Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31353a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31353a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: YbeoAwLyOiDZK5UW8/GcVvGNMi5EXO9i4hJputX70Qo=
Subject key identifier: B9:AE:7E:1E:C3:BA:F1:05:A6:23:24:90:99:BE:F6:44:10:93:30:8B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 413D36A956AC2E749A06608E17C1A24B4334FC06
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31353a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:15 +0000
ROA not before: Fri 27 Dec 2024 09:23:15 +0000
ROA not after: Fri 26 Dec 2025 09:28:15 +0000
asID: 9009
IP address blocks: 2a13:9500:15::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:3d:36:a9:56:ac:2e:74:9a:06:60:8e:17:c1:a2:4b:43:34:fc:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:15 2024 GMT
Not After : Dec 26 09:28:15 2025 GMT
Subject: CN=B9AE7E1EC3BAF105A623249099BEF6441093308B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f1:19:0c:6b:37:c2:e0:29:a4:b8:0d:b3:0d:
c6:02:bf:2e:56:8a:68:7d:cf:d9:40:f3:08:9a:54:
78:c7:0d:6e:47:6c:77:62:f4:cf:91:c5:05:b9:70:
01:7c:4d:33:7a:47:34:ea:72:9a:f6:fb:c3:4d:c0:
ed:c5:65:86:fe:6e:51:61:33:c9:74:c2:79:fc:dd:
e9:7e:7a:e7:17:01:24:0e:14:35:f3:b1:4e:1c:e3:
4a:98:da:65:85:fc:80:0d:d4:39:11:58:05:77:89:
cd:70:ec:92:a2:8b:16:92:0e:74:fc:ac:68:06:dd:
06:2a:5c:5e:d5:23:31:83:ec:44:16:d7:95:26:49:
f0:98:96:a7:51:3e:33:e5:08:9b:79:db:f9:e1:16:
e6:27:17:9f:7f:1f:2e:1c:01:3e:cd:73:a2:d9:57:
c8:67:f6:7e:95:b6:5d:36:5e:05:43:e3:6c:05:48:
2a:4e:b1:c1:86:82:b9:7f:03:a1:99:da:db:d2:9e:
38:22:3f:f7:be:5c:2a:e4:ad:c5:8f:83:ac:a8:27:
95:7c:bd:de:e7:71:ee:ea:06:e2:ef:7b:ea:5f:7d:
6d:37:ce:5e:a3:d8:1f:3a:69:73:b2:8f:06:b6:a6:
35:2c:7b:04:40:1e:de:87:ec:39:fb:10:2e:97:58:
89:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:AE:7E:1E:C3:BA:F1:05:A6:23:24:90:99:BE:F6:44:10:93:30:8B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31353a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:15::/48
Signature Algorithm: sha256WithRSAEncryption
50:6a:12:61:6a:3e:4a:70:9a:62:2c:77:be:6e:6b:26:ea:ed:
e0:7a:4c:c6:21:2b:de:37:f2:64:21:1a:12:78:e7:cb:e3:f4:
92:fc:e7:59:a8:28:89:73:eb:68:8a:46:90:6e:0c:75:4c:ab:
9d:70:da:4c:ea:2f:83:f2:b4:09:f6:47:4a:ee:02:0c:29:e5:
61:6f:06:07:1f:b3:05:a3:e0:46:02:a2:ff:28:55:02:72:51:
07:b8:f4:04:f1:8f:a2:10:20:01:1f:e5:b0:95:8f:22:60:4b:
7c:a3:25:e5:19:6e:cd:f0:1f:49:90:5f:6b:08:37:f6:26:82:
7f:0b:81:94:8d:b1:a3:1e:09:99:4a:a0:57:e2:9e:72:5a:88:
96:c4:db:2b:7f:6b:e5:90:35:58:6d:97:5e:c0:13:cc:36:3a:
4e:99:27:75:2b:7e:80:11:fe:fb:a0:38:46:7a:2c:c9:c5:ca:
2b:c7:11:47:b7:ac:d2:8d:de:51:5a:02:20:86:7e:b7:ea:bf:
c4:52:ea:86:6a:19:4f:cf:dd:a1:19:f0:47:3d:ab:4e:c5:4a:
1c:45:c1:4d:6b:30:1d:a2:94:80:e5:43:81:f5:a8:aa:02:0d:
50:e9:07:40:bf:66:36:9b:72:b2:16:fc:bf:9b:bd:02:06:20:
ac:bd:21:e1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUQT02qVasLnSaBmCOF8GiS0M0/AYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTVaFw0yNTEyMjYwOTI4MTVaMDMxMTAvBgNV
BAMTKEI5QUU3RTFFQzNCQUYxMDVBNjIzMjQ5MDk5QkVGNjQ0MTA5MzMwOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu8RkMazfC4CmkuA2zDcYCvy5W
imh9z9lA8wiaVHjHDW5HbHdi9M+RxQW5cAF8TTN6RzTqcpr2+8NNwO3FZYb+blFh
M8l0wnn83el+eucXASQOFDXzsU4c40qY2mWF/IAN1DkRWAV3ic1w7JKiixaSDnT8
rGgG3QYqXF7VIzGD7EQW15UmSfCYlqdRPjPlCJt52/nhFuYnF59/Hy4cAT7Nc6LZ
V8hn9n6Vtl02XgVD42wFSCpOscGGgrl/A6GZ2tvSnjgiP/e+XCrkrcWPg6yoJ5V8
vd7nce7qBuLve+pffW03zl6j2B86aXOyjwa2pjUsewRAHt6H7Dn7EC6XWIkjAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUua5+HsO68QWmIySQmb72RBCTMIswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTM1M2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABUwDQYJKoZIhvcNAQELBQADggEBAFBqEmFqPkpwmmIsd75uaybq7eB6
TMYhK9438mQhGhJ458vj9JL851moKIlz62iKRpBuDHVMq51w2kzqL4PytAn2R0ru
Agwp5WFvBgcfswWj4EYCov8oVQJyUQe49ATxj6IQIAEf5bCVjyJgS3yjJeUZbs3w
H0mQX2sIN/Ymgn8LgZSNsaMeCZlKoFfinnJaiJbE2yt/a+WQNVhtl17AE8w2Ok6Z
J3UrfoAR/vugOEZ6LMnFyivHEUe3rNKN3lFaAiCGfrfqv8RS6oZqGU/P3aEZ8Ec9
q07FShxFwU1rMB2ilIDlQ4H1qKoCDVDpB0C/ZjabcrIW/L+bvQIGIKy9IeE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:10:17 2025 by rpki-client