Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37332e302f32342d3234203d3e20323036323634.roa
File: 3139332e3230312e37332e302f32342d3234203d3e20323036323634.roa (raw, json)
Hash identifier: XyipKVwbUI4Kpz5R9EEfhWLUXQ5RKTUmvMNtbpOBvjA=
Subject key identifier: 3A:2B:86:60:F0:EA:98:B7:E8:A8:8D:72:67:A4:93:9D:54:34:BA:F3
Certificate issuer: /CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Certificate serial: 7AED8372C9A3461BDB434461F5871B1FBDA7B23D
Authority key identifier: 55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37332e302f32342d3234203d3e20323036323634.roa
Signing time: Sun 08 Mar 2026 07:04:42 +0000
ROA not before: Sun 08 Mar 2026 06:59:42 +0000
ROA not after: Sun 07 Mar 2027 07:04:42 +0000
asID: 206264
IP address blocks: 193.201.73.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:ed:83:72:c9:a3:46:1b:db:43:44:61:f5:87:1b:1f:bd:a7:b2:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5511f6d7def4c0ffb6e2b3b3f0c4455dcd14c160
Validity
Not Before: Mar 8 06:59:42 2026 GMT
Not After : Mar 7 07:04:42 2027 GMT
Subject: CN=3A2B8660F0EA98B7E8A88D7267A4939D5434BAF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4f:e8:9b:73:53:ea:0f:68:fb:ae:08:d0:0f:
5f:87:d1:8c:c4:bd:3c:d8:c2:10:0d:42:cf:e3:3b:
0f:b4:1d:88:b3:33:1a:be:bb:8b:e3:ce:0e:18:43:
ab:b9:4f:bd:18:40:67:c3:c4:7d:ed:f2:d9:fa:0c:
cb:81:36:e6:4f:43:39:4e:e3:6a:71:d6:30:9d:c7:
fd:2a:89:9b:c2:22:f7:fb:e6:8d:97:f3:34:3d:9b:
43:0d:79:37:52:14:51:45:1d:7d:0e:30:65:ed:cb:
c0:0b:52:0b:a5:a9:9a:67:47:7f:d5:99:28:2e:ac:
05:c8:9d:23:31:28:82:ad:51:42:6c:ce:6e:73:cd:
ee:79:e0:a2:62:92:d4:0f:4f:c3:1f:38:17:bf:df:
92:18:23:99:dc:69:8d:7f:12:09:59:49:dd:e8:75:
b6:0e:4a:ad:1d:d9:23:3b:8b:dd:50:90:78:6e:ee:
59:af:64:4b:8c:8b:93:27:a5:39:2c:57:ad:13:71:
eb:ff:25:94:cf:57:d8:be:be:28:ef:12:61:c7:42:
35:ff:df:04:58:3f:be:11:92:ad:b8:ca:e4:b7:b9:
d7:e5:39:2d:21:c4:85:21:5f:cc:d9:9c:6f:cb:c4:
bc:04:9b:2c:36:1b:4f:c5:31:d0:81:d9:4a:03:2b:
b2:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:2B:86:60:F0:EA:98:B7:E8:A8:8D:72:67:A4:93:9D:54:34:BA:F3
X509v3 Authority Key Identifier:
keyid:55:11:F6:D7:DE:F4:C0:FF:B6:E2:B3:B3:F0:C4:45:5D:CD:14:C1:60
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/5511F6D7DEF4C0FFB6E2B3B3F0C4455DCD14C160.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VRH21970wP-24rOz8MRFXc0UwWA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d08bc49d-0338-4b5f-8204-0004a66105c9/0/3139332e3230312e37332e302f32342d3234203d3e20323036323634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.73.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:f5:fb:be:09:21:c4:66:ce:8b:e5:71:ad:e2:a8:d5:97:fd:
