Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a343030303a3a2f33342d3334203d3e20323136343734.roa
File: 326130363a313238333a343030303a3a2f33342d3334203d3e20323136343734.roa (raw, json)
Hash identifier: sZHXN4XmuA4eiV6dFX4QTH/rJZLrbeaJr0n2B2I7khc=
Subject key identifier: 02:C8:32:DD:B2:55:32:44:2C:5D:5E:BF:7A:45:A0:AE:B3:F7:7C:BF
Certificate issuer: /CN=20595BDBAD09C7D604202305854D1DF14F190959
Certificate serial: 509044D5E7FD89331B9858E883EEA7E5E9DBE8B0
Authority key identifier: 20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59
Authority info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a343030303a3a2f33342d3334203d3e20323136343734.roa
Signing time: Sun 15 Sep 2024 14:36:35 +0000
ROA not before: Sun 15 Sep 2024 14:31:35 +0000
ROA not after: Sun 14 Sep 2025 14:36:35 +0000
asID: 216474
IP address blocks: 2a06:1283:4000::/34 maxlen: 34
Validation: Failed, certificate revoked on Mon 10 Mar 2025 09:34:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:90:44:d5:e7:fd:89:33:1b:98:58:e8:83:ee:a7:e5:e9:db:e8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20595BDBAD09C7D604202305854D1DF14F190959
Validity
Not Before: Sep 15 14:31:35 2024 GMT
Not After : Sep 14 14:36:35 2025 GMT
Subject: CN=02C832DDB25532442C5D5EBF7A45A0AEB3F77CBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e4:75:5a:3f:f5:a6:f9:b2:b6:eb:2b:8c:01:
08:10:5c:bd:75:51:c7:c4:a2:43:99:fc:c4:cb:0a:
ec:8b:8a:4a:c8:be:fa:e7:ac:01:66:a6:5e:52:01:
6c:20:35:e4:d0:7f:6e:62:92:6f:09:46:ce:6e:52:
0a:77:06:c4:38:5f:c8:5d:10:a2:a4:3c:26:f0:11:
ad:c2:41:74:65:29:2d:be:c7:0f:69:de:18:99:e9:
2c:14:fc:20:48:5a:35:7d:7f:2c:2d:e7:90:b3:e5:
21:da:6d:d8:50:33:1a:62:4b:d7:ac:e0:cf:1b:24:
b0:74:1f:f4:1c:3d:d9:b6:30:2c:29:1c:10:57:9a:
26:18:c5:2b:96:9e:bd:67:3e:69:02:16:c7:6b:8a:
a1:a1:c8:22:cd:7a:7e:07:62:0c:c3:ef:a6:cb:7a:
2f:06:20:27:3e:bc:ba:b9:01:1d:6a:d0:5b:e0:5c:
52:68:a2:61:95:88:c9:7f:54:de:a4:75:5f:45:a1:
1f:8a:7c:6a:91:2f:4e:16:58:5d:67:d0:14:0a:57:
bb:62:88:23:9d:b9:21:f9:27:8b:2d:a9:11:7d:37:
2d:7a:c0:92:b9:8c:a2:a0:6e:23:02:94:5b:b4:0f:
3a:7e:82:f4:dc:38:2e:1b:1c:12:ac:d5:47:6a:1b:
cd:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:C8:32:DD:B2:55:32:44:2C:5D:5E:BF:7A:45:A0:AE:B3:F7:7C:BF
X509v3 Authority Key Identifier:
keyid:20:59:5B:DB:AD:09:C7:D6:04:20:23:05:85:4D:1D:F1:4F:19:09:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/20595BDBAD09C7D604202305854D1DF14F190959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/20595BDBAD09C7D604202305854D1DF14F190959.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2af73a9c-2058-43bb-9ac6-5ab42dfbf409/1/326130363a313238333a343030303a3a2f33342d3334203d3e20323136343734.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:1283:4000::/34
