Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: BdmHMWjQNnHeh07Q6AHl634DamLOvZ/p2d4GeJCu1Ts=
Subject key identifier: FC:38:AA:FC:1D:D3:D0:30:9E:70:EB:FB:8C:72:F8:D4:86:BA:F4:39
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5ECDD37EF98ABECFB0411BE7DCC797D8C33786BC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:18 +0000
ROA not before: Fri 27 Dec 2024 09:23:18 +0000
ROA not after: Fri 26 Dec 2025 09:28:18 +0000
asID: 29802
IP address blocks: 2a13:9500:7::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:cd:d3:7e:f9:8a:be:cf:b0:41:1b:e7:dc:c7:97:d8:c3:37:86:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:18 2024 GMT
Not After : Dec 26 09:28:18 2025 GMT
Subject: CN=FC38AAFC1DD3D0309E70EBFB8C72F8D486BAF439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:99:85:34:ec:6c:c9:88:3e:e5:2b:d8:03:d7:
b9:29:32:8f:c3:2c:3c:49:18:e8:8f:ef:4b:8d:22:
8b:42:b2:4f:f8:49:54:fa:6c:c6:43:2f:08:3f:39:
72:e8:03:9f:f6:e7:c6:49:6f:e8:f6:98:00:19:f3:
b4:c1:11:8a:ce:9a:83:60:da:09:d5:84:ee:01:e9:
5f:75:5d:67:32:93:00:be:82:aa:28:3b:91:99:fc:
07:63:27:cc:0a:1b:26:bb:0c:bd:ad:1d:b5:b3:cb:
55:c8:85:d4:1e:62:1c:81:e5:15:a6:2d:16:18:e8:
95:79:a0:1c:f1:7f:70:50:08:68:62:95:04:70:72:
6e:8c:cb:0a:d1:5b:2f:f0:f9:3c:0c:2a:cc:5f:6f:
32:40:66:f2:0a:7e:69:45:71:16:ae:a7:ea:23:ba:
9f:c5:2e:d0:dd:8b:8f:ee:cd:41:0a:c7:56:13:01:
8f:0f:ce:6f:09:a5:25:4c:36:15:2b:49:50:02:5b:
39:24:19:8b:9a:04:0d:63:57:3c:e6:83:85:15:25:
12:71:66:0e:c3:8b:be:68:f4:e0:1f:1b:92:e0:15:
5e:90:12:f9:b6:9f:66:01:b9:a0:33:1f:31:b0:6c:
22:b2:42:50:d4:a9:94:f5:f3:73:d8:c7:3b:d5:98:
db:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:38:AA:FC:1D:D3:D0:30:9E:70:EB:FB:8C:72:F8:D4:86:BA:F4:39
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a373a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:7::/48
Signature Algorithm: sha256WithRSAEncryption
69:53:60:b8:57:29:aa:63:bb:3b:a5:f9:1c:d3:b9:a3:69:8e:
6c:f7:1c:02:8a:42:8a:68:fa:bf:21:73:25:06:fd:df:d7:5a:
c2:b2:80:73:5c:47:b5:f2:13:f5:26:b0:d4:09:f0:67:43:1f:
9c:e2:db:cf:f1:5f:ae:09:98:28:f6:34:13:7b:c6:85:36:5b:
be:ee:e4:f0:c0:b3:1d:4e:99:e4:01:d9:03:b1:4c:0b:8e:cc:
67:1b:5d:e2:7b:df:9e:b8:8d:f2:3a:4c:56:5f:bd:90:54:6d:
a3:f8:97:5a:02:c5:50:c4:cc:37:4b:33:e5:2c:30:aa:e3:df:
01:5d:d5:f2:cb:68:8e:d2:8f:4c:48:72:ca:78:3d:fa:45:ca:
62:a3:b1:f7:90:a5:af:71:99:c2:fb:39:db:b6:66:e2:b0:70:
36:ef:43:c5:8e:b7:da:88:2b:2f:a6:a6:f7:8a:93:5d:20:49:
6e:c1:67:64:c4:a7:3c:11:58:7c:2b:32:bb:82:0e:19:b5:40:
a0:39:fa:38:6c:38:f2:ba:01:f7:a8:72:07:15:8e:17:ad:ea:
31:14:17:7d:d4:20:4f:65:a4:dd:55:ce:53:ba:ed:5b:4a:09:
c2:ca:10:19:48:9d:6c:b2:72:ac:c5:e0:f7:c9:6d:79:4a:22:
8e:60:f9:46
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUXs3TfvmKvs+wQRvn3MeX2MM3hrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMThaFw0yNTEyMjYwOTI4MThaMDMxMTAvBgNV
BAMTKEZDMzhBQUZDMUREM0QwMzA5RTcwRUJGQjhDNzJGOEQ0ODZCQUY0MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvmYU07GzJiD7lK9gD17kpMo/D
LDxJGOiP70uNIotCsk/4SVT6bMZDLwg/OXLoA5/258ZJb+j2mAAZ87TBEYrOmoNg
2gnVhO4B6V91XWcykwC+gqooO5GZ/AdjJ8wKGya7DL2tHbWzy1XIhdQeYhyB5RWm
LRYY6JV5oBzxf3BQCGhilQRwcm6MywrRWy/w+TwMKsxfbzJAZvIKfmlFcRaup+oj
up/FLtDdi4/uzUEKx1YTAY8Pzm8JpSVMNhUrSVACWzkkGYuaBA1jVzzmg4UVJRJx
Zg7Di75o9OAfG5LgFV6QEvm2n2YBuaAzHzGwbCKyQlDUqZT183PYxzvVmNuJAgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQU/Diq/B3T0DCecOv7jHL41Ia69DkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzNzNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAcwDQYJKoZIhvcNAQELBQADggEBAGlTYLhXKapjuzul+RzTuaNpjmz3
HAKKQopo+r8hcyUG/d/XWsKygHNcR7XyE/UmsNQJ8GdDH5zi28/xX64JmCj2NBN7
xoU2W77u5PDAsx1OmeQB2QOxTAuOzGcbXeJ73564jfI6TFZfvZBUbaP4l1oCxVDE
zDdLM+UsMKrj3wFd1fLLaI7Sj0xIcsp4PfpFymKjsfeQpa9xmcL7Odu2ZuKwcDbv
Q8WOt9qIKy+mpveKk10gSW7BZ2TEpzwRWHwrMruCDhm1QKA5+jhsOPK6AfeocgcV
jhet6jEUF33UIE9lpN1VzlO67VtKCcLKEBlInWyycqzF4PfJbXlKIo5g+UY=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:13:46 2025 by rpki-client