Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31613a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31613a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: ZlyYua6gP+hrYftoi9g72BzCblvwlCxnbkxRpOLbLZY=
Subject key identifier: 2D:43:97:B0:E6:86:37:22:15:74:49:95:EE:24:A8:F4:30:A6:51:4E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4F5F64FEB151F0C5990782C55B2A8D662448B756
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31613a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:11 +0000
ROA not before: Fri 27 Dec 2024 09:23:11 +0000
ROA not after: Fri 26 Dec 2025 09:28:11 +0000
asID: 9009
IP address blocks: 2a13:9500:1a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:5f:64:fe:b1:51:f0:c5:99:07:82:c5:5b:2a:8d:66:24:48:b7:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:11 2024 GMT
Not After : Dec 26 09:28:11 2025 GMT
Subject: CN=2D4397B0E686372215744995EE24A8F430A6514E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ed:46:e5:b8:19:c7:d8:f2:71:23:6d:75:64:
23:70:88:a9:1e:ad:ca:56:f4:20:be:3f:19:22:62:
1b:35:50:99:25:54:ee:38:4d:ca:32:f3:96:2c:48:
3d:a9:ac:e2:07:62:52:a1:48:81:2a:35:63:34:21:
79:61:10:2f:f4:a5:35:27:a3:7f:8f:cb:4c:76:8f:
dd:da:6b:4e:4e:78:b2:25:3a:ef:6e:e6:ef:0e:ef:
8a:f6:b7:78:6e:5b:27:18:45:06:d3:be:15:29:86:
67:60:ae:12:df:5b:a1:f4:f9:8f:16:47:37:a6:b3:
26:06:70:69:23:0f:44:78:e2:93:66:54:09:66:0f:
34:fd:17:07:a6:85:ad:27:e5:71:48:60:d5:c1:1a:
8e:9d:9f:f8:2e:f3:ef:67:4b:48:aa:5e:0e:54:27:
db:2e:06:18:11:b9:d4:31:a8:e1:12:76:04:98:33:
64:78:32:b4:79:c1:3c:cc:21:81:2e:97:07:99:27:
cd:0e:d4:78:5b:ed:4f:e6:14:2f:0a:09:37:7f:dc:
ec:9c:fc:42:af:9d:e0:36:33:0f:cb:ef:5f:47:0e:
43:01:a9:42:b2:a0:4a:38:b5:27:7d:3f:37:27:a9:
9b:1f:9d:62:74:48:e6:17:5d:d6:66:5e:25:95:a8:
17:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:43:97:B0:E6:86:37:22:15:74:49:95:EE:24:A8:F4:30:A6:51:4E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31613a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1a::/48
Signature Algorithm: sha256WithRSAEncryption
6f:d6:62:10:6e:f3:57:2a:47:78:c0:84:29:51:24:77:e9:99:
15:2a:f3:e3:b0:8f:61:c9:27:ba:78:eb:62:78:24:f4:62:74:
58:68:66:d1:78:58:ac:57:1a:1f:5d:0d:10:c4:a5:05:cd:20:
d7:fa:10:99:46:08:9d:6d:60:8e:6a:d2:f9:ce:2f:49:ba:2f:
b6:10:6b:0f:7c:12:73:ae:09:10:98:1d:10:ed:37:52:01:f4:
07:da:a5:b5:01:07:2e:57:3b:85:ed:bd:c9:91:e8:88:20:6f:
60:e4:55:10:95:e2:67:bb:ed:12:dd:1d:77:6a:fc:73:60:f4:
bb:59:ff:13:d3:63:48:61:2d:42:c0:76:47:0b:6b:90:4c:4f:
45:f7:ff:10:b3:70:22:56:c9:2d:30:9e:28:1f:92:a7:b8:f6:
fc:2e:42:e3:a4:79:11:86:01:e0:e0:c1:69:3f:23:82:41:d9:
15:5a:a3:13:22:80:fb:2e:02:7c:b7:6f:f2:1a:62:72:b3:4b:
a8:65:fc:07:c7:99:6d:0f:8a:4d:af:bd:d1:54:a7:3b:d1:5a:
07:5f:e1:2b:a0:91:19:98:ad:d0:45:1d:16:9d:53:b2:1d:15:
f3:93:cd:96:74:df:92:24:bd:91:97:19:e4:c4:51:e7:be:ac:
f8:4a:aa:b7
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUT19k/rFR8MWZB4LFWyqNZiRIt1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTFaFw0yNTEyMjYwOTI4MTFaMDMxMTAvBgNV
BAMTKDJENDM5N0IwRTY4NjM3MjIxNTc0NDk5NUVFMjRBOEY0MzBBNjUxNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+7UbluBnH2PJxI211ZCNwiKke
rcpW9CC+PxkiYhs1UJklVO44Tcoy85YsSD2prOIHYlKhSIEqNWM0IXlhEC/0pTUn
o3+Py0x2j93aa05OeLIlOu9u5u8O74r2t3huWycYRQbTvhUphmdgrhLfW6H0+Y8W
RzemsyYGcGkjD0R44pNmVAlmDzT9Fwemha0n5XFIYNXBGo6dn/gu8+9nS0iqXg5U
J9suBhgRudQxqOESdgSYM2R4MrR5wTzMIYEulweZJ80O1Hhb7U/mFC8KCTd/3Oyc
/EKvneA2Mw/L719HDkMBqUKyoEo4tSd9PzcnqZsfnWJ0SOYXXdZmXiWVqBfFAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQULUOXsOaGNyIVdEmV7iSo9DCmUU4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABowDQYJKoZIhvcNAQELBQADggEBAG/WYhBu81cqR3jAhClRJHfpmRUq
8+Owj2HJJ7p462J4JPRidFhoZtF4WKxXGh9dDRDEpQXNINf6EJlGCJ1tYI5q0vnO
L0m6L7YQaw98EnOuCRCYHRDtN1IB9AfapbUBBy5XO4XtvcmR6Iggb2DkVRCV4me7
7RLdHXdq/HNg9LtZ/xPTY0hhLULAdkcLa5BMT0X3/xCzcCJWyS0wnigfkqe49vwu
QuOkeRGGAeDgwWk/I4JB2RVaoxMigPsuAny3b/IaYnKzS6hl/AfHmW0Pik2vvdFU
pzvRWgdf4SugkRmYrdBFHRadU7IdFfOTzZZ035IkvZGXGeTEUee+rPhKqrc=
-----END CERTIFICATE-----
Generated at Tue May 6 21:34:13 2025 by rpki-client