Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061613a3a2f34382d3438203d3e20323135333634.roa
File: 326131343a373538313a393061613a3a2f34382d3438203d3e20323135333634.roa (raw, json)
Hash identifier: xZsi1cRuVwLPMkPSmQ7hOy9XHVisgoaJSKiGt0O2OFs=
Subject key identifier: 90:27:F6:CD:21:B8:7C:21:88:14:29:E1:F9:73:BF:C3:C1:45:42:5F
Certificate issuer: /CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Certificate serial: 02312D32C1BB1E3B7520C8E1C1C409FC9582B40F
Authority key identifier: A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
Authority info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061613a3a2f34382d3438203d3e20323135333634.roa
Signing time: Mon 04 Nov 2024 14:27:11 +0000
ROA not before: Mon 04 Nov 2024 14:22:11 +0000
ROA not after: Mon 03 Nov 2025 14:27:11 +0000
asID: 215364
IP address blocks: 2a14:7581:90aa::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 29 Dec 2024 19:29:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:31:2d:32:c1:bb:1e:3b:75:20:c8:e1:c1:c4:09:fc:95:82:b4:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A1EE5D09A0F5D0D87611013175C62E35777DA926
Validity
Not Before: Nov 4 14:22:11 2024 GMT
Not After : Nov 3 14:27:11 2025 GMT
Subject: CN=9027F6CD21B87C21881429E1F973BFC3C145425F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1d:a9:9f:92:ec:36:e9:59:2a:b2:99:d1:d0:
db:c5:03:22:8c:80:40:c2:0d:32:7a:a1:c4:a4:41:
b7:e8:aa:e7:ad:2d:ce:09:47:14:1a:3d:83:55:dc:
22:02:d2:bc:df:ef:b4:c3:c9:32:aa:d8:76:75:0d:
74:0f:78:2b:c1:ac:9b:68:58:0a:ea:4b:7d:6b:33:
29:37:9b:be:8a:23:ac:19:fc:8a:ad:40:91:ca:80:
43:eb:6d:b3:6c:d3:05:08:f3:2a:6f:9f:2b:4f:5a:
70:7d:ad:da:e1:c1:04:b3:86:94:71:6e:80:e0:fd:
e5:a1:a2:89:1b:9b:46:de:cd:ff:be:a2:cd:f0:be:
d4:01:64:c0:e3:c2:38:5f:2b:47:d3:f7:ca:32:4b:
5c:52:50:25:43:f1:f9:be:c5:29:c5:bf:4a:37:e4:
b1:cd:e4:37:27:17:07:ed:ca:d9:29:ba:b0:1f:4f:
a7:c0:bc:d6:0e:9e:10:86:28:87:c7:ae:50:95:f6:
15:a8:d4:87:f7:f7:5d:5d:71:3f:8a:32:02:5b:52:
06:9a:72:ec:dd:55:cd:96:81:08:6f:be:cc:7e:78:
d4:f1:71:b8:a6:d6:cf:20:64:bb:9d:ea:34:75:59:
6a:e1:97:3e:d4:1b:0c:7a:02:44:d6:91:4e:12:5c:
b8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:27:F6:CD:21:B8:7C:21:88:14:29:E1:F9:73:BF:C3:C1:45:42:5F
X509v3 Authority Key Identifier:
keyid:A1:EE:5D:09:A0:F5:D0:D8:76:11:01:31:75:C6:2E:35:77:7D:A9:26
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.crl
Authority Information Access:
CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A1EE5D09A0F5D0D87611013175C62E35777DA926.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/855c7d5a-15c4-4589-85fa-b491a071048c/0/326131343a373538313a393061613a3a2f34382d3438203d3e20323135333634.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:90aa::/48
Signature Algorithm: sha256WithRSAEncryption
