0c:4b:ce:0c:cb:eb:7c:c0:01:ad:78:de:39:
d4:13:40:c3:ad:89:fe:7f:f9:b6:8c:2f:54:8f:4f:
66:4a:84:95:fb:f2:c0:a7:0d:15:9e:fc:2d:43:3d:
ad:8b:c0:2f:db:f6:ff:c2:71:07:b5:74:bc:7e:b1:
44:1e:12:87:b3:cf:a2:dd:34:cb:a3:ea:92:59:48:
7c:93:1e:2d:c1:f3:89:4a:db:74:6b:5c:3b:39:63:
03:63:0e:20:09:bf:4d:cc:4d:37:d8:14:fd:e6:ef:
09:df:1e:63:2e:af:bc:aa:9d:74:02:02:64:f9:2c:
74:9c:d5:b3:75:1f:e0:4c:99:63:c4:8a:1e:c3:60:
17:81:77:df:47:80:18:de:24:45:26:92:f8:3e:64:
25:3e:17:f6:c9:5b:1d:94:e0:bf:e4:eb:08:01:0b:
e9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8F:5E:D6:0C:CB:10:12:CA:FC:80:AC:E6:05:6F:A8:CD:58:C8:5A
X509v3 Authority Key Identifier:
keyid:55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37322e302f32342d3234203d3e20313439343537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.72.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:02:66:64:bf:95:0d:9e:65:f4:f4:a3:81:30:9e:04:ed:67:
a9:a7:8d:86:94:2d:14:31:36:4a:63:09:8d:e5:99:06:be:27:
41:1e:c5:94:26:3e:af:3a:59:1f:9e:12:ad:78:8b:43:09:75:
e9:39:0b:5f:69:57:aa:49:15:3e:ff:9d:ff:bd:05:81:b0:df:
a1:9e:b8:c4:76:e2:3f:31:f4:47:ef:9f:10:6f:5d:bc:ec:fc:
ba:ae:fb:ef:42:5c:1e:23:39:a5:88:35:d4:53:58:18:fc:27:
32:ce:e0:73:dd:04:e4:3f:da:22:79:9b:d3:24:dc:94:3b:12:
15:7a:9a:47:6b:e1:04:2c:64:e0:b9:e8:00:be:f6:a7:90:f6:
53:7e:2f:74:d7:f8:34:b4:fd:2d:ed:64:e3:ac:4f:13:e4:06:
2f:27:e2:68:5e:56:1b:c4:dd:ec:96:14:af:3c:03:66:92:57:
33:07:cb:b0:94:5f:af:32:a2:f1:59:ad:f8:e4:0b:18:c9:5c:
ab:5c:87:ba:a9:05:34:6e:ef:41:b1:d2:26:25:4a:8e:4c:0c:
62:e3:74:d7:92:8e:78:2c:85:36:ee:6e:98:86:c9:f7:2c:b8:
80:6b:67:64:d6:ff:60:1f:e5:80:3a:1d:63:73:5d:4a:45:f8:
6a:a8:1c:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNsCDOA9RYKM9AI1qoX2sxjlldbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUxMWY2ZDdkZWY0YzBmZmI2ZTJiM2IzZjBjNDQ1NWRj
ZDE0YzE2MDAeFw0yNjAzMDgwNjU5NDJaFw0yNzAzMDcwNzA0NDJaMDMxMTAvBgNV
BAMTKDUzOEY1RUQ2MENDQjEwMTJDQUZDODBBQ0U2MDU2RkE4Q0Q1OEM4NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9GCl/Lb4TxefyYmlK6008NAP
KqqNI0YWg5fefW46fPNz3fGP09dwyp5irwcDSuGQzCavrQxuH/OMX3E7XZqYGlA0
rnrY6VtaUq70kVYZmSS6GMd7oiwnXX1cDEvODMvrfMABrXjeOdQTQMOtif5/+baM
L1SPT2ZKhJX78sCnDRWe/C1DPa2LwC/b9v/CcQe1dLx+sUQeEoezz6LdNMuj6pJZ
SHyTHi3B84lK23RrXDs5YwNjDiAJv03MTTfYFP3m7wnfHmMur7yqnXQCAmT5LHSc
1bN1H+BMmWPEih7DYBeBd99HgBjeJEUmkvg+ZCU+F/bJWx2U4L/k6wgBC+kHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUU49e1gzLEBLK/ICs5gVvqM1YyFowHwYDVR0j
BBgwFoAUVRH21970wP+24rOz8MRFXc0UwWAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQtMDMzOC00YjVmLTgyMDQtMDAwNGE2NjEw
NWM5LzAvNTUxMUY2RDdERUY0QzBGRkI2RTJCM0IzRjBDNDQ1NURDRDE0QzE2MC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZSSDIxOTcwd1AtMjRyT3o4TVJGWGMw
VXdXQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQt
MDMzOC00YjVmLTgyMDQtMDAwNGE2NjEwNWM5LzAvMzEzOTMzMmUzMjMwMzEyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzNDM1Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADByUgwDQYJKoZIhvcNAQELBQADggEBAE0CZmS/lQ2eZfT0o4EwngTtZ6mnjYaU
LRQxNkpjCY3lmQa+J0EexZQmPq86WR+eEq14i0MJdek5C19pV6pJFT7/nf+9BYGw
36GeuMR24j8x9EfvnxBvXbzs/Lqu++9CXB4jOaWINdRTWBj8JzLO4HPdBOQ/2iJ5
m9Mk3JQ7EhV6mkdr4QQsZOC56AC+9qeQ9lN+L3TX+DS0/S3tZOOsTxPkBi8n4mhe
VhvE3eyWFK88A2aSVzMHy7CUX68yovFZrfjkCxjJXKtch7qpBTRu70Gx0iYlSo5M
DGLjdNeSjngshTbubpiGyfcsuIBrZ2TW/2Af5YA6HWNzXUpF+GqoHKI=
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:35:12 2026 by rpki-client