Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31363a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31363a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: 5z9ZM9Br6mEg2+Y8bocLoBIIy4dKHZ0WxOx/6DJHbAQ=
Subject key identifier: 22:C9:02:93:15:11:6E:3C:1D:B2:9C:21:EF:80:CA:8A:4D:26:74:43
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4D33290DCEF96E4B6B1795868FCD853E5B35B6FF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31363a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:16 +0000
ROA not before: Fri 27 Dec 2024 09:23:16 +0000
ROA not after: Fri 26 Dec 2025 09:28:16 +0000
asID: 9009
IP address blocks: 2a13:9500:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:33:29:0d:ce:f9:6e:4b:6b:17:95:86:8f:cd:85:3e:5b:35:b6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:16 2024 GMT
Not After : Dec 26 09:28:16 2025 GMT
Subject: CN=22C9029315116E3C1DB29C21EF80CA8A4D267443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:78:66:1d:69:47:d2:48:c1:4f:53:bb:de:d1:
02:a2:7d:17:8d:da:e3:d3:2c:8d:ad:f4:d5:43:55:
e5:22:18:1f:35:e5:77:ae:08:aa:5f:68:43:e6:3b:
cd:c0:5a:0c:5c:7d:dc:c2:1d:5e:d8:f1:f7:dc:02:
be:08:fb:71:68:c1:91:4b:fa:86:53:5f:7d:ac:f3:
a6:f4:ac:66:df:8a:c5:df:26:39:c2:66:67:71:d3:
49:d6:08:10:15:a5:00:34:41:ca:cd:50:c2:e7:21:
7d:5f:05:93:94:c2:af:9b:eb:d4:12:d7:52:4f:32:
b4:df:be:77:0c:00:2c:05:be:d0:5a:02:a6:87:d3:
01:6c:33:8e:a2:61:6e:76:3e:31:e0:a8:3e:8d:cf:
7d:f4:69:0c:a7:73:f5:22:1b:5f:50:34:91:26:b0:
9b:9c:f6:46:e7:51:c1:72:8a:52:7c:4a:5a:7e:97:
11:53:aa:9e:98:d1:a5:b3:ee:b9:cd:01:7b:46:5d:
a5:51:56:ca:27:95:d5:b3:8a:74:cd:8b:af:02:7e:
da:aa:f4:54:82:e9:27:06:52:2c:b9:b1:f3:5a:32:
99:e1:18:b0:e7:af:b2:c3:82:5c:92:f1:d4:9d:4a:
db:42:c6:8f:f9:32:05:90:e7:9a:a6:06:4b:66:90:
e1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C9:02:93:15:11:6E:3C:1D:B2:9C:21:EF:80:CA:8A:4D:26:74:43
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31363a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:16::/48
Signature Algorithm: sha256WithRSAEncryption
9f:85:ce:48:f2:b9:ea:51:3d:a4:f1:ae:1a:8f:12:ad:70:e7:
e6:33:c4:93:71:7e:59:ed:d5:a2:98:c5:d8:ce:ee:40:d2:2a:
39:a5:4a:e5:96:71:be:ba:01:91:30:19:4e:c6:88:7a:53:35:
ed:59:9f:40:ab:10:ec:2f:b2:40:8d:6a:f3:de:19:8f:a9:b3:
d8:7c:be:ac:bf:87:bb:8c:c2:bf:9f:ce:ae:24:03:51:a4:d4:
18:15:b5:09:e8:b0:bf:6e:5c:40:bb:d6:81:9f:75:1b:b6:e1:
6c:99:04:47:15:d3:f7:5f:57:66:bd:9e:e4:5f:d8:36:08:16:
8d:cb:a8:3c:ef:ee:32:20:4c:a2:9d:28:5d:33:14:30:6b:95:
ff:76:33:3a:2a:4f:98:89:ad:5c:59:93:46:8b:75:7a:4f:4d:
28:3d:c2:28:c8:25:be:10:b9:7f:0e:07:c6:13:26:58:4c:53:
cf:eb:b7:de:56:2d:34:c5:e2:20:ee:4a:ce:ad:db:b2:53:d3:
ac:61:b1:a3:6a:05:ce:a5:8b:2b:27:c3:3b:82:34:a5:85:63:
94:ec:e9:04:11:30:33:7f:5e:8e:62:f2:ad:fe:1d:42:86:45:
3a:27:94:31:d5:e0:fd:22:8d:71:67:49:1b:b3:c0:05:bb:75:
bb:8d:51:c7
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUTTMpDc75bktrF5WGj82FPls1tv8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTZaFw0yNTEyMjYwOTI4MTZaMDMxMTAvBgNV
BAMTKDIyQzkwMjkzMTUxMTZFM0MxREIyOUMyMUVGODBDQThBNEQyNjc0NDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJeGYdaUfSSMFPU7ve0QKifReN
2uPTLI2t9NVDVeUiGB815XeuCKpfaEPmO83AWgxcfdzCHV7Y8ffcAr4I+3FowZFL
+oZTX32s86b0rGbfisXfJjnCZmdx00nWCBAVpQA0QcrNUMLnIX1fBZOUwq+b69QS
11JPMrTfvncMACwFvtBaAqaH0wFsM46iYW52PjHgqD6Nz330aQync/UiG19QNJEm
sJuc9kbnUcFyilJ8Slp+lxFTqp6Y0aWz7rnNAXtGXaVRVsonldWzinTNi68Cftqq
9FSC6ScGUiy5sfNaMpnhGLDnr7LDglyS8dSdSttCxo/5MgWQ55qmBktmkOEVAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUIskCkxURbjwdspwh74DKik0mdEMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABYwDQYJKoZIhvcNAQELBQADggEBAJ+FzkjyuepRPaTxrhqPEq1w5+Yz
xJNxflnt1aKYxdjO7kDSKjmlSuWWcb66AZEwGU7GiHpTNe1Zn0CrEOwvskCNavPe
GY+ps9h8vqy/h7uMwr+fzq4kA1Gk1BgVtQnosL9uXEC71oGfdRu24WyZBEcV0/df
V2a9nuRf2DYIFo3LqDzv7jIgTKKdKF0zFDBrlf92MzoqT5iJrVxZk0aLdXpPTSg9
wijIJb4QuX8OB8YTJlhMU8/rt95WLTTF4iDuSs6t27JT06xhsaNqBc6liysnwzuC
NKWFY5Ts6QQRMDN/Xo5i8q3+HUKGRTonlDHV4P0ijXFnSRuzwAW7dbuNUcc=
-----END CERTIFICATE-----
Generated at Wed May 7 09:27:51 2025 by rpki-client