Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a613a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a613a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: qrm0H6entOW5K3KoLBPjsvks75JPhVjObsGAnJDfbc0=
Subject key identifier: 66:D9:B7:2A:6A:E7:5B:EE:39:8F:16:62:4B:E0:88:D8:51:45:00:D6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0432024CC3486447A4BB0FE165F3E24CED73B1BB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a613a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:12 +0000
ROA not before: Fri 27 Dec 2024 09:23:12 +0000
ROA not after: Fri 26 Dec 2025 09:28:12 +0000
asID: 9009
IP address blocks: 2a13:9500:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:32:02:4c:c3:48:64:47:a4:bb:0f:e1:65:f3:e2:4c:ed:73:b1:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:12 2024 GMT
Not After : Dec 26 09:28:12 2025 GMT
Subject: CN=66D9B72A6AE75BEE398F16624BE088D8514500D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:3d:bf:77:23:c4:79:e2:8d:f2:a8:39:e2:
dc:32:81:84:95:4f:22:3c:87:f8:9e:fa:01:ba:4e:
43:17:59:7f:ee:8c:07:f6:50:08:6c:94:a4:49:a9:
cc:34:bb:8b:77:2b:84:51:db:14:0d:88:14:92:ad:
5e:60:df:1e:00:fe:31:85:a0:73:83:56:f0:3b:a3:
aa:f2:af:41:af:d3:1f:74:38:d2:3c:ab:e8:7e:38:
70:30:07:40:0e:a8:da:fb:13:f1:ce:eb:1b:bd:3b:
31:24:1c:bf:d8:a2:6e:2d:42:7a:a1:3d:26:8f:fc:
83:b8:c8:f9:d3:52:e9:23:c1:36:8a:92:7e:b0:5e:
cb:90:ec:70:07:2b:be:8c:cf:24:27:86:59:77:7d:
99:e8:a4:ec:ff:c5:0c:8b:15:79:a1:5e:35:e8:11:
6b:e8:2f:e3:40:05:76:bf:c0:d9:35:da:ed:b9:bb:
0e:46:73:30:39:5b:22:d2:ce:9e:a7:f5:3f:c3:f9:
42:7a:f9:1a:b8:c0:c6:c4:45:37:b6:2b:05:85:90:
ba:be:2d:f1:10:08:1c:ab:b5:cc:c8:37:5d:0d:a9:
ae:12:be:c1:99:d8:7e:b7:12:d5:27:bf:68:88:94:
c0:f0:77:7f:f3:f4:c8:3e:5b:b4:71:0c:2e:df:36:
ee:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D9:B7:2A:6A:E7:5B:EE:39:8F:16:62:4B:E0:88:D8:51:45:00:D6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a613a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:a::/48
Signature Algorithm: sha256WithRSAEncryption
7b:a2:56:74:48:c0:e9:d6:b0:62:07:ec:b2:ea:e6:b3:2c:7a:
95:c5:ca:28:aa:be:25:f1:63:89:d8:3c:56:d1:4f:bb:e1:0b:
18:c3:77:05:b7:39:58:6a:bd:49:81:b4:cf:82:8a:9d:f0:f0:
22:0e:8d:a1:d5:fc:d3:1d:2f:04:59:ec:0b:71:16:1d:97:79:
a6:6d:0e:14:22:e0:e8:3b:80:05:c7:62:fd:04:39:b4:69:0a:
60:48:33:70:e4:9d:72:d7:ee:3d:94:91:4e:8e:72:e2:1b:98:
98:d4:90:3f:58:e4:da:99:bf:10:c2:62:22:fa:90:94:c9:ff:
d0:78:76:95:7c:9e:13:c5:6d:d3:6e:53:77:17:20:90:a9:b0:
fc:13:2f:cf:6f:56:fa:db:fe:a9:18:49:5e:36:9e:8e:e9:cd:
55:d5:89:9f:65:e5:ce:35:c5:bd:5a:3b:a8:17:0c:d8:f5:54:
70:34:40:a2:ec:da:16:3c:ef:65:da:0a:86:46:09:b6:53:95:
10:e1:8e:09:29:09:6c:2d:9e:9c:b2:47:54:ae:44:18:65:1b:
4b:62:32:72:4f:bb:28:04:4c:04:16:52:aa:e0:c6:16:7e:9b:
f5:73:4e:fb:94:1d:6e:1d:da:95:5f:df:26:1f:8e:32:8c:a7:
af:e5:92:eb
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIUBDICTMNIZEekuw/hZfPiTO1zsbswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTJaFw0yNTEyMjYwOTI4MTJaMDMxMTAvBgNV
BAMTKDY2RDlCNzJBNkFFNzVCRUUzOThGMTY2MjRCRTA4OEQ4NTE0NTAwRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqbT2/dyPEeeKN8qg54twygYSV
TyI8h/ie+gG6TkMXWX/ujAf2UAhslKRJqcw0u4t3K4RR2xQNiBSSrV5g3x4A/jGF
oHODVvA7o6ryr0Gv0x90ONI8q+h+OHAwB0AOqNr7E/HO6xu9OzEkHL/Yom4tQnqh
PSaP/IO4yPnTUukjwTaKkn6wXsuQ7HAHK76MzyQnhll3fZnopOz/xQyLFXmhXjXo
EWvoL+NABXa/wNk12u25uw5GczA5WyLSzp6n9T/D+UJ6+Rq4wMbERTe2KwWFkLq+
LfEQCByrtczIN10Nqa4SvsGZ2H63EtUnv2iIlMDwd3/z9Mg+W7RxDC7fNu5tAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUZtm3KmrnW+45jxZiS+CI2FFFANYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2MTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM5MzAzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcA
KhOVAAAKMA0GCSqGSIb3DQEBCwUAA4IBAQB7olZ0SMDp1rBiB+yy6uazLHqVxcoo
qr4l8WOJ2DxW0U+74QsYw3cFtzlYar1JgbTPgoqd8PAiDo2h1fzTHS8EWewLcRYd
l3mmbQ4UIuDoO4AFx2L9BDm0aQpgSDNw5J1y1+49lJFOjnLiG5iY1JA/WOTamb8Q
wmIi+pCUyf/QeHaVfJ4TxW3TblN3FyCQqbD8Ey/Pb1b62/6pGEleNp6O6c1V1Ymf
ZeXONcW9WjuoFwzY9VRwNECi7NoWPO9l2gqGRgm2U5UQ4Y4JKQlsLZ6cskdUrkQY
ZRtLYjJyT7soBEwEFlKq4MYWfpv1c077lB1uHdqVX98mH44yjKev5ZLr
-----END CERTIFICATE-----
Generated at Wed May 7 12:18:56 2025 by rpki-client