Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31343a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31343a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: zwOJfihRs7jbx9+BNUFhntK0DZZQHWwg4RSt03AscHE=
Subject key identifier: 16:CE:EE:F2:16:51:B0:EA:2B:21:B4:20:1C:75:E8:F7:BC:6F:97:02
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 11D193126B5B2603F9390A3A7F9A116BC2C4BB74
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31343a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:16 +0000
ROA not before: Fri 27 Dec 2024 09:23:16 +0000
ROA not after: Fri 26 Dec 2025 09:28:16 +0000
asID: 9009
IP address blocks: 2a13:9500:14::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d1:93:12:6b:5b:26:03:f9:39:0a:3a:7f:9a:11:6b:c2:c4:bb:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:16 2024 GMT
Not After : Dec 26 09:28:16 2025 GMT
Subject: CN=16CEEEF21651B0EA2B21B4201C75E8F7BC6F9702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:89:71:79:22:94:2a:2b:e8:1c:87:cc:0b:83:
5c:c4:46:41:65:bf:ee:84:d7:58:86:16:fe:63:f3:
6b:c4:b7:56:84:6d:ae:c9:30:42:75:d9:9f:f1:3f:
71:ba:75:2d:19:c3:42:d2:dc:8b:6f:75:1e:0b:af:
6d:39:ba:15:ea:bf:71:63:f0:29:14:73:57:14:35:
51:1e:69:60:c8:a6:57:3d:df:8f:c9:ef:18:c0:72:
32:42:cc:64:31:2a:fb:60:60:7a:b7:a1:b7:78:fc:
c9:40:2f:8f:7a:5f:18:11:2a:6f:d0:c3:17:1c:79:
5e:2a:4c:98:87:c0:be:eb:6c:86:e6:52:e7:1f:d3:
72:0e:b5:4b:81:66:11:9e:bf:21:6a:c6:a6:db:10:
b4:42:b2:9e:c0:25:dc:a8:27:31:5d:82:2e:d3:46:
8a:8d:2a:6c:21:8b:bd:52:23:64:31:f4:3d:92:ca:
9c:e4:75:14:15:f4:a3:1c:83:bc:52:7f:22:8d:24:
95:59:95:35:a0:e3:86:20:d3:8a:2e:78:be:e2:c3:
f9:f8:94:d7:6b:a4:09:78:99:3b:dd:0d:68:99:80:
fd:a7:a7:56:ef:a0:ad:18:8f:89:49:e2:79:03:81:
85:5b:9a:22:9e:6d:30:84:b4:c6:35:c9:8b:fc:a7:
ef:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:CE:EE:F2:16:51:B0:EA:2B:21:B4:20:1C:75:E8:F7:BC:6F:97:02
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31343a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:14::/48
Signature Algorithm: sha256WithRSAEncryption
15:b4:45:da:f2:63:ef:18:7f:35:56:ba:f9:e8:7e:74:e8:fa:
0c:23:d3:f9:87:f1:d7:7c:2a:a0:15:ba:7b:03:13:78:ad:83:
ce:4e:07:2a:d8:8b:3a:e6:d7:21:15:10:cb:10:cf:87:f1:22:
f7:fd:13:80:8a:19:80:a9:4b:21:e8:c0:00:d5:13:7a:76:61:
f2:29:db:0a:8b:bc:ab:0b:3f:1d:be:10:9c:4f:02:23:be:49:
8e:55:d7:1d:20:5e:4a:81:22:ad:95:a8:dc:26:ca:4e:8a:14:
61:5f:64:36:d9:41:e9:2c:64:0a:86:1d:18:d8:32:7e:15:3e:
af:d0:b1:f1:62:ff:eb:e8:43:f2:38:26:b7:8e:1a:0d:9e:e4:
b6:66:c5:97:da:32:96:ad:20:8d:11:66:73:fd:2d:6a:63:0c:
96:74:84:7c:4d:16:30:88:58:2f:8a:c2:c9:e6:0d:49:df:e4:
f8:81:60:b1:fc:bc:b9:4a:e3:c7:1b:f1:cd:c8:cd:e6:5b:41:
79:e5:a3:3b:71:a5:b7:5e:e3:4e:87:85:29:f2:03:66:82:72:
d6:72:70:f6:da:96:9b:78:9d:ab:ca:b9:9c:4d:00:ae:61:f3:
49:b0:ee:f2:5c:a7:ba:fe:f4:0b:ca:ba:89:13:07:15:d1:44:
ab:91:08:db
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUEdGTEmtbJgP5OQo6f5oRa8LEu3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTZaFw0yNTEyMjYwOTI4MTZaMDMxMTAvBgNV
BAMTKDE2Q0VFRUYyMTY1MUIwRUEyQjIxQjQyMDFDNzVFOEY3QkM2Rjk3MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHiXF5IpQqK+gch8wLg1zERkFl
v+6E11iGFv5j82vEt1aEba7JMEJ12Z/xP3G6dS0Zw0LS3ItvdR4Lr205uhXqv3Fj
8CkUc1cUNVEeaWDIplc934/J7xjAcjJCzGQxKvtgYHq3obd4/MlAL496XxgRKm/Q
wxcceV4qTJiHwL7rbIbmUucf03IOtUuBZhGevyFqxqbbELRCsp7AJdyoJzFdgi7T
RoqNKmwhi71SI2Qx9D2SypzkdRQV9KMcg7xSfyKNJJVZlTWg44Yg04oueL7iw/n4
lNdrpAl4mTvdDWiZgP2np1bvoK0Yj4lJ4nkDgYVbmiKebTCEtMY1yYv8p+8vAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUFs7u8hZRsOorIbQgHHXo97xvlwIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABQwDQYJKoZIhvcNAQELBQADggEBABW0RdryY+8YfzVWuvnofnTo+gwj
0/mH8dd8KqAVunsDE3itg85OByrYizrm1yEVEMsQz4fxIvf9E4CKGYCpSyHowADV
E3p2YfIp2wqLvKsLPx2+EJxPAiO+SY5V1x0gXkqBIq2VqNwmyk6KFGFfZDbZQeks
ZAqGHRjYMn4VPq/QsfFi/+voQ/I4JreOGg2e5LZmxZfaMpatII0RZnP9LWpjDJZ0
hHxNFjCIWC+KwsnmDUnf5PiBYLH8vLlK48cb8c3IzeZbQXnloztxpbde406HhSny
A2aCctZycPbalpt4navKuZxNAK5h80mw7vJcp7r+9AvKuokTBxXRRKuRCNs=
-----END CERTIFICATE-----
Generated at Tue May 6 19:14:17 2025 by rpki-client