Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
File: 326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa (raw, json)
Hash identifier: zN6waZbAjgcakEUtPA3UVMRv+1WPpW6Exe3lgd1vCb0=
Subject key identifier: BB:A4:57:41:DE:E4:44:02:64:6F:C9:D6:FA:A2:EB:E8:4C:F6:12:9B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 768F945767751EB5B0A335F01A99B4503A303B5D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
Signing time: Fri 27 Dec 2024 09:28:14 +0000
ROA not before: Fri 27 Dec 2024 09:23:14 +0000
ROA not after: Fri 26 Dec 2025 09:28:14 +0000
asID: 29802
IP address blocks: 2a13:9500:9::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:8f:94:57:67:75:1e:b5:b0:a3:35:f0:1a:99:b4:50:3a:30:3b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:23:14 2024 GMT
Not After : Dec 26 09:28:14 2025 GMT
Subject: CN=BBA45741DEE44402646FC9D6FAA2EBE84CF6129B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:91:3c:21:55:3c:c2:bd:1e:23:f0:4d:67:60:
54:3c:52:8a:d6:3a:8d:af:c8:06:61:d9:74:ee:7e:
b2:11:9c:4d:ef:35:7b:fa:35:3b:27:52:c8:55:78:
fb:4f:ff:29:ac:d5:b9:48:71:89:af:79:85:e2:d5:
41:45:ce:ed:c7:8c:96:cf:7a:55:21:36:f9:ff:e5:
90:aa:9b:c2:09:27:a7:e6:cd:95:43:c9:d4:5e:2e:
68:9e:b5:b4:62:22:51:4c:da:7a:8f:7a:08:ac:70:
be:fb:9b:45:8f:23:6a:54:55:3c:79:9b:e4:d5:ab:
3f:d1:b6:c1:9e:ad:21:64:23:2b:8b:c7:2d:3a:65:
0a:bc:94:11:3e:09:f1:89:fc:d9:28:d6:29:ab:81:
dc:3c:c2:8b:02:2d:56:eb:2f:65:a0:a7:3e:9f:f8:
b9:ad:eb:5f:2b:ba:6c:bd:22:c5:32:53:c1:3c:99:
82:08:c1:40:ec:50:ed:55:d9:22:4c:1a:f1:99:6d:
b3:55:db:7e:fd:7a:e9:da:6a:fe:9a:a9:81:fc:63:
f4:8e:42:3b:c5:94:33:ca:02:75:90:a2:c4:ce:5a:
9f:cf:91:c4:ee:c3:e1:a1:f8:5f:74:7d:0e:09:e7:
57:83:34:ae:84:c1:c3:90:2c:41:e1:38:ce:78:f9:
b0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A4:57:41:DE:E4:44:02:64:6F:C9:D6:FA:A2:EB:E8:4C:F6:12:9B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/326131333a393530303a393a3a2f34382d3438203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:9500:9::/48
Signature Algorithm: sha256WithRSAEncryption
21:3b:ff:58:7c:2b:15:5d:41:4c:d4:b7:a8:47:fb:4e:07:e8:
60:e1:5e:68:b0:2e:d2:da:50:c2:5d:8c:bd:f0:a2:b1:16:a2:
8b:f5:6e:98:97:4b:16:d7:b8:21:6e:f9:8b:68:09:06:88:c1:
81:4a:1c:93:89:d2:8f:96:55:39:ce:c0:6f:36:f1:3f:21:85:
31:36:7b:18:96:50:e3:cf:b2:69:e5:0f:84:84:27:54:14:71:
71:cc:cb:58:5d:da:26:13:9f:3e:80:66:a9:45:25:45:86:45:
ec:15:fe:84:84:ed:b8:66:6e:fc:8c:d9:8b:fe:26:5d:af:4b:
18:fa:a4:8b:58:7b:a1:82:d7:f7:1c:04:d7:82:d3:02:a4:fc:
15:75:5c:c3:58:70:d8:13:47:ab:e8:26:75:75:37:70:1d:18:
d8:81:4d:ad:a0:cb:f5:4a:21:a2:29:79:f8:77:4f:43:3f:f8:
79:e0:01:49:b1:4b:08:9c:23:23:b6:e7:6c:be:d2:08:a0:2b:
ba:12:dc:a1:b9:56:51:ef:9a:46:83:ab:3a:26:d4:7d:cc:e3:
4b:d7:71:a2:f2:77:b3:0b:ed:b2:8f:61:25:eb:55:dd:2c:12:
9a:74:48:1e:d5:6a:5b:bf:53:89:a0:2b:3e:dc:f5:9a:85:fd:
1c:bc:27:a2
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIUdo+UV2d1HrWwozXwGpm0UDowO10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTIzMTRaFw0yNTEyMjYwOTI4MTRaMDMxMTAvBgNV
BAMTKEJCQTQ1NzQxREVFNDQ0MDI2NDZGQzlENkZBQTJFQkU4NENGNjEyOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZkTwhVTzCvR4j8E1nYFQ8UorW
Oo2vyAZh2XTufrIRnE3vNXv6NTsnUshVePtP/yms1blIcYmveYXi1UFFzu3HjJbP
elUhNvn/5ZCqm8IJJ6fmzZVDydReLmietbRiIlFM2nqPegiscL77m0WPI2pUVTx5
m+TVqz/RtsGerSFkIyuLxy06ZQq8lBE+CfGJ/Nko1imrgdw8wosCLVbrL2Wgpz6f
+Lmt618rumy9IsUyU8E8mYIIwUDsUO1V2SJMGvGZbbNV2379eunaav6aqYH8Y/SO
QjvFlDPKAnWQosTOWp/PkcTuw+Gh+F90fQ4J51eDNK6EwcOQLEHhOM54+bC/AgMB
AAGjggJCMIICPjAdBgNVHQ4EFgQUu6RXQd7kRAJkb8nW+qLr6Ez2EpswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzI2MTMxMzMzYTM5MzUzMDMw
M2EzOTNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkD
BwAqE5UAAAkwDQYJKoZIhvcNAQELBQADggEBACE7/1h8KxVdQUzUt6hH+04H6GDh
XmiwLtLaUMJdjL3worEWoov1bpiXSxbXuCFu+YtoCQaIwYFKHJOJ0o+WVTnOwG82
8T8hhTE2exiWUOPPsmnlD4SEJ1QUcXHMy1hd2iYTnz6AZqlFJUWGRewV/oSE7bhm
bvyM2Yv+Jl2vSxj6pItYe6GC1/ccBNeC0wKk/BV1XMNYcNgTR6voJnV1N3AdGNiB
Ta2gy/VKIaIpefh3T0M/+HngAUmxSwicIyO252y+0gigK7oS3KG5VlHvmkaDqzom
1H3M40vXcaLyd7ML7bKPYSXrVd0sEpp0SB7Valu/U4mgKz7c9ZqF/Ry8J6I=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:15:16 2025 by rpki-client