Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a353a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a353a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: Z2c76iBoAfsbR46yCHKokRPGexVB4v6xn0WivJwO8Ks=
Subject key identifier: BE:53:D0:AF:14:47:3B:B9:17:88:5F:2A:62:14:CB:1B:23:A5:95:EB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 46D936D4B0EB7606ABB24CD90501C38792D7587F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a353a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:17 +0000
ROA not before: Fri 27 Dec 2024 09:23:17 +0000
ROA not after: Fri 26 Dec 2025 09:28:17 +0000
asID: 9009
IP address blocks: 2a13:9500:5::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:d9:36:d4:b0:eb:76:06:ab:b2:4c:d9:05:01:c3:87:92:d7:58:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:17 2024 GMT
Not After : Dec 26 09:28:17 2025 GMT
Subject: CN=BE53D0AF14473BB917885F2A6214CB1B23A595EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:f9:f2:df:8a:ab:29:3d:6b:cc:89:f2:b3:
f2:96:ab:7f:28:d3:28:5a:5c:cc:f5:01:36:b7:30:
5f:fd:5c:d7:17:e4:c2:ad:90:a5:f9:d6:7a:f5:db:
91:40:bf:d9:f9:32:c4:3a:fa:0c:c8:54:2d:1b:d9:
c2:0c:24:f7:9a:02:08:10:c1:e4:40:86:bb:7c:78:
e1:f9:b5:5b:2a:21:a1:01:54:3b:f0:7d:96:cf:b5:
f4:b2:d3:4d:e8:6a:b3:2a:f3:bf:5c:43:74:f7:30:
8c:89:6c:51:91:93:61:ab:04:1f:c7:b2:c5:a2:a6:
f9:fd:4a:11:ed:c9:c4:3e:d8:7c:28:65:e7:58:7f:
d6:5f:32:39:23:f7:80:3a:b2:13:0e:6e:51:55:51:
bc:db:d2:52:07:1b:e0:79:01:6b:84:e6:2a:8d:fd:
0c:b6:69:31:ed:21:95:f2:3b:5b:a8:2c:fe:ed:87:
46:04:70:ae:5c:ea:44:b3:0e:d1:35:4c:80:41:c7:
93:2a:0d:d8:76:8a:ca:f3:06:56:3e:4d:6a:26:0e:
e5:46:b8:bc:3f:9c:e2:aa:8d:57:b4:75:34:74:24:
6b:04:a9:9d:93:bb:fb:fc:29:01:bb:d2:05:ec:f2:
86:e7:65:a3:09:c2:6f:6e:b2:ff:1c:a8:83:96:9b:
5c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:53:D0:AF:14:47:3B:B9:17:88:5F:2A:62:14:CB:1B:23:A5:95:EB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a353a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:5::/48
Signature Algorithm: sha256WithRSAEncryption
78:e5:fe:b7:69:09:a9:97:5c:25:af:9d:ea:3a:d5:6a:1e:fc:
25:45:84:41:6d:43:5b:86:54:81:8e:05:aa:4f:ac:0d:5f:74:
e3:68:91:fb:0b:e0:ed:1c:94:78:2e:49:e1:56:b8:9e:65:d5:
8c:d7:a5:23:2a:3e:c2:01:f1:bd:99:34:84:2b:17:07:d6:24:
00:91:ff:01:de:1c:6f:6f:ab:18:39:c3:b3:96:2d:d7:c6:22:
4e:3a:84:25:b5:8d:f7:49:3e:45:d6:8e:16:50:f6:a6:64:e9:
98:e2:17:1e:76:c3:d9:2e:7b:91:d9:e8:60:8b:b3:a9:e2:39:
ac:50:ef:34:f9:50:36:2d:18:06:d2:9b:5f:a5:65:af:6c:ea:
38:fd:bc:bb:1e:2d:fc:69:00:99:76:80:05:7e:b5:10:f9:d4:
2e:60:3f:3e:b7:84:aa:1c:d2:73:73:a7:20:8f:bf:d4:d5:2f:
d7:e4:93:cf:a4:cd:0e:af:ce:cf:48:a4:97:d4:9c:bb:11:df:
ad:80:38:76:49:09:5d:ce:64:dd:5a:76:e4:41:ee:57:7c:1a:
fc:3b:17:1c:b0:79:a9:61:0f:d9:b7:63:79:85:a5:0d:8b:2e:
16:46:3e:a1:18:4f:4b:7e:60:de:5d:92:58:4d:6f:27:24:71:
7b:5d:7f:e5
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIURtk21LDrdgarskzZBQHDh5LXWH8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTdaFw0yNTEyMjYwOTI4MTdaMDMxMTAvBgNV
BAMTKEJFNTNEMEFGMTQ0NzNCQjkxNzg4NUYyQTYyMTRDQjFCMjNBNTk1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4bvny34qrKT1rzInys/KWq38o
0yhaXMz1ATa3MF/9XNcX5MKtkKX51nr125FAv9n5MsQ6+gzIVC0b2cIMJPeaAggQ
weRAhrt8eOH5tVsqIaEBVDvwfZbPtfSy003oarMq879cQ3T3MIyJbFGRk2GrBB/H
ssWipvn9ShHtycQ+2HwoZedYf9ZfMjkj94A6shMOblFVUbzb0lIHG+B5AWuE5iqN
/Qy2aTHtIZXyO1uoLP7th0YEcK5c6kSzDtE1TIBBx5MqDdh2isrzBlY+TWomDuVG
uLw/nOKqjVe0dTR0JGsEqZ2Tu/v8KQG70gXs8obnZaMJwm9usv8cqIOWm1wvAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUvlPQrxRHO7kXiF8qYhTLGyOlleswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM5MzAzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KhOVAAAFMA0GCSqGSIb3DQEBCwUAA4IBAQB45f63aQmpl1wlr53qOtVqHvwlRYRB
bUNbhlSBjgWqT6wNX3TjaJH7C+DtHJR4LknhVrieZdWM16UjKj7CAfG9mTSEKxcH
1iQAkf8B3hxvb6sYOcOzli3XxiJOOoQltY33ST5F1o4WUPamZOmY4hcedsPZLnuR
2ehgi7Op4jmsUO80+VA2LRgG0ptfpWWvbOo4/by7Hi38aQCZdoAFfrUQ+dQuYD8+
t4SqHNJzc6cgj7/U1S/X5JPPpM0Or87PSKSX1Jy7Ed+tgDh2SQldzmTdWnbkQe5X
fBr8OxccsHmpYQ/Zt2N5haUNiy4WRj6hGE9LfmDeXZJYTW8nJHF7XX/l
-----END CERTIFICATE-----
Generated at Tue May 6 19:13:42 2025 by rpki-client