Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31633a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31633a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: GHN0071nGzPd+0Pq2rvajWrW7kasFjyk2qa8bNpmDWY=
Subject key identifier: DA:5D:C7:6C:AA:0B:BF:1B:D5:CD:6A:B7:2E:D4:12:3F:19:FE:B7:0F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2305FC6ED9E47B7B6FAF233BC18A4B72DD99E8E3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31633a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:12 +0000
ROA not before: Fri 27 Dec 2024 09:23:12 +0000
ROA not after: Fri 26 Dec 2025 09:28:12 +0000
asID: 29802
IP address blocks: 2a13:9500:1c::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:05:fc:6e:d9:e4:7b:7b:6f:af:23:3b:c1:8a:4b:72:dd:99:e8:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:12 2024 GMT
Not After : Dec 26 09:28:12 2025 GMT
Subject: CN=DA5DC76CAA0BBF1BD5CD6AB72ED4123F19FEB70F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:d5:e9:6a:e6:6f:f5:cf:f9:4a:0f:21:83:94:
c2:81:8f:4e:6b:75:05:65:d4:88:2d:74:f0:2a:a6:
f0:3d:11:3c:19:fb:0a:b9:fd:ec:c6:f8:8d:fe:f1:
a1:f2:3f:45:c4:d8:ac:1e:26:07:97:5b:c8:d2:70:
7c:f5:94:53:1e:d8:d7:40:66:b6:43:0d:26:65:b1:
21:d0:a8:6c:b4:00:2c:0d:49:90:34:fa:58:9a:e5:
8d:91:41:73:5e:af:f6:01:cf:35:84:39:0c:e9:81:
df:ef:8e:ef:b0:b4:40:18:80:7f:32:99:3e:6a:0e:
d5:56:26:a3:03:cb:95:a5:0b:57:e7:6f:49:93:cb:
49:b0:d4:a6:ba:31:f7:d7:f2:08:de:12:a3:4a:23:
07:3b:a8:c0:bd:47:af:14:22:a3:0b:6a:90:3a:fd:
82:41:32:42:92:a1:7c:ca:85:f9:38:c1:95:18:61:
f2:4b:39:0e:bb:03:5e:4c:47:56:26:2c:ef:28:23:
bb:e0:a8:51:27:71:6a:dc:e1:6c:ab:68:9b:ac:d0:
16:a9:95:3a:41:35:7f:93:5c:dc:7b:cf:b4:6f:cc:
de:13:30:04:79:5a:8e:1f:c1:10:80:d7:92:4d:26:
bf:10:0e:4c:71:1a:f4:dc:71:e2:8d:de:ea:22:c3:
31:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5D:C7:6C:AA:0B:BF:1B:D5:CD:6A:B7:2E:D4:12:3F:19:FE:B7:0F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31633a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1c::/48
Signature Algorithm: sha256WithRSAEncryption
44:90:6d:5c:05:b8:84:c4:3b:9f:a3:81:d2:ad:94:31:a8:ad:
e1:c7:55:55:5a:74:80:59:5b:22:eb:6a:a8:eb:f6:55:db:97:
b3:11:eb:e1:2c:7f:e5:5a:a0:6d:da:9a:56:35:a6:af:a9:c2:
c4:14:3c:6a:47:95:a5:7d:b3:2a:a7:26:2b:ec:9e:9a:0e:fa:
04:c3:f9:9b:ff:d2:db:ed:41:54:ca:cf:54:a2:b7:bb:61:85:
51:0d:23:2e:2f:d3:07:4f:ec:86:5d:c7:6a:61:58:f7:6b:54:
c3:d4:b7:bb:06:4e:f8:2c:64:c8:32:4d:32:52:5b:0d:ca:c6:
c4:c9:5e:99:a4:64:26:e4:84:40:2f:49:c0:08:14:3a:f1:84:
0a:1c:ce:3e:02:bf:3f:f6:50:58:7c:d4:67:2a:04:3f:7c:a5:
56:b3:35:a6:63:44:de:87:09:b4:7f:73:26:ff:15:1a:26:d9:
49:69:82:cf:c1:0b:b3:a5:49:d9:73:c7:94:20:60:bd:d0:e0:
db:c1:ab:f3:08:f0:6a:c7:10:1f:29:23:b6:21:39:a2:7a:5c:
44:e2:d9:5c:b6:02:6d:bd:07:6e:84:8b:27:fc:be:e7:a9:c4:
3e:97:ad:46:bb:95:57:8e:af:10:a1:1d:2a:27:18:9e:aa:ab:
94:a6:7e:4b
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUIwX8btnke3tvryM7wYpLct2Z6OMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTJaFw0yNTEyMjYwOTI4MTJaMDMxMTAvBgNV
BAMTKERBNURDNzZDQUEwQkJGMUJENUNENkFCNzJFRDQxMjNGMTlGRUI3MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa1elq5m/1z/lKDyGDlMKBj05r
dQVl1IgtdPAqpvA9ETwZ+wq5/ezG+I3+8aHyP0XE2KweJgeXW8jScHz1lFMe2NdA
ZrZDDSZlsSHQqGy0ACwNSZA0+lia5Y2RQXNer/YBzzWEOQzpgd/vju+wtEAYgH8y
mT5qDtVWJqMDy5WlC1fnb0mTy0mw1Ka6MffX8gjeEqNKIwc7qMC9R68UIqMLapA6
/YJBMkKSoXzKhfk4wZUYYfJLOQ67A15MR1YmLO8oI7vgqFEncWrc4WyraJus0Bap
lTpBNX+TXNx7z7RvzN4TMAR5Wo4fwRCA15JNJr8QDkxxGvTcceKN3uoiwzE1AgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQU2l3HbKoLvxvVzWq3LtQSPxn+tw8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTYzM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAHDANBgkqhkiG9w0BAQsFAAOCAQEARJBtXAW4hMQ7n6OB0q2UMait
4cdVVVp0gFlbIutqqOv2VduXsxHr4Sx/5VqgbdqaVjWmr6nCxBQ8akeVpX2zKqcm
K+yemg76BMP5m//S2+1BVMrPVKK3u2GFUQ0jLi/TB0/shl3HamFY92tUw9S3uwZO
+CxkyDJNMlJbDcrGxMlemaRkJuSEQC9JwAgUOvGEChzOPgK/P/ZQWHzUZyoEP3yl
VrM1pmNE3ocJtH9zJv8VGibZSWmCz8ELs6VJ2XPHlCBgvdDg28Gr8wjwascQHykj
tiE5onpcROLZXLYCbb0HboSLJ/y+56nEPpetRruVV46vEKEdKicYnqqrlKZ+Sw==
-----END CERTIFICATE-----
Generated at Tue May 6 19:31:21 2025 by rpki-client