95:31:1a:33:c0:8d:c8:ba:25:8b:c7:2b:43:71:15:a8:b2:e0:
c5:84:55:56:b9:3a:29:52:63:3b:ab:32:b5:17:a1:49:1c:0e:
f2:f6:c1:b4:3c:52:80:2f:4e:6e:20:62:ec:52:7b:60:34:ac:
63:3f:eb:d4:87:d9:7c:c7:ed:4c:27:47:8a:47:0e:a9:b5:82:
eb:ac:7b:f8:ca:4f:3a:20:78:44:37:fc:e4:8d:98:7c:90:8f:
d4:88:71:10:fb:16:66:f9:46:2c:eb:fb:f1:fe:ab:c8:ad:43:
7a:0d:52:52:b2:95:01:eb:52:ac:f6:20:85:67:48:af:77:90:
5b:8e:24:b3:99:33:f0:66:59:ee:d8:33:29:ee:f5:d0:45:41:
73:b3:95:fc:dd:2a:96:3a:11:a7:38:83:25:42:95:21:e8:5c:
ec:c3:9d:5a:53:2a:79:5e:23:32:13:3d:fb:86:ae:e5:59:53:
47:b1:ba:6c:e6:78:fa:85:34:5a:ed:71:6c:35:7e:c6:ad:ad:
a7:9c:27:67:de:4a:64:e6:a1:1e:b5:55:8f:cd:8a:60:48:bd:
49:af:a6:2b:03:81:33:74:60:8b:8e:41:49:30:18:5f:5a:b7:
87:4b:66:83:8f:7c:9a:a2:1d:bb:22:a8:60:f9:92:0e:8a:9f:
a9:ef:d2:5a
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgIUAjEtMsG7Hjt1IMjhwcQJ/JWCtA8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3
NzdEQTkyNjAeFw0yNDExMDQxNDIyMTFaFw0yNTExMDMxNDI3MTFaMDMxMTAvBgNV
BAMTKDkwMjdGNkNEMjFCODdDMjE4ODE0MjlFMUY5NzNCRkMzQzE0NTQyNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMHamfkuw26VkqspnR0NvFAyKM
gEDCDTJ6ocSkQbfoquetLc4JRxQaPYNV3CIC0rzf77TDyTKq2HZ1DXQPeCvBrJto
WArqS31rMyk3m76KI6wZ/IqtQJHKgEPrbbNs0wUI8ypvnytPWnB9rdrhwQSzhpRx
boDg/eWhookbm0bezf++os3wvtQBZMDjwjhfK0fT98oyS1xSUCVD8fm+xSnFv0o3
5LHN5DcnFwftytkpurAfT6fAvNYOnhCGKIfHrlCV9hWo1If3911dcT+KMgJbUgaa
cuzdVc2WgQhvvsx+eNTxcbim1s8gZLud6jR1WWrhlz7UGwx6AkTWkU4SXLgnAgMB
AAGjggKFMIICgTAdBgNVHQ4EFgQUkCf2zSG4fCGIFCnh+XO/w8FFQl8wHwYDVR0j
BBgwFoAUoe5dCaD10Nh2EQExdcYuNXd9qSYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODU1YzdkNWEtMTVjNC00NTg5LTg1ZmEtYjQ5MWEwNzEw
NDhjLzAvQTFFRTVEMDlBMEY1RDBEODc2MTEwMTMxNzVDNjJFMzU3NzdEQTkyNi5j
cmwwgZ4GCCsGAQUFBwEBBIGRMIGOMIGLBggrBgEFBQcwAoZ/cnN5bmM6Ly9yc3lu
Yy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS84OTI3MGY2Yy1hM2ZlLTQy
OTktYjA3OS0zMDllZDk3ZjM4MjQvMC9BMUVFNUQwOUEwRjVEMEQ4NzYxMTAxMzE3
NUM2MkUzNTc3N0RBOTI2LmNlcjCBtwYIKwYBBQUHAQsEgaowgacwgaQGCCsGAQUF
BzALhoGXcnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS84NTVjN2Q1YS0xNWM0LTQ1ODktODVmYS1iNDkxYTA3MTA0OGMvMC8zMjYxMzEz
NDNhMzczNTM4MzEzYTM5MzA2MTYxM2EzYTJmMzQzODJkMzQzODIwM2QzZTIwMzIz
MTM1MzMzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUF
BwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1gZCqMA0GCSqGSIb3DQEBCwUAA4IBAQCV
MRozwI3IuiWLxytDcRWosuDFhFVWuTopUmM7qzK1F6FJHA7y9sG0PFKAL05uIGLs
UntgNKxjP+vUh9l8x+1MJ0eKRw6ptYLrrHv4yk86IHhEN/zkjZh8kI/UiHEQ+xZm
+UYs6/vx/qvIrUN6DVJSspUB61Ks9iCFZ0ivd5BbjiSzmTPwZlnu2DMp7vXQRUFz
s5X83SqWOhGnOIMlQpUh6Fzsw51aUyp5XiMyEz37hq7lWVNHsbps5nj6hTRa7XFs
NX7Gra2nnCdn3kpk5qEetVWPzYpgSL1Jr6YrA4EzdGCLjkFJMBhfWreHS2aDj3ya
oh27Iqhg+ZIOip+p79Ja
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:05:21 2025 by rpki-client