Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
File: 326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa (raw, json)
Hash identifier: s7URNEaQ1lY9Zz+c1N0aLzcCHxkX+RGZPURCUdBGp7E=
Subject key identifier: 05:DB:DD:F9:49:25:33:67:B9:A0:B5:45:51:76:77:9F:1C:6E:F0:86
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3C609382FBFC3348676F6A46736BA84C7CFC8D09
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
Signing time: Fri 27 Dec 2024 09:28:12 +0000
ROA not before: Fri 27 Dec 2024 09:23:12 +0000
ROA not after: Fri 26 Dec 2025 09:28:12 +0000
asID: 396356
IP address blocks: 2a13:9500:1e::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:60:93:82:fb:fc:33:48:67:6f:6a:46:73:6b:a8:4c:7c:fc:8d:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:12 2024 GMT
Not After : Dec 26 09:28:12 2025 GMT
Subject: CN=05DBDDF949253367B9A0B5455176779F1C6EF086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:9d:d4:85:0e:a1:81:aa:6a:50:b6:25:fe:fb:
2f:41:99:ed:ae:1c:a1:03:7e:6e:48:8b:68:76:65:
fe:38:74:59:72:14:d2:c1:46:3d:23:3d:04:b5:a0:
90:ef:98:41:4c:f4:85:0f:46:3d:a3:eb:8a:7f:ab:
be:0f:3e:98:a5:bb:a3:57:16:67:82:64:ee:cd:a6:
7e:3c:c6:ee:a6:3e:27:25:90:03:5b:70:7b:6a:0a:
d8:77:29:7c:76:60:b1:2e:e0:d1:b2:69:1e:0b:13:
be:e3:65:d4:9a:30:e3:ba:ab:1c:f2:1c:d8:3f:95:
4f:1c:8d:d8:6e:bf:2c:76:2b:90:1c:53:be:89:48:
7c:7a:9e:72:77:ae:ca:99:e7:fd:96:45:58:ba:38:
fa:e5:15:6e:5c:bb:45:be:e4:97:36:14:3e:db:62:
00:64:1e:b5:00:27:a0:0c:93:f5:af:5d:2a:78:96:
e7:f4:b5:25:6a:4a:e3:fe:ea:b3:05:8b:7d:31:dd:
61:8d:46:c4:b7:c3:e9:2d:b0:4f:a6:05:f5:2c:5e:
ec:64:5a:89:06:45:19:ef:5d:ce:0b:ad:e7:d7:2e:
97:11:c0:2f:7a:30:32:58:3d:a4:4a:e0:36:d3:9a:
23:e5:f3:03:43:5c:6d:52:e4:dc:94:f5:17:70:83:
9e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DB:DD:F9:49:25:33:67:B9:A0:B5:45:51:76:77:9F:1C:6E:F0:86
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31653a3a2f34382d3438203d3e20333936333536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1e::/48
Signature Algorithm: sha256WithRSAEncryption
99:3e:0d:5d:12:24:08:fc:5d:4c:80:1e:30:62:f5:78:e7:e2:
2d:e5:99:b0:14:af:2d:58:4c:1e:7b:e0:f6:61:da:3f:de:53:
96:65:a2:d0:a2:96:48:bf:0b:8e:dd:f0:99:a8:13:f0:55:31:
a9:7d:ed:f4:10:c5:5e:cc:1f:2a:ae:53:32:05:85:8c:6a:ff:
9c:98:73:2a:60:6b:6f:af:8b:6f:eb:cf:28:48:c9:c3:de:53:
43:7a:58:c4:9e:e2:5a:2d:b1:0d:ab:1d:36:d5:75:c6:6b:c7:
cc:fb:7e:8e:41:95:4e:7f:b8:ae:76:82:21:03:9f:d2:87:bb:
84:b2:4e:9e:7b:c3:3b:54:3c:05:38:86:1b:91:67:b5:08:d4:
49:a3:09:7c:89:89:12:66:ab:19:5f:82:b0:02:86:a0:d3:77:
6b:5c:6a:3e:17:23:26:73:fa:02:cd:5c:70:68:89:72:9e:88:
f9:44:b9:bf:30:87:78:e4:f4:07:ca:ba:de:5c:fe:0c:b3:de:
29:c9:e8:70:d6:80:7a:d4:fd:f1:0d:65:7a:b1:a5:54:2d:e9:
4a:31:a5:37:d7:b3:4f:11:06:66:45:d1:11:7e:96:78:17:8c:
62:3a:3b:8f:64:13:1b:2e:1f:4a:49:dd:f4:7e:75:a4:cb:da:
d4:11:e7:63
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIUPGCTgvv8M0hnb2pGc2uoTHz8jQkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTJaFw0yNTEyMjYwOTI4MTJaMDMxMTAvBgNV
BAMTKDA1REJEREY5NDkyNTMzNjdCOUEwQjU0NTUxNzY3NzlGMUM2RUYwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlndSFDqGBqmpQtiX++y9Bme2u
HKEDfm5Ii2h2Zf44dFlyFNLBRj0jPQS1oJDvmEFM9IUPRj2j64p/q74PPpilu6NX
FmeCZO7Npn48xu6mPiclkANbcHtqCth3KXx2YLEu4NGyaR4LE77jZdSaMOO6qxzy
HNg/lU8cjdhuvyx2K5AcU76JSHx6nnJ3rsqZ5/2WRVi6OPrlFW5cu0W+5Jc2FD7b
YgBkHrUAJ6AMk/WvXSp4luf0tSVqSuP+6rMFi30x3WGNRsS3w+ktsE+mBfUsXuxk
WokGRRnvXc4LrefXLpcRwC96MDJYPaRK4DbTmiPl8wNDXG1S5NyU9Rdwg57VAgMB
AAGjggJGMIICQjAdBgNVHQ4EFgQUBdvd+UklM2e5oLVFUXZ3nxxu8IYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTY1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzMzOTM2MzMzNTM2LnJvYTAY
BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA
AjAJAwcAKhOVAAAeMA0GCSqGSIb3DQEBCwUAA4IBAQCZPg1dEiQI/F1MgB4wYvV4
5+It5ZmwFK8tWEwee+D2Ydo/3lOWZaLQopZIvwuO3fCZqBPwVTGpfe30EMVezB8q
rlMyBYWMav+cmHMqYGtvr4tv688oSMnD3lNDeljEnuJaLbENqx021XXGa8fM+36O
QZVOf7iudoIhA5/Sh7uEsk6ee8M7VDwFOIYbkWe1CNRJowl8iYkSZqsZX4KwAoag
03drXGo+FyMmc/oCzVxwaIlynoj5RLm/MId45PQHyrreXP4Ms94pyehw1oB61P3x
DWV6saVULelKMaU317NPEQZmRdERfpZ4F4xiOjuPZBMbLh9KSd30fnWky9rUEedj
-----END CERTIFICATE-----
Generated at Tue May 6 17:27:52 2025 by rpki-client