Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: 68k5sJJHZ/IpIzQITeS2bL1+HSBFm0AWYap4ZJDxYbw=
Subject key identifier: EE:E2:1B:F2:34:1F:64:5F:D2:9D:AA:94:03:F0:00:A0:02:73:81:09
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 64E67B30B874DC8DE2C5B711784CA59CE30E2BF4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:17 +0000
ROA not before: Fri 27 Dec 2024 09:23:17 +0000
ROA not after: Fri 26 Dec 2025 09:28:17 +0000
asID: 29802
IP address blocks: 2a13:9500:d::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:e6:7b:30:b8:74:dc:8d:e2:c5:b7:11:78:4c:a5:9c:e3:0e:2b:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:17 2024 GMT
Not After : Dec 26 09:28:17 2025 GMT
Subject: CN=EEE21BF2341F645FD29DAA9403F000A002738109
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:18:57:39:aa:ad:04:f2:fe:22:7c:97:1f:0d:
b8:a8:ef:b1:3a:63:7e:62:08:c9:3d:58:da:79:58:
4d:b3:d2:ba:95:59:91:59:dd:86:c8:1b:a2:d2:03:
d2:ac:29:0c:02:3b:3b:f3:69:ec:83:86:83:95:91:
48:bf:40:c5:3c:83:51:44:27:c8:55:10:b8:95:21:
71:05:6f:d8:46:b5:17:10:04:5e:1b:ba:87:89:1a:
5c:4e:96:e1:a4:98:a2:56:5c:35:e5:8f:21:d1:bc:
50:22:35:eb:4b:7e:2b:96:89:37:08:ef:22:a8:db:
97:24:af:fa:d6:4e:0b:8c:59:8b:be:ce:44:e1:a0:
bf:f9:c0:53:9f:35:31:84:0c:b1:ba:87:5d:c1:5b:
a3:11:0a:be:e2:6d:c0:75:21:9a:39:a0:ff:fe:11:
00:20:fc:00:4f:1b:cf:94:f0:87:fa:ca:6d:d0:f3:
b0:11:59:63:71:43:02:ce:55:a7:ab:e9:68:8f:d8:
dd:41:a4:06:c3:0f:3f:33:97:55:7c:92:4c:05:81:
d6:75:16:ea:77:4f:bc:f8:8e:f8:13:d6:28:fd:ef:
65:7e:00:c8:93:32:3d:36:06:87:96:3b:0d:d2:d0:
fc:2f:6f:e8:08:b6:ff:88:56:bd:94:30:e3:75:64:
d8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:E2:1B:F2:34:1F:64:5F:D2:9D:AA:94:03:F0:00:A0:02:73:81:09
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a643a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:d::/48
Signature Algorithm: sha256WithRSAEncryption
1a:02:5b:35:31:9c:b1:fe:ee:80:e8:55:c1:35:f7:7f:1c:a7:
ea:69:00:8b:b9:d2:36:3c:57:c4:39:51:84:71:33:8b:9b:bc:
68:ed:2f:94:05:77:35:d8:96:5d:3f:3d:99:5e:1e:2c:76:be:
39:d4:9b:d2:46:25:e0:55:2d:c6:d0:48:dd:e5:36:ee:fe:4c:
18:77:3c:fe:4c:b2:a9:ae:14:92:49:7c:c7:35:ec:1b:65:7b:
a4:12:3a:63:ab:a8:7d:b7:d0:87:d8:c4:fe:47:55:8e:e8:89:
f3:fa:43:af:d2:01:64:63:06:a5:f5:83:36:7d:02:47:79:14:
43:49:54:44:10:e2:bd:df:62:a7:6e:f0:db:f0:e9:5c:e1:ba:
6d:5e:c8:db:18:bd:d9:2a:e8:00:5a:14:bb:ca:ab:c1:d5:a9:
4b:fc:71:37:13:97:89:03:cc:aa:23:23:29:5d:1e:70:78:0c:
61:75:f6:88:38:c8:c2:a0:f7:9f:bc:fb:ce:7e:b3:b8:f9:a7:
4a:2f:ed:f5:c9:cc:b3:5f:fd:ba:b3:e6:79:b0:67:eb:e5:8a:
95:a0:80:0a:af:26:da:15:81:4a:c8:24:de:b8:c9:7f:73:66:
ad:a5:48:4c:8c:6d:7c:f2:68:3e:06:33:55:97:3f:9c:d8:13:
1b:d5:4c:ff
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUZOZ7MLh03I3ixbcReEylnOMOK/QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTdaFw0yNTEyMjYwOTI4MTdaMDMxMTAvBgNV
BAMTKEVFRTIxQkYyMzQxRjY0NUZEMjlEQUE5NDAzRjAwMEEwMDI3MzgxMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUGFc5qq0E8v4ifJcfDbio77E6
Y35iCMk9WNp5WE2z0rqVWZFZ3YbIG6LSA9KsKQwCOzvzaeyDhoOVkUi/QMU8g1FE
J8hVELiVIXEFb9hGtRcQBF4buoeJGlxOluGkmKJWXDXljyHRvFAiNetLfiuWiTcI
7yKo25ckr/rWTguMWYu+zkThoL/5wFOfNTGEDLG6h13BW6MRCr7ibcB1IZo5oP/+
EQAg/ABPG8+U8If6ym3Q87ARWWNxQwLOVaer6WiP2N1BpAbDDz8zl1V8kkwFgdZ1
Fup3T7z4jvgT1ij972V+AMiTMj02BoeWOw3S0Pwvb+gItv+IVr2UMON1ZNiVAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU7uIb8jQfZF/SnaqUA/AAoAJzgQkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2NDNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAA0wDQYJKoZIhvcNAQELBQADggEBABoCWzUxnLH+7oDoVcE1938cp+pp
AIu50jY8V8Q5UYRxM4ubvGjtL5QFdzXYll0/PZleHix2vjnUm9JGJeBVLcbQSN3l
Nu7+TBh3PP5MsqmuFJJJfMc17Btle6QSOmOrqH230IfYxP5HVY7oifP6Q6/SAWRj
BqX1gzZ9Akd5FENJVEQQ4r3fYqdu8Nvw6Vzhum1eyNsYvdkq6ABaFLvKq8HVqUv8
cTcTl4kDzKojIyldHnB4DGF19og4yMKg95+8+85+s7j5p0ov7fXJzLNf/bqz5nmw
Z+vlipWggAqvJtoVgUrIJN64yX9zZq2lSEyMbXzyaD4GM1WXP5zYExvVTP8=
-----END CERTIFICATE-----
Generated at Tue May 6 19:22:35 2025 by rpki-client