Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34382d3438203d3e20323134333635.roa
File: 326131343a316563373a663030303a3a2f34382d3438203d3e20323134333635.roa (raw, json)
Hash identifier: VklTiOjKsdpixiqmu+wlshcItwQIM2APVytTPAswlws=
Subject key identifier: 24:E6:D9:7C:76:C0:8B:68:C6:10:E8:66:94:97:78:3D:48:65:D7:BD
Certificate issuer: /CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71
Certificate serial: 0EB16B9995AA98ED47B4C8282B8F3836A0F0AF14
Authority key identifier: 1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34382d3438203d3e20323134333635.roa
Signing time: Thu 15 Aug 2024 11:30:10 +0000
ROA not before: Thu 15 Aug 2024 11:25:10 +0000
ROA not after: Thu 14 Aug 2025 11:30:10 +0000
asID: 214365
IP address blocks: 2a14:1ec7:f000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 17 Nov 2024 21:11:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b1:6b:99:95:aa:98:ed:47:b4:c8:28:2b:8f:38:36:a0:f0:af:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71
Validity
Not Before: Aug 15 11:25:10 2024 GMT
Not After : Aug 14 11:30:10 2025 GMT
Subject: CN=24E6D97C76C08B68C610E8669497783D4865D7BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:24:16:ff:84:ae:69:d1:24:9b:35:33:e3:b9:
9b:f9:1a:69:ad:0b:02:ba:27:72:37:ef:5a:28:84:
5f:a9:f7:18:62:2f:0d:2a:9e:86:af:98:e2:a2:d8:
ef:82:2a:63:a2:9d:11:0a:a5:d5:b3:b9:8f:8b:80:
5d:c9:f8:c8:08:cb:3a:d1:41:85:21:13:0b:34:8a:
a5:a2:59:5f:6c:a9:bb:68:1f:75:0d:1e:2b:38:b3:
5a:e6:24:ee:2a:10:a4:f6:55:f9:aa:35:4d:a0:f2:
76:a7:95:7f:61:b4:9f:7a:8c:7b:fc:6a:54:82:6b:
9e:eb:a0:74:0a:56:2c:a6:7d:df:8b:da:a6:36:86:
bf:b5:eb:08:15:30:a4:b9:f4:68:ab:24:5b:b2:c4:
58:2c:cf:a8:a2:18:09:a6:05:c4:b1:8d:ab:fb:7d:
8d:f6:f0:ad:5a:51:94:30:d7:e7:9d:01:a6:53:c0:
dc:eb:7c:ec:a1:dc:d4:5b:a2:6a:ec:88:b9:4f:ca:
45:7f:97:8c:37:b0:5d:fa:47:a6:93:8c:6c:70:9b:
d0:ed:b5:91:18:d5:a1:98:a9:d4:68:57:e6:ba:c2:
bf:bb:0c:b0:25:56:09:9b:fc:66:5e:e0:0e:c2:e9:
f2:3e:4b:bd:5f:cf:e0:96:db:cf:4c:7d:5d:04:65:
01:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:E6:D9:7C:76:C0:8B:68:C6:10:E8:66:94:97:78:3D:48:65:D7:BD
X509v3 Authority Key Identifier:
keyid:1D:BD:1D:47:FD:8E:45:74:C8:42:17:43:C9:CC:5F:0E:F8:3E:0E:71
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/1a3bb93f-98a4-4c7e-a0e1-8057a4f086c9/0/1DBD1D47FD8E4574C8421743C9CC5F0EF83E0E71.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/71476d62-9cfa-4871-a2d9-fadf5781c11b/2/326131343a316563373a663030303a3a2f34382d3438203d3e20323134333635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:1ec7:f000::/48
Signature Algorithm: sha256WithRSAEncryption
