Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31663a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a31663a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: /M61dLRru+srwkXanTgzcng5fUP5lVUgEgVXkK5t+Ds=
Subject key identifier: B8:3C:CC:3F:C0:F0:37:04:A2:3B:CC:7E:23:DF:69:47:0D:EF:E6:64
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 714851B2F0EB9231A6021850C3526AB970B14B12
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31663a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:19 +0000
ROA not before: Fri 27 Dec 2024 09:23:19 +0000
ROA not after: Fri 26 Dec 2025 09:28:19 +0000
asID: 29802
IP address blocks: 2a13:9500:1f::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:48:51:b2:f0:eb:92:31:a6:02:18:50:c3:52:6a:b9:70:b1:4b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:19 2024 GMT
Not After : Dec 26 09:28:19 2025 GMT
Subject: CN=B83CCC3FC0F03704A23BCC7E23DF69470DEFE664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:a8:ed:7c:30:12:d9:8f:85:d5:fb:0c:35:
70:2e:65:6e:21:8e:fc:12:91:fd:78:db:f8:e2:86:
5a:0a:7f:4c:21:41:e4:20:69:ff:b9:ea:5a:4a:6f:
d5:d6:f7:16:d5:fd:dd:fe:f0:71:63:be:af:92:80:
02:eb:e4:30:68:07:a4:f1:c8:08:f0:e8:f5:54:d7:
8c:2b:57:00:2d:48:42:31:6f:eb:09:52:d4:de:6f:
19:b0:9a:d8:1b:9f:8e:ca:3b:d9:83:33:09:16:26:
b9:b6:89:ee:47:a6:a2:21:59:0a:f1:e2:28:5f:d6:
0d:80:6f:13:6f:3d:5e:9a:41:21:46:46:6f:b7:3a:
be:2e:15:20:24:7e:e4:a5:42:c6:11:eb:c0:9d:e9:
af:84:b1:ec:f5:27:b9:da:e8:df:ef:97:da:e2:43:
70:1d:f4:0c:4f:2a:03:ce:5a:c7:04:f8:70:0b:0c:
0c:b3:0e:8e:b5:c5:34:85:ab:ed:09:f1:04:14:69:
0a:a0:ee:f3:93:cc:d1:0b:98:e5:c4:88:54:33:d3:
e3:fc:7b:1d:d6:bc:ea:e0:32:0c:6b:d6:59:98:96:
cd:14:05:de:f1:ee:3b:e5:a2:d3:cb:b9:2c:d6:8b:
b9:e4:5b:69:55:26:da:04:ad:b5:3c:87:bd:ca:c3:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3C:CC:3F:C0:F0:37:04:A2:3B:CC:7E:23:DF:69:47:0D:EF:E6:64
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31663a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1f::/48
Signature Algorithm: sha256WithRSAEncryption
9c:c5:f2:b2:d5:3f:7e:f4:f0:00:21:dd:4f:32:44:ab:10:8a:
19:7f:f9:9b:3a:43:12:32:97:05:dc:b7:33:88:3c:75:59:ef:
5c:98:a8:5a:99:92:f6:48:c0:d5:cf:d8:f9:88:69:c5:75:02:
04:a4:f2:be:c0:37:f7:94:a4:87:ac:dc:d1:82:76:0c:7a:fb:
33:f1:f4:c4:c9:b4:c7:06:68:48:bf:86:b1:b5:53:fd:b1:5d:
a7:2f:9a:bc:ea:86:cb:ec:24:4d:4d:8e:f5:17:7c:d2:67:ed:
63:1c:5f:3e:cc:c6:60:95:7f:6c:36:38:2f:a2:ed:9b:7b:94:
5e:56:1b:da:0f:36:91:99:20:a0:8a:f6:1e:3e:5c:62:57:38:
38:20:50:3e:8c:4b:4b:43:12:26:a1:73:e6:4c:5d:f6:74:54:
cb:2e:75:c6:ac:7b:e3:8a:19:d9:b1:47:5b:e4:cd:35:61:34:
99:ff:be:87:8d:c2:5c:ab:68:e4:18:98:9c:4f:93:6f:45:cc:
03:6a:34:09:16:b5:e2:7a:ea:8b:3f:77:f8:3f:bc:75:9e:16:
11:56:0c:58:a3:24:06:46:cc:38:20:45:cb:3e:2e:56:0f:28:
f5:9f:1f:88:12:96:a6:49:5d:a1:19:bd:5c:33:3b:14:f2:e2:
15:3b:50:e0
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUcUhRsvDrkjGmAhhQw1JquXCxSxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTlaFw0yNTEyMjYwOTI4MTlaMDMxMTAvBgNV
BAMTKEI4M0NDQzNGQzBGMDM3MDRBMjNCQ0M3RTIzREY2OTQ3MERFRkU2NjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZu6jtfDAS2Y+F1fsMNXAuZW4h
jvwSkf142/jihloKf0whQeQgaf+56lpKb9XW9xbV/d3+8HFjvq+SgALr5DBoB6Tx
yAjw6PVU14wrVwAtSEIxb+sJUtTebxmwmtgbn47KO9mDMwkWJrm2ie5HpqIhWQrx
4ihf1g2AbxNvPV6aQSFGRm+3Or4uFSAkfuSlQsYR68Cd6a+Esez1J7na6N/vl9ri
Q3Ad9AxPKgPOWscE+HALDAyzDo61xTSFq+0J8QQUaQqg7vOTzNELmOXEiFQz0+P8
ex3WvOrgMgxr1lmYls0UBd7x7jvlotPLuSzWi7nkW2lVJtoErbU8h73Kw/sfAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUuDzMP8DwNwSiO8x+I99pRw3v5mQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIzOTM4MzAzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAHzANBgkqhkiG9w0BAQsFAAOCAQEAnMXystU/fvTwACHdTzJEqxCK
GX/5mzpDEjKXBdy3M4g8dVnvXJioWpmS9kjA1c/Y+YhpxXUCBKTyvsA395Skh6zc
0YJ2DHr7M/H0xMm0xwZoSL+GsbVT/bFdpy+avOqGy+wkTU2O9Rd80mftYxxfPszG
YJV/bDY4L6Ltm3uUXlYb2g82kZkgoIr2Hj5cYlc4OCBQPoxLS0MSJqFz5kxd9nRU
yy51xqx744oZ2bFHW+TNNWE0mf++h43CXKto5BiYnE+Tb0XMA2o0CRa14nrqiz93
+D+8dZ4WEVYMWKMkBkbMOCBFyz4uVg8o9Z8fiBKWpkldoRm9XDM7FPLiFTtQ4A==
-----END CERTIFICATE-----
Generated at Wed May 7 17:35:34 2025 by rpki-client