Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: Gfb9T9Vgs9cu+VfmJdz9GbrSkTSUYsYEUcFprzt2mIs=
Subject key identifier: 9D:B6:29:EE:17:72:EB:09:27:EE:62:B4:2C:D0:0D:AD:FB:DB:9E:3E
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 11D559B242276021ED095B41ABE5B729F4D5EA02
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:11 +0000
ROA not before: Fri 27 Dec 2024 09:23:11 +0000
ROA not after: Fri 26 Dec 2025 09:28:11 +0000
asID: 29802
IP address blocks: 2a13:9500:f::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
11:d5:59:b2:42:27:60:21:ed:09:5b:41:ab:e5:b7:29:f4:d5:ea:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:11 2024 GMT
Not After : Dec 26 09:28:11 2025 GMT
Subject: CN=9DB629EE1772EB0927EE62B42CD00DADFBDB9E3E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ff:d1:a5:de:a5:4b:85:bf:15:3f:06:a5:aa:
16:71:0b:ba:e0:e1:02:60:0d:70:ad:c4:3b:98:df:
63:04:f8:ac:ee:64:6d:a9:92:0a:a7:7c:7b:c4:3e:
3b:fb:5f:03:63:a4:56:5c:27:54:da:53:e7:b9:22:
95:63:08:63:7e:65:da:e1:1a:e2:e4:c2:e5:66:78:
9a:53:3c:90:5d:6d:40:b5:48:54:fe:1e:59:d3:eb:
74:bf:0a:63:28:af:ff:5a:df:74:ab:46:ed:d0:2d:
cf:5c:76:11:c5:cc:20:c9:c5:ff:c8:6d:29:30:cb:
c0:57:57:c9:c1:7f:f8:1a:d9:fc:09:cb:36:79:7b:
ec:05:08:29:6f:e8:f1:5e:7f:84:ec:f8:6a:c7:85:
94:e9:0b:17:3e:7c:84:5c:10:e6:c3:f2:b4:c0:85:
e1:1c:b1:e6:c6:a3:d3:2e:d4:5a:2d:36:84:56:92:
8d:ab:6e:ed:9e:11:12:09:1d:ca:d6:3f:4e:af:9f:
d3:20:8b:f7:bc:59:ce:17:da:5c:cb:f3:dd:73:a0:
fd:fc:f8:1e:b2:74:d5:cc:87:f1:ec:a5:e2:a0:6d:
e1:5c:12:3c:29:07:93:01:ff:68:c5:c3:3f:f7:ba:
26:16:35:1f:59:52:9a:96:4a:9e:c4:58:fe:3e:e4:
33:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B6:29:EE:17:72:EB:09:27:EE:62:B4:2C:D0:0D:AD:FB:DB:9E:3E
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a663a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:f::/48
Signature Algorithm: sha256WithRSAEncryption
60:96:56:f1:26:c8:4c:77:8b:94:ae:cc:3c:14:ab:9f:81:89:
65:fc:b6:82:da:a9:54:fd:38:80:db:f7:29:80:2f:81:18:78:
02:80:77:98:45:16:01:84:d9:0c:f1:88:a7:10:d2:0a:f7:2a:
f8:bd:ef:b5:74:0f:cf:b9:e6:d0:07:ea:0f:00:33:01:4c:99:
0d:df:1e:98:53:63:20:05:62:53:2b:a7:75:9c:17:cc:55:10:
81:4c:f7:5a:bf:7d:cd:3c:8a:3f:cf:fe:2b:35:4f:ce:f1:2d:
b0:9e:31:84:51:92:1c:95:1b:31:fd:08:ac:38:42:53:05:b4:
1a:ea:89:f7:44:1a:f4:2a:fd:70:38:3d:95:c3:f2:56:b7:e1:
da:30:f0:84:8f:52:ad:00:84:b4:ce:a1:76:ce:cc:ff:2b:69:
7c:ba:03:47:bf:97:14:82:f0:e5:82:5f:5e:97:f2:f4:60:81:
28:68:a1:d9:a4:72:cc:2a:37:83:0e:66:82:67:be:d0:7a:99:
2e:07:79:1f:e5:2a:b4:9e:a9:c8:25:80:c6:a3:d6:24:e6:59:
53:dc:71:cc:0c:74:06:fd:2d:35:ce:c9:8b:be:ac:85:63:f7:
d9:7d:dd:74:c6:a4:ed:b3:9f:62:08:6c:9d:70:ff:5b:8c:4c:
86:bd:c1:f4
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUEdVZskInYCHtCVtBq+W3KfTV6gIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTFaFw0yNTEyMjYwOTI4MTFaMDMxMTAvBgNV
BAMTKDlEQjYyOUVFMTc3MkVCMDkyN0VFNjJCNDJDRDAwREFERkJEQjlFM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH/9Gl3qVLhb8VPwalqhZxC7rg
4QJgDXCtxDuY32ME+KzuZG2pkgqnfHvEPjv7XwNjpFZcJ1TaU+e5IpVjCGN+Zdrh
GuLkwuVmeJpTPJBdbUC1SFT+HlnT63S/CmMor/9a33SrRu3QLc9cdhHFzCDJxf/I
bSkwy8BXV8nBf/ga2fwJyzZ5e+wFCClv6PFef4Ts+GrHhZTpCxc+fIRcEObD8rTA
heEcsebGo9Mu1FotNoRWko2rbu2eERIJHcrWP06vn9Mgi/e8Wc4X2lzL891zoP38
+B6ydNXMh/HspeKgbeFcEjwpB5MB/2jFwz/3uiYWNR9ZUpqWSp7EWP4+5DM9AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUnbYp7hdy6wkn7mK0LNANrfvbnj4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2E2NjNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAA8wDQYJKoZIhvcNAQELBQADggEBAGCWVvEmyEx3i5SuzDwUq5+BiWX8
toLaqVT9OIDb9ymAL4EYeAKAd5hFFgGE2QzxiKcQ0gr3Kvi977V0D8+55tAH6g8A
MwFMmQ3fHphTYyAFYlMrp3WcF8xVEIFM91q/fc08ij/P/is1T87xLbCeMYRRkhyV
GzH9CKw4QlMFtBrqifdEGvQq/XA4PZXD8la34dow8ISPUq0AhLTOoXbOzP8raXy6
A0e/lxSC8OWCX16X8vRggShoodmkcswqN4MOZoJnvtB6mS4HeR/lKrSeqcglgMaj
1iTmWVPcccwMdAb9LTXOyYu+rIVj99l93XTGpO2zn2IIbJ1w/1uMTIa9wfQ=
-----END CERTIFICATE-----
Generated at Wed May 7 02:28:05 2025 by rpki-client