Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31623a3a2f34382d3438203d3e2039303039.roa
File: 326131333a393530303a31623a3a2f34382d3438203d3e2039303039.roa (raw, json)
Hash identifier: nSKDLBvDv26OID0W45HIXbRbelBkKbgkWWNLygSWX14=
Subject key identifier: 07:15:9E:A3:BC:3F:10:A6:87:CB:CC:E4:60:1D:D9:EB:2C:07:95:9F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0A1F1D225A8C16BA7E89A41F9FDDEACC50EA1E2D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31623a3a2f34382d3438203d3e2039303039.roa
Signing time: Fri 27 Dec 2024 09:28:17 +0000
ROA not before: Fri 27 Dec 2024 09:23:17 +0000
ROA not after: Fri 26 Dec 2025 09:28:17 +0000
asID: 9009
IP address blocks: 2a13:9500:1b::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1f:1d:22:5a:8c:16:ba:7e:89:a4:1f:9f:dd:ea:cc:50:ea:1e:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:17 2024 GMT
Not After : Dec 26 09:28:17 2025 GMT
Subject: CN=07159EA3BC3F10A687CBCCE4601DD9EB2C07959F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:ef:21:49:5a:83:ee:b8:37:93:66:22:31:
f5:b8:24:4f:c3:7a:2b:93:07:c1:5c:2b:c6:a2:85:
48:65:c2:34:3d:7b:ca:af:fe:4f:a3:cb:45:bc:68:
b8:83:11:1a:fd:80:c6:4e:4f:2e:aa:0f:5f:32:96:
a8:53:ab:d9:95:a5:98:2b:83:a1:4b:ce:97:2c:01:
dd:4a:43:27:85:f5:5f:94:05:ad:ae:59:e1:42:cf:
9e:d0:62:0a:a8:97:6b:0b:fa:ac:97:e6:ec:90:76:
2d:e3:1d:24:a0:c0:ef:ef:9d:4b:da:2a:87:b6:e9:
a6:74:0f:64:a6:23:cd:fc:5d:88:e3:eb:be:bd:35:
38:f4:8f:dc:63:17:22:ea:ea:85:a2:71:c8:cf:ac:
e9:31:4c:ad:90:d2:6c:a6:c0:c6:90:08:55:ee:a4:
c5:c3:35:dc:7c:73:60:e8:2d:05:57:c6:3a:bd:62:
48:e1:a0:c2:35:70:ac:23:27:94:4e:b0:fe:3b:10:
a1:17:ee:3e:13:aa:3f:63:a2:ef:65:a6:e9:76:6b:
d7:3c:8f:51:2a:a0:47:d3:d8:f8:5b:bb:dc:ea:08:
bb:88:a2:27:7d:1b:a7:0f:b6:bd:57:10:b3:c0:1f:
57:3e:ae:d8:c6:c9:45:5f:2a:d6:b0:5e:54:b6:69:
4d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:15:9E:A3:BC:3F:10:A6:87:CB:CC:E4:60:1D:D9:EB:2C:07:95:9F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a31623a3a2f34382d3438203d3e2039303039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:1b::/48
Signature Algorithm: sha256WithRSAEncryption
11:4c:52:d8:0f:70:1e:97:6e:5a:84:b0:3b:f1:bd:ae:bc:34:
f0:14:81:ac:a3:78:a7:30:e6:d8:6d:7a:b5:3d:b1:e0:8d:35:
71:3f:7a:f4:0b:90:24:a4:d9:5e:41:29:5c:b7:23:d9:6b:cb:
0a:f7:95:4f:eb:c8:37:54:f8:e3:92:ac:6d:fc:72:10:9c:0a:
2d:e1:46:02:2c:e3:92:69:a8:0e:2f:3e:ba:1c:7b:2a:2a:3f:
98:ae:66:a0:f6:bd:73:fe:17:63:76:0a:d9:88:a0:3a:f4:be:
da:46:3f:09:96:1e:c6:e7:e1:af:31:93:51:86:1e:2e:3d:61:
1b:90:83:65:ca:a2:5a:98:91:95:e8:ef:5d:a1:09:f7:97:e4:
11:66:b0:40:66:be:c2:19:11:af:fe:e7:66:f3:94:4b:e3:4a:
1e:71:65:61:bc:8b:98:1c:92:8b:51:78:57:96:0c:d8:8d:db:
b6:23:0d:e3:94:0f:9b:c6:3b:6c:70:43:2b:45:7e:df:06:b6:
02:65:c1:a9:80:ba:e7:06:7c:18:3b:1a:c7:d6:98:0f:25:96:
ef:8c:ef:97:66:1f:89:a2:0e:2a:51:73:6a:ab:a3:2a:fc:ef:
ca:07:e5:25:ba:71:b3:75:e8:d7:9e:47:23:ef:54:ca:cb:ec:
fb:8a:8c:d1
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUCh8dIlqMFrp+iaQfn93qzFDqHi0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTdaFw0yNTEyMjYwOTI4MTdaMDMxMTAvBgNV
BAMTKDA3MTU5RUEzQkMzRjEwQTY4N0NCQ0NFNDYwMUREOUVCMkMwNzk1OUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwxu8hSVqD7rg3k2YiMfW4JE/D
eiuTB8FcK8aihUhlwjQ9e8qv/k+jy0W8aLiDERr9gMZOTy6qD18ylqhTq9mVpZgr
g6FLzpcsAd1KQyeF9V+UBa2uWeFCz57QYgqol2sL+qyX5uyQdi3jHSSgwO/vnUva
Koe26aZ0D2SmI838XYjj6769NTj0j9xjFyLq6oWiccjPrOkxTK2Q0mymwMaQCFXu
pMXDNdx8c2DoLQVXxjq9YkjhoMI1cKwjJ5ROsP47EKEX7j4Tqj9jou9lpul2a9c8
j1EqoEfT2Phbu9zqCLuIoid9G6cPtr1XELPAH1c+rtjGyUVfKtawXlS2aU0RAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUBxWeo7w/EKaHy8zkYB3Z6ywHlZ8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzMTYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzkzMDMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAABswDQYJKoZIhvcNAQELBQADggEBABFMUtgPcB6XblqEsDvxva68NPAU
gayjeKcw5thterU9seCNNXE/evQLkCSk2V5BKVy3I9lrywr3lU/ryDdU+OOSrG38
chCcCi3hRgIs45JpqA4vProceyoqP5iuZqD2vXP+F2N2CtmIoDr0vtpGPwmWHsbn
4a8xk1GGHi49YRuQg2XKolqYkZXo712hCfeX5BFmsEBmvsIZEa/+52bzlEvjSh5x
ZWG8i5gckotReFeWDNiN27YjDeOUD5vGO2xwQytFft8GtgJlwamAuucGfBg7GsfW
mA8llu+M75dmH4miDipRc2qroyr878oH5SW6cbN16NeeRyPvVMrL7PuKjNE=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:10:18 2025 by rpki-client