Signature Algorithm: sha256WithRSAEncryption
7c:98:dc:ca:69:ab:ff:75:aa:b5:e7:ce:0d:8c:a1:7d:1f:8d:
c7:4f:96:eb:e3:d2:97:35:85:bd:f0:94:2a:22:20:c1:b9:31:
a3:bb:dc:1f:11:10:cd:ce:25:f0:fb:a4:65:75:60:90:e8:94:
98:76:ba:50:41:bd:2b:91:94:75:83:f7:b3:87:18:07:85:39:
9c:ea:6c:94:6d:1b:da:24:5e:46:54:da:ab:8f:c3:77:dc:36:
d7:60:43:aa:43:1a:9a:b4:68:c6:32:06:c3:f6:5b:c2:ae:f8:
63:fd:ec:23:12:aa:23:f1:18:1a:23:df:8e:09:2b:d3:cb:f1:
5e:9a:b2:dd:c4:e4:1d:55:83:90:73:68:1d:ad:b3:cd:02:8b:
7c:43:3a:8d:86:60:42:70:2d:e3:fc:54:36:67:28:63:8c:92:
99:e6:97:60:79:3c:6d:88:d3:83:bc:f2:66:3b:f5:e3:3b:7d:
17:6f:67:e2:50:d5:01:6a:3e:4f:9f:ba:81:72:31:3a:46:57:
3d:a1:96:b8:df:92:48:fc:6f:7e:d5:ac:fb:0b:90:5f:33:fd:
84:85:5b:af:03:af:1d:5f:26:18:e2:3d:f9:0c:0a:db:8c:b8:
c6:c5:c5:e0:dd:68:74:ca:c6:09:c2:08:4d:ea:76:a3:30:36:
c5:34:fe:43
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgIUUJBE1ef9iTMbmFjog+6n5enb6LAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0
RjE5MDk1OTAeFw0yNDA5MTUxNDMxMzVaFw0yNTA5MTQxNDM2MzVaMDMxMTAvBgNV
BAMTKDAyQzgzMkREQjI1NTMyNDQyQzVENUVCRjdBNDVBMEFFQjNGNzdDQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+5HVaP/Wm+bK26yuMAQgQXL11
UcfEokOZ/MTLCuyLikrIvvrnrAFmpl5SAWwgNeTQf25ikm8JRs5uUgp3BsQ4X8hd
EKKkPCbwEa3CQXRlKS2+xw9p3hiZ6SwU/CBIWjV9fywt55Cz5SHabdhQMxpiS9es
4M8bJLB0H/QcPdm2MCwpHBBXmiYYxSuWnr1nPmkCFsdriqGhyCLNen4HYgzD76bL
ei8GICc+vLq5AR1q0FvgXFJoomGViMl/VN6kdV9FoR+KfGqRL04WWF1n0BQKV7ti
iCOduSH5J4stqRF9Ny16wJK5jKKgbiMClFu0Dzp+gvTcOC4bHBKs1UdqG82LAgMB
AAGjggJ5MIICdTAdBgNVHQ4EFgQUAsgy3bJVMkQsXV6/ekWgrrP3fL8wHwYDVR0j
BBgwFoAUIFlb260Jx9YEICMFhU0d8U8ZCVkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMtMjA1OC00M2JiLTlhYzYtNWFiNDJkZmJm
NDA5LzEvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5MDk1OS5j
cmwwgZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtp
LXJwcy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1
YzkxYmUzZjlkLzIvMjA1OTVCREJBRDA5QzdENjA0MjAyMzA1ODU0RDFERjE0RjE5
MDk1OS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMmFmNzNhOWMt
MjA1OC00M2JiLTlhYzYtNWFiNDJkZmJmNDA5LzEvMzI2MTMwMzYzYTMxMzIzODMz
M2EzNDMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNkM2UyMDMyMzEzNjM0MzczNC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw
DgQCAAIwCAMGBioGEoNAMA0GCSqGSIb3DQEBCwUAA4IBAQB8mNzKaav/daq1584N
jKF9H43HT5br49KXNYW98JQqIiDBuTGju9wfERDNziXw+6RldWCQ6JSYdrpQQb0r
kZR1g/ezhxgHhTmc6myUbRvaJF5GVNqrj8N33DbXYEOqQxqatGjGMgbD9lvCrvhj
/ewjEqoj8RgaI9+OCSvTy/FemrLdxOQdVYOQc2gdrbPNAot8QzqNhmBCcC3j/FQ2
ZyhjjJKZ5pdgeTxtiNODvPJmO/XjO30Xb2fiUNUBaj5Pn7qBcjE6Rlc9oZa435JI
/G9+1az7C5BfM/2EhVuvA68dXyYY4j35DArbjLjGxcXg3Wh0ysYJwghN6najMDbF
NP5D
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:44:48 2025 by rpki-client