Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a343a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a343a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: FKJAPSLBhR/hC9ZlkG8B7DG3CmVVDdfGHsbBlKMJurM=
Subject key identifier: E6:67:F4:FE:B8:17:38:EF:46:36:7A:9E:A2:C1:2A:8E:4C:2C:64:5B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7097FB94F705E8D295016AA140C90C3BFDBE2D3D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a343a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:20 +0000
ROA not before: Fri 27 Dec 2024 09:23:20 +0000
ROA not after: Fri 26 Dec 2025 09:28:20 +0000
asID: 9009
IP address blocks: 2a13:9500:4::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:97:fb:94:f7:05:e8:d2:95:01:6a:a1:40:c9:0c:3b:fd:be:2d:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:20 2024 GMT
Not After : Dec 26 09:28:20 2025 GMT
Subject: CN=E667F4FEB81738EF46367A9EA2C12A8E4C2C645B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:76:d0:e4:8e:8c:af:b0:04:b4:a8:0e:3d:7b:
d2:d6:d6:94:86:c3:5c:63:91:a0:e1:b6:bf:2a:40:
aa:1b:33:bd:78:90:1c:d9:02:6c:07:1b:ec:80:f2:
cd:94:e4:c2:6f:0c:fa:f4:f4:6d:91:bf:d7:5a:61:
ab:90:59:f8:c1:02:7a:57:b2:81:40:f8:49:8c:0a:
67:30:04:38:b8:10:cd:fd:3d:8c:19:a2:91:4f:28:
73:5a:cf:92:a9:50:e4:2b:95:97:4f:2b:b0:8d:10:
ae:5d:bd:fb:ba:c8:0d:b2:02:84:cb:7b:ac:64:3d:
0b:a5:af:4d:80:5b:7f:59:50:05:6b:3f:f7:35:5c:
d2:31:61:d7:25:ee:67:0e:da:fb:93:1b:e6:34:99:
5e:05:a1:9a:b4:b1:cf:95:d8:a3:43:26:56:8a:3b:
d4:e0:e7:7f:cb:46:74:b4:51:11:04:ba:3f:5d:6a:
49:8e:40:68:6c:8a:62:1d:6a:15:2a:ab:8e:20:1b:
f0:3b:05:ac:27:fe:be:a2:dd:ac:bd:f5:f4:3a:f5:
f7:24:5e:e4:e8:72:db:91:48:4d:2f:0c:be:27:68:
58:4a:36:14:aa:2c:4c:a9:7d:5e:1e:23:45:b0:fd:
68:7c:11:8a:7f:c0:a7:60:13:31:d5:d9:f3:fd:65:
94:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:67:F4:FE:B8:17:38:EF:46:36:7A:9E:A2:C1:2A:8E:4C:2C:64:5B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a343a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:4::/48
Signature Algorithm: sha256WithRSAEncryption
76:fa:a2:60:f8:41:e9:39:cc:90:20:49:b5:74:f9:4c:26:89:
12:95:04:19:e7:ea:7a:86:77:cd:9c:22:38:10:cd:7f:f5:45:
18:20:90:ec:cb:7b:2c:e5:27:93:90:7a:f9:af:57:52:aa:3e:
76:b0:ae:34:93:14:52:eb:56:3c:f6:14:7a:35:39:a3:23:80:
e1:2a:4c:66:10:c5:c4:1e:b5:bc:54:9b:ca:35:1d:31:40:3d:
17:30:f9:cb:24:bc:e8:cb:db:9a:7c:86:df:c6:55:2b:37:42:
a1:58:89:a2:b6:fa:da:7a:5c:b1:b8:72:c4:3c:f4:98:46:ec:
9e:b5:5c:19:3c:d4:a4:04:31:31:f6:d6:65:62:e8:b9:e5:42:
a0:b8:fa:89:b7:bc:93:3d:17:35:be:6b:b2:ab:26:36:8a:24:
a3:30:95:79:28:78:0b:bf:36:7e:6e:51:5b:e9:0d:fc:0b:3d:
d0:95:1f:94:b5:e8:7c:9a:a2:02:53:cf:5c:7b:dd:44:73:20:
90:fa:a2:c2:42:b9:a0:8b:a7:5e:9a:6a:17:1d:23:ad:89:1c:
fc:aa:a3:4d:18:90:1a:a8:2c:43:f6:bb:fe:41:03:a5:be:80:
4c:e7:09:ab:86:63:b7:86:6c:46:c2:41:4f:ea:df:6b:29:ed:
99:b7:05:85
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUcJf7lPcF6NKVAWqhQMkMO/2+LT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMjBaFw0yNTEyMjYwOTI4MjBaMDMxMTAvBgNV
BAMTKEU2NjdGNEZFQjgxNzM4RUY0NjM2N0E5RUEyQzEyQThFNEMyQzY0NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFdtDkjoyvsAS0qA49e9LW1pSG
w1xjkaDhtr8qQKobM714kBzZAmwHG+yA8s2U5MJvDPr09G2Rv9daYauQWfjBAnpX
soFA+EmMCmcwBDi4EM39PYwZopFPKHNaz5KpUOQrlZdPK7CNEK5dvfu6yA2yAoTL
e6xkPQulr02AW39ZUAVrP/c1XNIxYdcl7mcO2vuTG+Y0mV4FoZq0sc+V2KNDJlaK
O9Tg53/LRnS0UREEuj9dakmOQGhsimIdahUqq44gG/A7Bawn/r6i3ay99fQ69fck
XuToctuRSE0vDL4naFhKNhSqLEypfV4eI0Ww/Wh8EYp/wKdgEzHV2fP9ZZSnAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQU5mf0/rgXOO9GNnqeosEqjkwsZFswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM5MzAzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KhOVAAAEMA0GCSqGSIb3DQEBCwUAA4IBAQB2+qJg+EHpOcyQIEm1dPlMJokSlQQZ
5+p6hnfNnCI4EM1/9UUYIJDsy3ss5SeTkHr5r1dSqj52sK40kxRS61Y89hR6NTmj
I4DhKkxmEMXEHrW8VJvKNR0xQD0XMPnLJLzoy9uafIbfxlUrN0KhWImitvraelyx
uHLEPPSYRuyetVwZPNSkBDEx9tZlYui55UKguPqJt7yTPRc1vmuyqyY2iiSjMJV5
KHgLvzZ+blFb6Q38Cz3QlR+Uteh8mqICU89ce91EcyCQ+qLCQrmgi6demmoXHSOt
iRz8qqNNGJAaqCxD9rv+QQOlvoBM5wmrhmO3hmxGwkFP6t9rKe2ZtwWF
-----END CERTIFICATE-----
Generated at Wed May 7 19:53:25 2025 by rpki-client