Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: Nli8jWRcuBSnuDB7eXN+JOdE4KNc3VCVPf29uEzntPM=
Subject key identifier: 38:6A:9C:EA:F1:55:F6:41:CA:3B:E6:35:F3:A2:D3:3D:81:3E:E6:25
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0AE276267AFB5FE9BE034F9D1C467407AF2E2B9C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:16 +0000
ROA not before: Fri 27 Dec 2024 09:23:16 +0000
ROA not after: Fri 26 Dec 2025 09:28:16 +0000
asID: 9009
IP address blocks: 2a13:9500:2a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:e2:76:26:7a:fb:5f:e9:be:03:4f:9d:1c:46:74:07:af:2e:2b:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:16 2024 GMT
Not After : Dec 26 09:28:16 2025 GMT
Subject: CN=386A9CEAF155F641CA3BE635F3A2D33D813EE625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9b:34:43:d7:30:ab:f6:66:2b:53:03:e0:0f:
fb:c4:87:db:35:de:6e:aa:cf:93:c6:30:a0:34:c5:
7b:31:f4:40:47:0a:68:e7:04:b7:d5:a2:d4:4d:57:
a0:71:94:1b:bd:9f:c2:16:4c:00:9c:26:fa:5e:cb:
35:d0:bf:f4:a9:e8:a2:7e:82:0c:37:82:88:5a:96:
c6:b0:ff:1c:c2:e5:cc:f8:86:0d:68:a9:50:5b:06:
3a:17:8e:20:8d:2d:5e:ca:a8:92:8f:03:cd:34:35:
b8:30:7b:ac:85:2e:f4:d8:ae:0e:01:d3:1d:6b:0d:
43:d4:6c:3c:f1:a9:3a:2a:70:84:a7:a7:7d:cc:a3:
84:1f:d8:56:0b:ad:f0:fc:76:3c:03:cb:5f:a9:70:
d8:be:4f:56:61:9f:ba:b8:a9:f4:b8:3a:ce:31:02:
56:37:2d:7e:48:db:ac:55:97:15:c3:dd:a3:5a:a6:
ae:54:4a:97:80:0e:f2:3d:84:10:a3:99:3a:88:ff:
e6:34:67:60:ef:2c:c0:16:a1:c8:78:49:e3:a9:03:
58:98:38:36:8a:dc:72:48:4a:22:2e:a6:b9:c0:4c:
35:08:2e:25:75:65:a1:fd:98:f9:9f:70:53:30:d2:
47:0d:04:46:b2:28:6a:c8:00:c3:59:a6:29:d9:12:
87:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6A:9C:EA:F1:55:F6:41:CA:3B:E6:35:F3:A2:D3:3D:81:3E:E6:25
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32613a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2a::/48
Signature Algorithm: sha256WithRSAEncryption
3e:cf:54:09:d5:92:88:90:b3:5c:82:cb:45:b1:c1:e7:49:06:
a2:ba:07:26:fd:f7:cc:c2:c8:07:89:8b:ee:ba:2a:67:de:15:
51:a4:fe:bf:ff:3b:64:70:04:63:8c:6e:2d:35:fd:b7:12:13:
d8:30:fd:3f:71:11:f4:bb:ee:5b:28:45:7e:0b:3c:37:d7:d5:
73:54:f2:41:20:f6:20:ad:27:bc:92:de:6e:10:87:70:34:04:
6c:76:06:82:25:94:16:44:c7:e3:6d:c7:74:19:d2:c4:8a:ca:
6d:1a:8d:b8:75:95:a9:8c:0b:54:37:d9:b3:a4:e2:df:35:d5:
8f:f4:f6:31:44:9a:12:26:ea:33:91:97:d2:f6:d6:8a:f0:f9:
21:60:63:c1:57:28:68:90:16:56:4b:7b:b9:1f:b3:07:ad:f3:
c3:f5:f1:0f:36:59:5c:39:95:88:9b:95:ea:b5:25:03:e9:5d:
93:7f:a6:00:4a:35:63:02:03:80:23:08:10:dc:55:bb:cb:49:
f1:a2:7f:62:0a:aa:19:cf:2c:98:3e:0a:87:85:c1:0e:43:7a:
a1:07:e3:01:e2:b9:32:56:f9:fa:71:30:8c:fb:0f:f1:2e:ea:
8c:5a:2b:b1:83:ab:8b:78:8b:3b:fc:54:c2:7f:04:10:c3:44:
af:6d:1b:c0
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUCuJ2Jnr7X+m+A0+dHEZ0B68uK5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTZaFw0yNTEyMjYwOTI4MTZaMDMxMTAvBgNV
BAMTKDM4NkE5Q0VBRjE1NUY2NDFDQTNCRTYzNUYzQTJEMzNEODEzRUU2MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6mzRD1zCr9mYrUwPgD/vEh9s1
3m6qz5PGMKA0xXsx9EBHCmjnBLfVotRNV6BxlBu9n8IWTACcJvpeyzXQv/Sp6KJ+
ggw3gohalsaw/xzC5cz4hg1oqVBbBjoXjiCNLV7KqJKPA800Nbgwe6yFLvTYrg4B
0x1rDUPUbDzxqToqcISnp33Mo4Qf2FYLrfD8djwDy1+pcNi+T1Zhn7q4qfS4Os4x
AlY3LX5I26xVlxXD3aNapq5USpeADvI9hBCjmTqI/+Y0Z2DvLMAWoch4SeOpA1iY
ODaK3HJISiIuprnATDUILiV1ZaH9mPmfcFMw0kcNBEayKGrIAMNZpinZEod5AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUOGqc6vFV9kHKO+Y186LTPYE+5iUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAACowDQYJKoZIhvcNAQELBQADggEBAD7PVAnVkoiQs1yCy0WxwedJBqK6
Byb998zCyAeJi+66KmfeFVGk/r//O2RwBGOMbi01/bcSE9gw/T9xEfS77lsoRX4L
PDfX1XNU8kEg9iCtJ7yS3m4Qh3A0BGx2BoIllBZEx+Ntx3QZ0sSKym0ajbh1lamM
C1Q32bOk4t811Y/09jFEmhIm6jORl9L21orw+SFgY8FXKGiQFlZLe7kfswet88P1
8Q82WVw5lYibleq1JQPpXZN/pgBKNWMCA4AjCBDcVbvLSfGif2IKqhnPLJg+CoeF
wQ5DeqEH4wHiuTJW+fpxMIz7D/Eu6oxaK7GDq4t4izv8VMJ/BBDDRK9tG8A=
-----END CERTIFICATE-----
Generated at Wed May 7 06:46:31 2025 by rpki-client