Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31313a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31313a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: mVoaLbzFz8mAVn4of6dDB/cfVwtwl7fv/2pdd2I+CJk=
Subject key identifier: A0:EC:ED:4B:F8:93:51:B2:D3:63:B2:E3:41:54:82:C0:7B:18:6E:B8
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5AFD71A408F822EBD4DB58575E50F98176E562F6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31313a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:12 +0000
ROA not before: Fri 27 Dec 2024 09:23:12 +0000
ROA not after: Fri 26 Dec 2025 09:28:12 +0000
asID: 9009
IP address blocks: 2a13:9500:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:fd:71:a4:08:f8:22:eb:d4:db:58:57:5e:50:f9:81:76:e5:62:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:12 2024 GMT
Not After : Dec 26 09:28:12 2025 GMT
Subject: CN=A0ECED4BF89351B2D363B2E3415482C07B186EB8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:09:0e:22:cf:11:c1:e8:17:2d:3d:cc:e8:ff:
b5:a9:a6:d4:9e:25:97:b4:43:fd:65:2f:8a:3d:45:
19:d5:29:22:e5:48:15:c0:0f:f0:0c:d9:23:7d:6b:
97:c8:c9:f5:0e:16:3c:27:7b:89:4f:0b:c9:f4:78:
fa:19:be:18:a0:c4:a5:c9:35:69:8c:cf:c2:33:46:
02:1d:80:d5:96:e3:04:ce:5a:53:9f:4a:eb:47:35:
bb:78:2e:69:82:31:13:d3:03:79:53:59:f6:bc:01:
bc:b9:02:88:68:48:05:e2:f7:fc:9c:6d:82:ef:9b:
cc:d2:9e:04:e1:67:b9:89:24:33:eb:9c:dd:e2:26:
0b:58:21:7e:ae:b0:58:26:46:da:d2:83:e8:31:99:
68:a5:13:02:88:e3:49:6b:9c:7e:f1:90:fd:a4:88:
33:bf:4e:02:04:bb:33:0b:35:5b:8e:c0:95:19:41:
87:f0:7a:ab:cf:c6:f3:43:11:23:8a:59:89:55:08:
df:2c:52:59:49:c4:fa:7d:d0:9c:53:75:43:31:34:
10:08:46:03:a3:94:9c:a3:cc:46:57:ba:2d:c9:8b:
67:40:ce:44:47:4e:99:03:f5:e0:78:63:d8:8b:28:
ac:c9:84:bc:14:b7:81:df:03:64:9b:a5:bc:7f:e6:
3c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EC:ED:4B:F8:93:51:B2:D3:63:B2:E3:41:54:82:C0:7B:18:6E:B8
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31313a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:11::/48
Signature Algorithm: sha256WithRSAEncryption
5a:a4:9a:ea:c2:67:c6:a0:e9:3b:5b:16:15:79:64:f5:84:7c:
fa:01:09:71:4f:be:9d:ab:46:97:90:d2:98:80:a5:1a:f5:ad:
46:57:c5:08:ee:cc:c9:fb:2e:e1:9e:99:7a:55:7d:76:af:ef:
b7:9d:26:83:8e:55:21:f0:5e:8c:29:44:7a:a4:1d:ee:79:04:
d8:3a:61:71:2b:1d:be:aa:53:3d:11:00:27:94:0d:f5:c3:6a:
1b:00:c2:62:40:15:c6:d7:4d:00:e0:ba:be:f9:e4:77:0d:01:
23:57:69:32:80:38:92:a9:67:7f:cc:18:1a:a9:17:8b:e0:2c:
89:50:f1:9f:7a:12:20:bd:b7:47:48:9b:4c:93:e7:14:83:bd:
7b:75:ee:1f:7b:11:43:24:e4:49:36:97:59:7c:e5:16:d2:d6:
9f:27:9c:16:88:89:6f:2a:71:c1:ff:19:46:fb:c7:e1:43:ec:
d7:6e:16:be:cc:58:25:bf:f5:98:62:0d:c1:36:ed:bb:96:a1:
37:01:6d:14:a5:9e:98:27:b6:9d:32:9e:b9:2a:46:9e:a3:37:
65:23:8a:88:18:e0:bc:20:27:82:26:4f:87:c5:7c:ee:d4:fa:
b4:9e:e1:58:a7:24:83:8c:be:3a:c1:db:ed:db:40:c3:09:b4:
85:a9:c1:b3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUWv1xpAj4IuvU21hXXlD5gXblYvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTJaFw0yNTEyMjYwOTI4MTJaMDMxMTAvBgNV
BAMTKEEwRUNFRDRCRjg5MzUxQjJEMzYzQjJFMzQxNTQ4MkMwN0IxODZFQjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLCQ4izxHB6BctPczo/7WpptSe
JZe0Q/1lL4o9RRnVKSLlSBXAD/AM2SN9a5fIyfUOFjwne4lPC8n0ePoZvhigxKXJ
NWmMz8IzRgIdgNWW4wTOWlOfSutHNbt4LmmCMRPTA3lTWfa8Aby5AohoSAXi9/yc
bYLvm8zSngThZ7mJJDPrnN3iJgtYIX6usFgmRtrSg+gxmWilEwKI40lrnH7xkP2k
iDO/TgIEuzMLNVuOwJUZQYfweqvPxvNDESOKWYlVCN8sUllJxPp90JxTdUMxNBAI
RgOjlJyjzEZXui3Ji2dAzkRHTpkD9eB4Y9iLKKzJhLwUt4HfA2Sbpbx/5jzHAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUoOztS/iTUbLTY7LjQVSCwHsYbrgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABEwDQYJKoZIhvcNAQELBQADggEBAFqkmurCZ8ag6TtbFhV5ZPWEfPoB
CXFPvp2rRpeQ0piApRr1rUZXxQjuzMn7LuGemXpVfXav77edJoOOVSHwXowpRHqk
He55BNg6YXErHb6qUz0RACeUDfXDahsAwmJAFcbXTQDgur755HcNASNXaTKAOJKp
Z3/MGBqpF4vgLIlQ8Z96EiC9t0dIm0yT5xSDvXt17h97EUMk5Ek2l1l85RbS1p8n
nBaIiW8qccH/GUb7x+FD7NduFr7MWCW/9ZhiDcE27buWoTcBbRSlnpgntp0ynrkq
Rp6jN2UjiogY4LwgJ4ImT4fFfO7U+rSe4VinJIOMvjrB2+3bQMMJtIWpwbM=
-----END CERTIFICATE-----
Generated at Wed May 7 02:17:20 2025 by rpki-client