Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: k2Zo6EI2oIWNdCv5HwC3EopS+c4U3ke7eOW2oN9jY3E=
Subject key identifier: C0:0C:BA:46:63:B9:16:B3:81:53:CC:CA:11:A4:E2:01:D5:7E:CC:0A
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3CE0E4BB6E5B83921D9146C57C5B8582121E1306
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:19 +0000
ROA not before: Fri 27 Dec 2024 09:23:19 +0000
ROA not after: Fri 26 Dec 2025 09:28:19 +0000
asID: 9009
IP address blocks: 2a13:9500:13::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:e0:e4:bb:6e:5b:83:92:1d:91:46:c5:7c:5b:85:82:12:1e:13:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:19 2024 GMT
Not After : Dec 26 09:28:19 2025 GMT
Subject: CN=C00CBA4663B916B38153CCCA11A4E201D57ECC0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:92:9d:ba:de:3b:32:27:65:b5:88:eb:df:ee:
a3:01:51:da:0c:1c:c3:8d:36:bc:11:af:ca:77:3d:
76:dd:f7:fb:50:63:0b:56:bc:b1:cc:e5:b5:82:5f:
09:ab:5d:e4:f6:2e:d9:16:b6:69:1a:e0:b8:59:30:
cb:57:ad:de:85:ad:ef:9a:ba:4d:e9:4d:f1:cc:42:
e3:83:b4:12:ea:da:69:df:08:8a:f2:a4:fa:c9:81:
ef:3f:5a:6d:cb:01:10:2c:8b:15:7a:91:b2:27:57:
ce:ef:29:9e:89:bc:30:4e:d1:04:01:97:81:8a:77:
72:3c:ae:e7:02:dc:56:a2:82:36:73:5b:c5:66:de:
c8:0f:15:a0:c6:55:54:c4:c5:fe:e5:1d:b3:59:0b:
3e:34:2c:bb:b1:7b:b0:e7:75:58:80:34:f3:25:97:
ed:c7:c7:e3:3f:df:e5:ec:ee:dd:c2:ed:1f:e8:20:
d3:a0:aa:5b:9c:0d:b2:ef:5e:5f:51:c4:9c:8e:f9:
24:19:d3:ec:3b:72:3e:96:ba:81:6c:a8:b5:5f:e7:
ec:31:78:11:0a:d8:78:84:1c:4f:e6:c8:17:9e:5d:
ca:c9:04:ef:1e:55:10:8b:3b:4c:04:d0:9b:e6:01:
c0:5a:f0:17:e0:44:08:ec:db:1e:72:a9:25:41:a4:
6d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:0C:BA:46:63:B9:16:B3:81:53:CC:CA:11:A4:E2:01:D5:7E:CC:0A
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31333a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:13::/48
Signature Algorithm: sha256WithRSAEncryption
07:ef:7c:40:e9:dd:37:da:99:5b:c8:85:1b:ae:c1:cf:fc:41:
f2:c5:f7:9b:c2:54:89:b9:6c:0f:0d:a7:ca:72:49:24:34:92:
7c:67:bc:c7:1a:2f:45:4f:8d:5f:8b:45:85:cf:84:a4:b2:04:
3e:52:bf:18:e6:00:11:85:b8:78:b4:f6:0c:39:d2:b6:0c:70:
37:30:e0:09:87:0c:01:81:3c:b9:ba:12:b6:f8:42:75:d5:b5:
ec:5f:42:f3:8f:56:3c:a4:32:ec:7e:72:11:53:28:44:0b:62:
74:b8:9e:5f:b1:25:47:2c:6c:2e:0c:1c:75:55:63:b3:40:62:
9a:1d:eb:ee:c1:fd:f0:fe:d0:e8:a9:b9:c1:3d:6c:2a:69:39:
6b:a3:79:7a:e0:11:c7:9a:74:52:8d:8f:29:89:f3:47:9e:5d:
f3:d5:43:70:e4:f7:90:cb:30:8d:79:67:3a:ab:64:0b:47:86:
a4:d8:31:18:40:84:eb:07:d3:be:e5:db:41:0c:ec:ee:01:ab:
50:21:55:73:9c:9d:6d:c6:74:38:cc:3b:44:89:ec:27:b2:b3:
12:cc:71:42:c9:fa:09:f4:77:12:51:f4:21:88:e7:ed:e2:f3:
59:d1:31:b4:94:b4:27:a2:ac:69:0e:6b:a8:e5:2b:28:e3:c9:
70:1c:15:c4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUPODku25bg5IdkUbFfFuFghIeEwYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTlaFw0yNTEyMjYwOTI4MTlaMDMxMTAvBgNV
BAMTKEMwMENCQTQ2NjNCOTE2QjM4MTUzQ0NDQTExQTRFMjAxRDU3RUNDMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPkp263jsyJ2W1iOvf7qMBUdoM
HMONNrwRr8p3PXbd9/tQYwtWvLHM5bWCXwmrXeT2LtkWtmka4LhZMMtXrd6Fre+a
uk3pTfHMQuODtBLq2mnfCIrypPrJge8/Wm3LARAsixV6kbInV87vKZ6JvDBO0QQB
l4GKd3I8rucC3FaigjZzW8Vm3sgPFaDGVVTExf7lHbNZCz40LLuxe7DndViANPMl
l+3Hx+M/3+Xs7t3C7R/oINOgqlucDbLvXl9RxJyO+SQZ0+w7cj6WuoFsqLVf5+wx
eBEK2HiEHE/myBeeXcrJBO8eVRCLO0wE0JvmAcBa8BfgRAjs2x5yqSVBpG1VAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUwAy6RmO5FrOBU8zKEaTiAdV+zAowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABMwDQYJKoZIhvcNAQELBQADggEBAAfvfEDp3TfamVvIhRuuwc/8QfLF
95vCVIm5bA8Np8pySSQ0knxnvMcaL0VPjV+LRYXPhKSyBD5SvxjmABGFuHi09gw5
0rYMcDcw4AmHDAGBPLm6Erb4QnXVtexfQvOPVjykMux+chFTKEQLYnS4nl+xJUcs
bC4MHHVVY7NAYpod6+7B/fD+0OipucE9bCppOWujeXrgEceadFKNjymJ80eeXfPV
Q3Dk95DLMI15ZzqrZAtHhqTYMRhAhOsH077l20EM7O4Bq1AhVXOcnW3GdDjMO0SJ
7CeysxLMcULJ+gn0dxJR9CGI5+3i81nRMbSUtCeirGkOa6jlKyjjyXAcFcQ=
-----END CERTIFICATE-----
Generated at Tue May 6 21:33:34 2025 by rpki-client