Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: QtX7DvRKHh1rczlsTFhXCsGKPBlq0sNShmn+P540YI8=
Subject key identifier: 8D:E8:DF:EB:8A:19:AC:65:2C:20:A6:91:FC:82:00:00:EE:A8:B7:B3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7CF86C98F05D8F7BF6B7BA9FCDCD059875447BB1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:15 +0000
ROA not before: Fri 27 Dec 2024 09:23:15 +0000
ROA not after: Fri 26 Dec 2025 09:28:15 +0000
asID: 9009
IP address blocks: 2a13:9500:2b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:f8:6c:98:f0:5d:8f:7b:f6:b7:ba:9f:cd:cd:05:98:75:44:7b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:15 2024 GMT
Not After : Dec 26 09:28:15 2025 GMT
Subject: CN=8DE8DFEB8A19AC652C20A691FC820000EEA8B7B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8e:93:06:cc:02:8f:32:d0:a4:c3:e0:0f:80:
04:f7:9c:73:34:2c:49:54:15:9f:57:86:c9:62:61:
68:2c:fb:1c:36:34:8e:1b:07:84:22:4e:33:96:b6:
05:6d:66:4a:32:2c:1f:81:19:8d:61:2a:a4:e8:77:
1a:cd:ea:80:d4:f2:9f:7c:b5:ba:47:31:ab:3c:48:
51:ea:2b:b4:b8:7e:08:78:42:c7:d7:fb:c8:ee:13:
dc:05:4e:dd:35:f4:a8:b0:35:88:b0:df:a4:b1:30:
9d:2f:43:09:cb:37:01:78:2c:99:f5:69:0f:0e:1f:
d7:f9:6f:79:2f:de:e4:fd:66:2d:d8:bd:26:86:e7:
14:1d:28:f0:0b:99:7d:a2:cb:35:e4:4a:6b:3e:00:
f3:2b:17:00:8b:5a:19:93:95:c4:f8:dc:63:65:36:
02:a6:2c:32:9b:fb:14:28:b9:da:80:e4:f7:df:e2:
56:03:c5:16:87:8b:43:b3:cf:91:5a:46:69:d8:bb:
a9:af:73:50:98:18:9e:12:96:67:9d:62:f9:0a:6e:
47:30:a8:16:81:8d:88:79:7a:6b:70:61:1c:99:71:
a3:3c:8e:9c:3a:8c:48:cd:e1:d0:2c:16:56:bf:fe:
1a:d8:24:ad:64:e1:43:7c:18:08:8e:fd:8a:93:08:
cb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:E8:DF:EB:8A:19:AC:65:2C:20:A6:91:FC:82:00:00:EE:A8:B7:B3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a32623a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:2b::/48
Signature Algorithm: sha256WithRSAEncryption
9b:db:8c:bc:3f:5e:0e:5f:bc:27:52:89:73:93:f0:d1:3f:82:
e7:15:f3:42:de:68:f2:70:a2:a1:68:78:32:de:2f:bf:e8:48:
b7:a6:85:54:12:41:0c:04:d9:35:d7:f0:e9:d8:d9:a7:41:a0:
97:cb:4a:c3:8f:83:21:2e:2f:ef:d7:54:21:a5:59:71:94:5e:
c5:89:c5:df:9f:73:e7:b8:18:d6:98:a5:33:30:ca:ad:04:6a:
6d:81:d7:76:c6:16:17:5c:0c:a0:b3:23:70:67:e6:0f:21:b9:
1a:0f:bf:0d:cc:4f:d2:85:05:7f:7a:1c:55:8a:a3:89:dd:c0:
70:66:8d:03:50:fa:61:ed:60:b0:0f:a1:f7:c5:05:70:93:33:
64:1b:dd:de:23:8f:10:78:63:4c:0e:54:dc:67:ae:ea:8e:da:
49:dc:95:c1:74:d3:74:98:5e:53:29:4d:32:7c:91:95:9a:8c:
9b:7a:42:7e:ac:8f:72:61:d2:04:95:24:ad:05:f0:dd:ba:0d:
0a:7a:6f:06:05:7c:59:7a:bc:d1:a7:77:8e:a5:7a:7b:ee:53:
94:a8:e3:e9:27:90:00:42:f0:1d:ec:55:10:04:21:0b:71:75:
19:89:08:5a:24:af:0e:1f:29:0e:07:7d:96:da:6b:a9:c0:9b:
12:a1:0f:2c
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUfPhsmPBdj3v2t7qfzc0FmHVEe7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTVaFw0yNTEyMjYwOTI4MTVaMDMxMTAvBgNV
BAMTKDhERThERkVCOEExOUFDNjUyQzIwQTY5MUZDODIwMDAwRUVBOEI3QjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPjpMGzAKPMtCkw+APgAT3nHM0
LElUFZ9XhsliYWgs+xw2NI4bB4QiTjOWtgVtZkoyLB+BGY1hKqTodxrN6oDU8p98
tbpHMas8SFHqK7S4fgh4QsfX+8juE9wFTt019KiwNYiw36SxMJ0vQwnLNwF4LJn1
aQ8OH9f5b3kv3uT9Zi3YvSaG5xQdKPALmX2iyzXkSms+APMrFwCLWhmTlcT43GNl
NgKmLDKb+xQoudqA5Pff4lYDxRaHi0Ozz5FaRmnYu6mvc1CYGJ4SlmedYvkKbkcw
qBaBjYh5emtwYRyZcaM8jpw6jEjN4dAsFla//hrYJK1k4UN8GAiO/YqTCMuRAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUjejf64oZrGUsIKaR/IIAAO6ot7MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMjYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAACswDQYJKoZIhvcNAQELBQADggEBAJvbjLw/Xg5fvCdSiXOT8NE/gucV
80LeaPJwoqFoeDLeL7/oSLemhVQSQQwE2TXX8OnY2adBoJfLSsOPgyEuL+/XVCGl
WXGUXsWJxd+fc+e4GNaYpTMwyq0Eam2B13bGFhdcDKCzI3Bn5g8huRoPvw3MT9KF
BX96HFWKo4ndwHBmjQNQ+mHtYLAPoffFBXCTM2Qb3d4jjxB4Y0wOVNxnruqO2knc
lcF003SYXlMpTTJ8kZWajJt6Qn6sj3Jh0gSVJK0F8N26DQp6bwYFfFl6vNGnd46l
envuU5So4+knkABC8B3sVRAEIQtxdRmJCFokrw4fKQ4HfZbaa6nAmxKhDyw=
-----END CERTIFICATE-----
Generated at Wed May 7 12:20:30 2025 by rpki-client