Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: 59oXV9zAKrjqe8Oub9P21f+aOCcvlaPHGWD1vZDX/pU=
Subject key identifier: 12:69:04:1B:F1:AF:48:3C:EA:5C:71:AD:11:C0:D8:11:85:D5:AA:FF
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5EBF0A400535864D5196D329641C2D61022312A1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:18 +0000
ROA not before: Fri 27 Dec 2024 09:23:18 +0000
ROA not after: Fri 26 Dec 2025 09:28:18 +0000
asID: 9009
IP address blocks: 2a13:9500:10::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:bf:0a:40:05:35:86:4d:51:96:d3:29:64:1c:2d:61:02:23:12:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:18 2024 GMT
Not After : Dec 26 09:28:18 2025 GMT
Subject: CN=1269041BF1AF483CEA5C71AD11C0D81185D5AAFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:2a:b5:90:4d:36:cb:06:62:7c:16:5b:35:
9c:f6:99:00:44:0a:24:d6:4a:f1:76:80:e2:22:63:
07:44:58:38:f1:31:d7:cb:9d:50:ce:92:35:6f:3d:
4f:4e:71:1e:18:05:26:b9:d0:26:db:d2:30:df:e7:
45:2e:ae:3b:14:f8:da:af:87:f7:a5:ba:4e:8b:7b:
d6:75:7b:64:89:4d:31:7c:26:11:e2:1c:18:05:8f:
b2:e4:66:d6:3b:a9:a3:a8:4e:60:f2:80:a3:ae:7a:
49:e0:0c:88:0d:d9:13:a9:e0:41:91:f7:11:12:38:
49:9c:64:e1:dc:60:c0:bd:c2:2f:75:9d:83:28:78:
5e:23:c3:2c:f0:68:a6:f9:67:eb:d9:c6:9e:b8:41:
7a:2c:04:68:cc:51:77:7d:21:79:27:64:ed:ef:c6:
69:e7:90:de:1a:26:07:14:25:e9:cd:b2:fd:b1:95:
8b:14:7a:d4:a8:ec:f7:7f:b2:d0:a2:a6:79:09:a4:
18:64:37:a9:94:c8:2a:70:a3:12:6c:51:69:5b:b9:
a6:bc:96:5b:63:0c:1b:b9:c6:05:65:6f:a5:2d:31:
e0:1d:19:7b:2a:4c:9e:b4:48:47:09:67:8d:07:6e:
f8:51:74:6b:04:49:1f:aa:37:55:60:68:c7:60:f4:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:69:04:1B:F1:AF:48:3C:EA:5C:71:AD:11:C0:D8:11:85:D5:AA:FF
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31303a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:10::/48
Signature Algorithm: sha256WithRSAEncryption
99:37:fd:0b:66:3b:7f:ef:c6:9d:72:30:c8:52:08:e9:2e:38:
7d:32:61:f8:ad:60:35:5c:19:a5:7f:97:b2:ad:91:2b:a9:06:
d3:39:b6:72:f4:2b:af:8a:67:43:c0:02:93:9b:ed:dc:ac:39:
0b:df:3b:5a:cc:ab:76:69:fa:64:01:3b:9e:fb:2e:6e:74:14:
f0:34:da:b8:c2:8a:51:bf:22:77:ff:75:8a:d9:a3:b2:cc:fb:
59:bc:42:49:f6:2d:50:b9:b3:b1:86:ef:fa:63:65:b0:42:f8:
fa:c8:ed:d0:3d:51:ba:e8:16:47:2f:d4:e7:d8:48:65:1d:7c:
11:aa:56:f7:7f:fb:ad:b2:34:5a:33:3d:c9:d9:90:87:2e:3c:
70:e6:3b:ff:ae:ba:a5:2c:b4:0d:4f:a3:b7:48:45:9f:8f:3b:
2a:51:39:de:1f:06:36:a8:5f:39:2f:e1:d9:da:c2:51:ae:1c:
d0:64:a3:87:10:2f:a3:0a:71:d7:8b:e1:0e:bd:15:b4:87:c8:
68:68:a7:c1:69:fe:a8:3a:eb:97:55:fc:40:83:1b:0d:d9:56:
ba:b8:94:62:34:19:c9:fd:c4:ca:c3:3a:97:e7:13:ce:f8:8f:
2d:2d:aa:d0:9d:da:e5:3d:62:8b:c1:7a:e9:c2:38:84:a6:38:
fd:90:51:15
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUXr8KQAU1hk1RltMpZBwtYQIjEqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMThaFw0yNTEyMjYwOTI4MThaMDMxMTAvBgNV
BAMTKDEyNjkwNDFCRjFBRjQ4M0NFQTVDNzFBRDExQzBEODExODVENUFBRkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Ryq1kE02ywZifBZbNZz2mQBE
CiTWSvF2gOIiYwdEWDjxMdfLnVDOkjVvPU9OcR4YBSa50Cbb0jDf50UurjsU+Nqv
h/eluk6Le9Z1e2SJTTF8JhHiHBgFj7LkZtY7qaOoTmDygKOuekngDIgN2ROp4EGR
9xESOEmcZOHcYMC9wi91nYMoeF4jwyzwaKb5Z+vZxp64QXosBGjMUXd9IXknZO3v
xmnnkN4aJgcUJenNsv2xlYsUetSo7Pd/stCipnkJpBhkN6mUyCpwoxJsUWlbuaa8
lltjDBu5xgVlb6UtMeAdGXsqTJ60SEcJZ40HbvhRdGsESR+qN1VgaMdg9NKJAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUEmkEG/GvSDzqXHGtEcDYEYXVqv8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABAwDQYJKoZIhvcNAQELBQADggEBAJk3/QtmO3/vxp1yMMhSCOkuOH0y
YfitYDVcGaV/l7KtkSupBtM5tnL0K6+KZ0PAApOb7dysOQvfO1rMq3Zp+mQBO577
Lm50FPA02rjCilG/Inf/dYrZo7LM+1m8Qkn2LVC5s7GG7/pjZbBC+PrI7dA9Ubro
Fkcv1OfYSGUdfBGqVvd/+62yNFozPcnZkIcuPHDmO/+uuqUstA1Po7dIRZ+POypR
Od4fBjaoXzkv4dnawlGuHNBko4cQL6MKcdeL4Q69FbSHyGhop8Fp/qg665dV/ECD
Gw3ZVrq4lGI0Gcn9xMrDOpfnE874jy0tqtCd2uU9YovBeunCOISmOP2QURU=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:10:11 2025 by rpki-client