Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: wAdANOpSuDWkxQrGRYHCQ8jVOKbyl5gnwnnvDdpt/Ww=
Subject key identifier: BA:59:2E:DC:FD:CE:2B:E6:84:C3:53:42:98:91:EA:0B:58:1A:E5:1D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5EBBFD29195B8BCB445833CB020A7B2E18FA9069
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:20 +0000
ROA not before: Fri 27 Dec 2024 09:23:20 +0000
ROA not after: Fri 26 Dec 2025 09:28:20 +0000
asID: 29802
IP address blocks: 2a13:9500:3::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bb:fd:29:19:5b:8b:cb:44:58:33:cb:02:0a:7b:2e:18:fa:90:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:20 2024 GMT
Not After : Dec 26 09:28:20 2025 GMT
Subject: CN=BA592EDCFDCE2BE684C353429891EA0B581AE51D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:74:fc:53:7b:19:0c:69:0e:c2:f6:7e:83:62:
ab:e9:95:52:1e:f8:41:68:f1:83:92:dd:87:c1:29:
48:54:54:db:a5:fc:6f:0f:d5:72:2b:73:8b:d8:f7:
09:d6:5f:7f:b9:f6:09:51:fc:51:cd:91:f6:6a:41:
c7:dd:7b:cb:c3:f9:9f:ef:b6:4b:1b:0e:8c:a3:fb:
a9:b4:3d:6a:5f:f9:d5:b4:a8:2d:1d:2a:23:c5:33:
65:3b:4d:ad:cf:9a:f9:06:a5:0f:6a:f0:37:3d:9b:
da:4f:71:25:b5:fb:92:b2:ff:17:69:00:4d:47:cb:
40:80:13:92:23:60:0f:d8:0e:b5:4c:c6:45:0c:5a:
ca:dc:d5:2a:7a:c7:bf:21:09:11:1f:43:b9:03:89:
88:b9:58:7e:1e:ac:d6:7b:15:f3:99:78:c8:bf:e5:
e6:80:de:35:3d:d5:cb:15:aa:23:8b:f0:28:fe:e6:
9a:a9:6a:47:a9:db:1a:ad:cd:74:0d:ad:3d:7d:98:
94:43:db:60:e4:77:a0:79:39:b7:bc:f8:b4:9e:09:
16:4d:35:89:f5:01:dc:da:cb:7c:9c:43:6f:93:98:
4b:ae:6c:67:db:37:ec:d4:d6:c3:35:a0:12:60:7a:
a3:e5:4c:94:2a:9f:dc:11:70:b8:03:ba:8d:71:ef:
ad:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:59:2E:DC:FD:CE:2B:E6:84:C3:53:42:98:91:EA:0B:58:1A:E5:1D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a333a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:3::/48
Signature Algorithm: sha256WithRSAEncryption
7b:2e:d8:ed:a3:44:6e:ae:01:08:39:75:be:b4:0e:d8:4e:0e:
b9:d8:31:2b:32:2f:03:b9:12:c8:2a:65:42:4d:58:e8:80:4c:
16:dd:c3:7a:e1:cf:aa:f6:be:94:c3:d4:31:e4:e6:e2:7b:c5:
bf:1e:d1:9a:0f:9b:05:57:de:a6:a7:4e:86:3d:3d:ad:1b:55:
fd:29:96:24:da:11:f6:e5:5f:24:9e:d6:1c:ef:2f:e6:5f:7b:
af:b1:a9:a6:8c:a1:8a:03:9c:64:ca:7f:86:c6:d1:40:7f:67:
58:af:d8:d5:a3:d1:7e:ea:cf:f4:a6:3c:e4:ea:46:b8:61:8f:
08:8f:af:d9:17:da:0f:28:10:40:fc:37:1a:0a:97:2b:a2:90:
af:71:6d:fd:98:d1:f9:71:31:61:65:c9:1b:92:98:0a:97:ce:
05:fc:3f:52:b2:f9:c6:c9:1e:c6:99:73:71:48:62:e5:42:8f:
0e:93:0c:56:79:ca:a2:ce:34:c0:1e:33:4e:74:a2:09:26:ee:
26:6b:dc:6b:1f:55:0c:2d:e1:21:11:1e:58:f5:0c:28:5d:6e:
53:2b:9e:77:03:0c:36:67:98:ad:ae:66:f0:31:11:f5:29:b6:
3f:5e:4c:54:6c:8c:a2:ef:0d:32:46:7f:79:ee:74:df:e6:f6:
18:fb:a2:e1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUXrv9KRlbi8tEWDPLAgp7Lhj6kGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMjBaFw0yNTEyMjYwOTI4MjBaMDMxMTAvBgNV
BAMTKEJBNTkyRURDRkRDRTJCRTY4NEMzNTM0Mjk4OTFFQTBCNTgxQUU1MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqdPxTexkMaQ7C9n6DYqvplVIe
+EFo8YOS3YfBKUhUVNul/G8P1XIrc4vY9wnWX3+59glR/FHNkfZqQcfde8vD+Z/v
tksbDoyj+6m0PWpf+dW0qC0dKiPFM2U7Ta3PmvkGpQ9q8Dc9m9pPcSW1+5Ky/xdp
AE1Hy0CAE5IjYA/YDrVMxkUMWsrc1Sp6x78hCREfQ7kDiYi5WH4erNZ7FfOZeMi/
5eaA3jU91csVqiOL8Cj+5pqpakep2xqtzXQNrT19mJRD22Dkd6B5Obe8+LSeCRZN
NYn1Adzay3ycQ2+TmEuubGfbN+zU1sM1oBJgeqPlTJQqn9wRcLgDuo1x760XAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUulku3P3OK+aEw1NCmJHqC1ga5R0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAMwDQYJKoZIhvcNAQELBQADggEBAHsu2O2jRG6uAQg5db60DthODrnY
MSsyLwO5EsgqZUJNWOiATBbdw3rhz6r2vpTD1DHk5uJ7xb8e0ZoPmwVX3qanToY9
Pa0bVf0pliTaEfblXySe1hzvL+Zfe6+xqaaMoYoDnGTKf4bG0UB/Z1iv2NWj0X7q
z/SmPOTqRrhhjwiPr9kX2g8oEED8NxoKlyuikK9xbf2Y0flxMWFlyRuSmAqXzgX8
P1Ky+cbJHsaZc3FIYuVCjw6TDFZ5yqLONMAeM050ogkm7iZr3GsfVQwt4SERHlj1
DChdblMrnncDDDZnmK2uZvAxEfUptj9eTFRsjKLvDTJGf3nudN/m9hj7ouE=
-----END CERTIFICATE-----
Generated at Wed May 7 04:41:30 2025 by rpki-client