ac:39:17:6e:09:f3:8b:cd:2a:c8:79:bd:d1:a2:35:1d:58:79:
df:a3:fa:e7:e9:49:9d:96:95:0d:16:ad:39:b9:c0:6e:ef:d3:
a6:1e:76:07:98:a3:21:bc:f5:0d:f3:cd:3f:72:80:74:1a:2c:
ec:b6:1f:0c:22:53:aa:c5:e0:d8:3b:48:7e:6b:e4:da:0b:60:
8a:72:28:9b:b1:7e:29:21:28:88:53:0e:11:ee:43:78:5e:27:
38:22:f7:0a:f0:f4:19:96:97:58:26:35:96:6c:a3:4d:13:2e:
61:c1:98:ea:ea:a6:44:47:08:72:9f:93:fb:52:a6:65:cf:96:
e9:1b:ab:30:ff:d3:f7:5e:1d:88:6f:48:e2:51:6b:f4:39:c9:
d4:8b:cc:90:32:d1:d1:ed:38:37:7b:b6:bc:fc:79:df:9d:90:
c2:1b:c2:a9:b2:e2:61:c8:cf:65:1f:83:14:cc:97:f8:04:c3:
38:c5:44:64:52:36:5d:ad:67:66:67:49:73:e8:4f:61:1b:fc:
0f:2e:91:36:07:ee:c7:21:c6:3d:1e:f5:ac:ec:04:65:39:48:
ed:92:36:af:26:c9:ce:67:af:ec:fb:7b:55:61:31:05:bb:19:
e1:37:d8:cc:89:7f:47:26:4c:43:a3:2e:ca:35:5f:ee:4f:cc:
52:44:90:a6
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUDrFrmZWqmO1HtMgoK484NqDwrxQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVG
ODNFMEU3MTAeFw0yNDA4MTUxMTI1MTBaFw0yNTA4MTQxMTMwMTBaMDMxMTAvBgNV
BAMTKDI0RTZEOTdDNzZDMDhCNjhDNjEwRTg2Njk0OTc3ODNENDg2NUQ3QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0JBb/hK5p0SSbNTPjuZv5Gmmt
CwK6J3I371oohF+p9xhiLw0qnoavmOKi2O+CKmOinREKpdWzuY+LgF3J+MgIyzrR
QYUhEws0iqWiWV9sqbtoH3UNHis4s1rmJO4qEKT2VfmqNU2g8nanlX9htJ96jHv8
alSCa57roHQKViymfd+L2qY2hr+16wgVMKS59GirJFuyxFgsz6iiGAmmBcSxjav7
fY328K1aUZQw1+edAaZTwNzrfOyh3NRbomrsiLlPykV/l4w3sF36R6aTjGxwm9Dt
tZEY1aGYqdRoV+a6wr+7DLAlVgmb/GZe4A7C6fI+S71fz+CW289MfV0EZQFjAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUJObZfHbAi2jGEOhmlJd4PUhl170wHwYDVR0j
BBgwFoAUHb0dR/2ORXTIQhdDycxfDvg+DnEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE0NzZkNjItOWNmYS00ODcxLWEyZDktZmFkZjU3ODFj
MTFiLzIvMURCRDFENDdGRDhFNDU3NEM4NDIxNzQzQzlDQzVGMEVGODNFMEU3MS5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8xYTNiYjkzZi05OGE0LTRj
N2UtYTBlMS04MDU3YTRmMDg2YzkvMC8xREJEMUQ0N0ZEOEU0NTc0Qzg0MjE3NDND
OUNDNUYwRUY4M0UwRTcxLmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS83MTQ3NmQ2Mi05Y2ZhLTQ4NzEtYTJkOS1mYWRmNTc4MWMxMWIvMi8zMjYxMzEz
NDNhMzE2NTYzMzczYTY2MzAzMDMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM0MzMzNjM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhQex/AAMA0GCSqGSIb3DQEBCwUAA4IBAQCs
ORduCfOLzSrIeb3RojUdWHnfo/rn6UmdlpUNFq05ucBu79OmHnYHmKMhvPUN880/
coB0Gizsth8MIlOqxeDYO0h+a+TaC2CKciibsX4pISiIUw4R7kN4Xic4IvcK8PQZ
lpdYJjWWbKNNEy5hwZjq6qZERwhyn5P7UqZlz5bpG6sw/9P3Xh2Ib0jiUWv0OcnU
i8yQMtHR7Tg3e7a8/HnfnZDCG8KpsuJhyM9lH4MUzJf4BMM4xURkUjZdrWdmZ0lz
6E9hG/wPLpE2B+7HIcY9HvWs7ARlOUjtkjavJsnOZ6/s+3tVYTEFuxnhN9jMiX9H
JkxDoy7KNV/uT8xSRJCm
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:10 2025 by rpki-client