Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a393061303a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: OR8xM9pMHZ28HaWIlP/1+1Y0stVROWkAX2dYNvZ+pvU=
Subject key identifier: B6:17:71:27:8F:E5:A7:74:57:7D:5D:CF:C0:E0:EA:CF:4F:B5:44:39
Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial: 6EF2368392A9909380E69D8FD4BFF8949630A13C
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34382d3438203d3e20323135333634.roa
Signing time: Fri 16 Aug 2024 15:38:40 +0000
ROA not before: Fri 16 Aug 2024 15:33:40 +0000
ROA not after: Fri 15 Aug 2025 15:38:40 +0000
asID: 215364
IP address blocks: 2a14:7581:90a0::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 29 Dec 2024 19:29:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:f2:36:83:92:a9:90:93:80:e6:9d:8f:d4:bf:f8:94:96:30:a1:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Validity
Not Before: Aug 16 15:33:40 2024 GMT
Not After : Aug 15 15:38:40 2025 GMT
Subject: CN=B61771278FE5A774577D5DCFC0E0EACF4FB54439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:4e:a9:4e:5d:90:ec:23:d9:d4:e4:5d:7b:
90:d8:50:b7:65:76:01:8e:bc:50:4f:2c:4c:a0:0d:
6f:05:05:02:ce:18:ac:c3:8f:4a:34:d5:36:5d:32:
4d:dd:ed:87:40:b4:ae:da:62:98:8e:06:e6:0f:a6:
e7:90:e4:b7:86:f2:da:c7:33:43:95:ba:f4:4c:06:
c7:9f:b4:d9:ca:67:df:24:94:4a:2c:29:f8:a2:b5:
7e:20:9f:6e:82:da:9e:1e:92:a9:81:0b:a7:35:4f:
3e:32:f3:43:7a:10:84:7a:96:07:d8:8b:97:ab:0a:
23:b9:2e:16:c5:6e:d4:08:d4:36:0f:06:02:3f:e1:
f7:b8:96:dd:90:65:08:42:68:8e:44:7f:0e:9f:ab:
68:cf:e4:5a:4e:c9:fa:00:17:85:cc:65:d2:0f:1c:
de:38:6e:0a:a9:1f:be:9c:d6:84:1a:86:f6:e7:05:
bc:9f:16:cd:0e:c5:fd:f8:f2:14:96:e7:e5:f3:24:
a3:65:f3:69:5b:d2:8b:56:b4:6e:f7:da:27:3f:19:
30:95:dc:07:b1:9e:2d:27:27:71:ac:42:0f:c4:5c:
c2:cb:21:27:bf:27:5e:e8:df:c3:c5:69:d1:c0:21:
c5:87:06:be:0d:1e:1c:8a:57:f9:03:67:f5:94:25:
60:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:17:71:27:8F:E5:A7:74:57:7D:5D:CF:C0:E0:EA:CF:4F:B5:44:39
X509v3 Authority Key Identifier:
keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061303a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:90a0::/48
Signature Algorithm: sha256WithRSAEncryption
6f:f7:45:32:20:c0:0e:e6:d3:db:61:70:35:b1:a9:96:01:3f:
3c:65:34:79:55:86:42:8c:91:4e:d0:5d:26:95:71:8f:38:55:
90:18:67:f5:10:31:44:a1:3b:9e:2a:69:0b:5a:c9:4e:9a:de:
89:64:5f:8f:61:0a:1e:4b:79:01:2a:bd:b9:ca:12:a8:42:75:
4b:0a:f9:ed:72:50:be:75:7c:bd:eb:1d:17:8a:a4:75:71:be:
a2:c1:f1:61:92:05:6c:58:a6:71:8a:0b:26:2c:77:95:b8:71:
ca:db:4e:3c:bd:4d:6c:b8:0e:0f:fc:1e:74:4c:77:24:38:44:
c9:aa:4e:f4:6a:65:af:05:e1:ba:ae:b8:05:71:b7:1e:78:b1:
f1:ff:03:8c:21:01:ee:1a:a3:fd:68:45:c0:f3:e7:08:09:b0:
54:33:e0:3f:a9:d8:99:35:02:22:30:36:f5:d2:d2:db:d8:52:
02:89:ef:05:17:68:4e:17:e6:2c:e2:2d:1d:08:40:97:f3:45:
5f:4e:ff:1d:a8:df:1a:e2:df:3c:88:64:62:71:f7:6e:6d:94:
47:f1:d6:39:95:8e:e2:00:6c:65:2e:65:bb:49:c8:e6:dd:0f:
b8:9f:a8:c6:77:11:b8:04:94:16:7d:f7:c2:f6:f1:52:ff:84:
c7:24:6b:a9
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUbvI2g5KpkJOA5p2P1L/4lJYwoTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNDA4MTYxNTMzNDBaFw0yNTA4MTUxNTM4NDBaMDMxMTAvBgNV
BAMTKEI2MTc3MTI3OEZFNUE3NzQ1NzdENURDRkMwRTBFQUNGNEZCNTQ0MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8Bk6pTl2Q7CPZ1ORde5DYULdl
dgGOvFBPLEygDW8FBQLOGKzDj0o01TZdMk3d7YdAtK7aYpiOBuYPpueQ5LeG8trH
M0OVuvRMBseftNnKZ98klEosKfiitX4gn26C2p4ekqmBC6c1Tz4y80N6EIR6lgfY
i5erCiO5LhbFbtQI1DYPBgI/4fe4lt2QZQhCaI5Efw6fq2jP5FpOyfoAF4XMZdIP
HN44bgqpH76c1oQahvbnBbyfFs0Oxf348hSW5+XzJKNl82lb0otWtG732ic/GTCV
3Aexni0nJ3GsQg/EXMLLISe/J17o38PFadHAIcWHBr4NHhyKV/kDZ/WUJWBVAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUthdxJ4/lp3RXfV3PwODqz0+1RDkwHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzA2MTMwM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZCgMA0GCSqGSIb3DQEBCwUAA4IBAQBv
90UyIMAO5tPbYXA1samWAT88ZTR5VYZCjJFO0F0mlXGPOFWQGGf1EDFEoTueKmkL
WslOmt6JZF+PYQoeS3kBKr25yhKoQnVLCvntclC+dXy96x0XiqR1cb6iwfFhkgVs
WKZxigsmLHeVuHHK2048vU1suA4P/B50THckOETJqk70amWvBeG6rrgFcbceeLHx
/wOMIQHuGqP9aEXA8+cICbBUM+A/qdiZNQIiMDb10tLb2FICie8FF2hOF+Ys4i0d
CECX80VfTv8dqN8a4t88iGRicfdubZRH8dY5lY7iAGxlLmW7Scjm3Q+4n6jGdxG4
BJQWfffC9vFS/4THJGup
-----END CERTIFICATE-----
Generated at Sat Apr 5 07:34:14 2025 by rpki-client