99:fc:af:d2:64:20:49:57:9e:78:4c:cf:0c:7a:10:46:6f:58:
45:89:da:60:8b:d8:55:b3:a7:76:af:60:e7:16:4b:a4:66:49:
f0:ce:e5:c3:0f:77:64:f9:b1:d5:5b:a4:40:d1:36:64:5f:5b:
69:c6:ea:d0:a6:d7:01:0c:d4:04:d4:63:06:c3:dd:49:9d:73:
62:8d:f4:c0:e4:b3:97:9a:c3:91:c0:a7:f6:77:cd:6f:76:2c:
b3:94:7a:9f:2c:83:80:8e:d8:49:19:46:2a:37:dd:11:f8:81:
eb:32:c2:83:f8:2f:99:c4:b1:47:0b:94:b2:e2:f5:da:c1:7d:
fb:f9:68:67:75:95:ba:e2:d9:f6:6a:4d:38:6d:fd:4c:16:8f:
37:39:18:e4:c9:5a:c2:ed:07:da:20:76:2b:cf:ea:3f:51:8e:
1d:89:23:d5:db:f7:49:38:39:f5:9c:15:f4:b4:43:c8:29:90:
e7:24:ac:f0:00:6d:9d:67:ff:3e:11:f8:d5:85:d2:da:d8:81:
43:53:45:77:b0:17:b2:d3:94:e6:1d:85:1a:e6:10:3c:31:3a:
cd:a6:e0:31:f1:ad:c5:a6:6d:67:bd:92:fe:f2:34:87:77:6b:
b0:f6:64:b4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeu2DcsmjRhvbQ0Rh9YcbH72nsj0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUxMWY2ZDdkZWY0YzBmZmI2ZTJiM2IzZjBjNDQ1NWRj
ZDE0YzE2MDAeFw0yNjAzMDgwNjU5NDJaFw0yNzAzMDcwNzA0NDJaMDMxMTAvBgNV
BAMTKDNBMkI4NjYwRjBFQTk4QjdFOEE4OEQ3MjY3QTQ5MzlENTQzNEJBRjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBT+ibc1PqD2j7rgjQD1+H0YzE
vTzYwhANQs/jOw+0HYizMxq+u4vjzg4YQ6u5T70YQGfDxH3t8tn6DMuBNuZPQzlO
42px1jCdx/0qiZvCIvf75o2X8zQ9m0MNeTdSFFFFHX0OMGXty8ALUgulqZpnR3/V
mSgurAXInSMxKIKtUUJszm5zze554KJiktQPT8MfOBe/35IYI5ncaY1/EglZSd3o
dbYOSq0d2SM7i91QkHhu7lmvZEuMi5MnpTksV60Tcev/JZTPV9i+vijvEmHHQjX/
3wRYP74Rkq24yuS3udflOS0hxIUhX8zZnG/LxLwEmyw2G0/FMdCB2UoDK7LhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOiuGYPDqmLfoqI1yZ6STnVQ0uvMwHwYDVR0j
BBgwFoAUVRH21970wP+24rOz8MRFXc0UwWAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQtMDMzOC00YjVmLTgyMDQtMDAwNGE2NjEw
NWM5LzAvNTUxMUY2RDdERUY0QzBGRkI2RTJCM0IzRjBDNDQ1NURDRDE0QzE2MC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1ZSSDIxOTcwd1AtMjRyT3o4TVJGWGMw
VXdXQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDA4YmM0OWQt
MDMzOC00YjVmLTgyMDQtMDAwNGE2NjEwNWM5LzAvMzEzOTMzMmUzMjMwMzEyZTM3
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMjM2MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADByUkwDQYJKoZIhvcNAQELBQADggEBAFv1+74JIcRmzovlca3iqNWX/Zn8r9Jk
IElXnnhMzwx6EEZvWEWJ2mCL2FWzp3avYOcWS6RmSfDO5cMPd2T5sdVbpEDRNmRf
W2nG6tCm1wEM1ATUYwbD3Umdc2KN9MDks5eaw5HAp/Z3zW92LLOUep8sg4CO2EkZ
Rio33RH4gesywoP4L5nEsUcLlLLi9drBffv5aGd1lbri2fZqTTht/UwWjzc5GOTJ
WsLtB9ogdivP6j9Rjh2JI9Xb90k4OfWcFfS0Q8gpkOckrPAAbZ1n/z4R+NWF0trY
gUNTRXewF7LTlOYdhRrmEDwxOs2m4DHxrcWmbWe9kv7yNId3a7D2ZLQ=
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:57:52 2026 by rpki-client