Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
File: 326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa (raw, json)
Hash identifier: F0MgzYyYlW+d8Bwg1Ltkmd9voTcrynnFw1vJ5DdnYLs=
Subject key identifier: 6E:8A:F7:0E:61:37:95:31:C7:59:48:9D:09:E1:50:2C:3A:63:A2:7F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 64D970B8F9534C19306C9C0A4ABED59F741001EC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
Signing time: Fri 27 Dec 2024 09:28:19 +0000
ROA not before: Fri 27 Dec 2024 09:23:19 +0000
ROA not after: Fri 26 Dec 2025 09:28:19 +0000
asID: 13213
IP address blocks: 2a13:9500:28::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:d9:70:b8:f9:53:4c:19:30:6c:9c:0a:4a:be:d5:9f:74:10:01:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:19 2024 GMT
Not After : Dec 26 09:28:19 2025 GMT
Subject: CN=6E8AF70E61379531C759489D09E1502C3A63A27F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e5:8c:f9:38:3a:9e:ab:67:aa:33:6e:ca:b3:
98:95:90:33:3c:79:cd:84:2c:06:8b:44:5c:11:45:
d5:4f:51:c6:d3:af:91:5e:4f:7a:1e:d2:af:f8:b3:
ff:b0:ec:85:02:98:7b:c6:55:5d:d4:8d:04:bc:fe:
92:07:dd:e9:af:7d:f2:e0:b3:99:af:67:16:4f:36:
f5:48:0b:f5:ec:0f:0b:1f:69:b7:46:03:be:3a:1c:
c4:e4:85:a7:5b:d8:de:58:da:0f:d6:4e:da:66:b0:
b4:b9:67:e5:95:42:f3:37:80:45:ff:51:e8:06:30:
d1:e6:0a:d2:db:38:b1:2d:c4:2b:dd:e4:37:59:d3:
8f:6a:3c:44:1d:62:f1:39:03:77:0c:c8:5c:e8:bc:
6a:8d:24:bd:b9:3f:21:ef:e6:2b:2f:55:e0:42:69:
8c:e3:63:fb:5b:31:e6:8c:f2:1f:9b:c0:9b:c7:84:
6f:86:15:0d:90:65:14:ea:a6:fa:4d:d3:38:99:a8:
e8:4f:df:a5:2a:e8:5b:b8:34:c6:df:6b:48:98:13:
0f:e8:8c:0c:df:c7:88:ff:79:5b:61:90:3d:7f:b9:
7e:80:56:4f:dc:8e:a4:fc:f7:46:29:a4:30:c2:2d:
a5:f5:b7:87:ef:d6:79:7c:ad:37:12:b6:bd:db:2b:
11:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8A:F7:0E:61:37:95:31:C7:59:48:9D:09:E1:50:2C:3A:63:A2:7F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32383a3a2f34382d3438203d3e203133323133.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:28::/48
Signature Algorithm: sha256WithRSAEncryption
71:91:cf:93:5d:a3:f8:4f:95:2a:88:61:ea:58:0b:8f:af:91:
2d:19:d1:b8:e2:cb:cc:81:62:2c:27:a4:47:8c:c4:2f:ab:63:
d8:c7:6b:b4:c4:08:a6:bb:af:2e:9b:1f:d3:e8:bb:32:e5:8b:
dd:72:7f:8c:e0:fb:bd:b2:d5:5e:a3:2c:f0:2c:6b:56:2c:be:
f8:10:3e:5b:d5:1a:68:65:13:05:5f:b5:d0:91:db:df:c1:d0:
c5:71:bd:45:0a:c9:d4:08:88:e0:04:02:65:3d:21:a0:28:9a:
99:08:37:04:56:ca:a8:70:12:e2:82:37:d0:e8:aa:76:06:5d:
ca:45:6a:ef:19:87:ac:0e:83:19:a3:94:ee:79:af:40:8d:be:
d1:ec:23:6b:de:a6:ad:7b:01:8f:f3:84:45:40:6d:e1:15:c7:
ba:81:57:b7:db:12:f1:6a:d6:e2:c4:93:d2:d6:90:bd:9b:21:
32:c4:00:58:06:cb:79:0a:b5:ba:2a:3e:c8:a1:73:d9:c9:89:
d8:46:6e:4b:6e:eb:d8:3a:36:83:d4:0f:67:59:2a:48:c6:8c:
cd:46:d4:c4:ff:94:27:26:87:cb:80:bf:ed:fe:fa:25:39:ae:
7d:6a:37:00:d1:b9:ea:be:0c:f6:6f:91:6b:ea:6e:d9:9e:6c:
01:87:da:e7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUZNlwuPlTTBkwbJwKSr7Vn3QQAewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTlaFw0yNTEyMjYwOTI4MTlaMDMxMTAvBgNV
BAMTKDZFOEFGNzBFNjEzNzk1MzFDNzU5NDg5RDA5RTE1MDJDM0E2M0EyN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU5Yz5ODqeq2eqM27Ks5iVkDM8
ec2ELAaLRFwRRdVPUcbTr5FeT3oe0q/4s/+w7IUCmHvGVV3UjQS8/pIH3emvffLg
s5mvZxZPNvVIC/XsDwsfabdGA746HMTkhadb2N5Y2g/WTtpmsLS5Z+WVQvM3gEX/
UegGMNHmCtLbOLEtxCvd5DdZ049qPEQdYvE5A3cMyFzovGqNJL25PyHv5isvVeBC
aYzjY/tbMeaM8h+bwJvHhG+GFQ2QZRTqpvpN0ziZqOhP36Uq6Fu4NMbfa0iYEw/o
jAzfx4j/eVthkD1/uX6AVk/cjqT890YppDDCLaX1t4fv1nl8rTcStr3bKxGvAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUbor3DmE3lTHHWUidCeFQLDpjon8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMyMzEzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIw
CQMHACoTlQAAKDANBgkqhkiG9w0BAQsFAAOCAQEAcZHPk12j+E+VKohh6lgLj6+R
LRnRuOLLzIFiLCekR4zEL6tj2MdrtMQIpruvLpsf0+i7MuWL3XJ/jOD7vbLVXqMs
8CxrViy++BA+W9UaaGUTBV+10JHb38HQxXG9RQrJ1AiI4AQCZT0hoCiamQg3BFbK
qHAS4oI30OiqdgZdykVq7xmHrA6DGaOU7nmvQI2+0ewja96mrXsBj/OERUBt4RXH
uoFXt9sS8WrW4sST0taQvZshMsQAWAbLeQq1uio+yKFz2cmJ2EZuS27r2Do2g9QP
Z1kqSMaMzUbUxP+UJyaHy4C/7f76JTmufWo3ANG56r4M9m+Ra+pu2Z5sAYfa5w==
-----END CERTIFICATE-----
Generated at Wed May 7 02:25:34 2025 by rpki-client