Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d3438203d3e20323134343536.roa
File: 326131343a373538313a3330303a3a2f34302d3438203d3e20323134343536.roa (raw, json)
Hash identifier: TwMdUulxFu1zu/KQavwOkncM5sa2AHXwEfc/6+viYjI=
Subject key identifier: DA:97:B1:A4:FF:40:00:8D:1C:FD:3C:F3:AF:3E:3E:0B:BB:A5:FC:34
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 49339A3677663960034B1112198516083DDA849F
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d3438203d3e20323134343536.roa
Signing time: Tue 28 Jan 2025 00:43:45 +0000
ROA not before: Tue 28 Jan 2025 00:38:45 +0000
ROA not after: Tue 27 Jan 2026 00:43:45 +0000
asID: 214456
IP address blocks: 2a14:7581:300::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:33:9a:36:77:66:39:60:03:4b:11:12:19:85:16:08:3d:da:84:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 28 00:38:45 2025 GMT
Not After : Jan 27 00:43:45 2026 GMT
Subject: CN=DA97B1A4FF40008D1CFD3CF3AF3E3E0BBBA5FC34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:07:22:f1:52:33:ce:b7:8d:4e:63:ac:e0:94:
be:ff:b4:23:5b:79:a1:3a:5c:a3:f5:0f:e7:b6:77:
43:d5:e5:d6:53:f6:41:6f:e4:c9:51:0b:62:fd:81:
10:0f:2f:3f:b1:25:2a:a2:33:43:ec:26:f3:20:ad:
f4:cc:46:3e:b6:6d:05:cc:2b:e3:34:33:21:0e:07:
4b:c6:12:81:c7:9b:1b:20:58:8e:61:75:7b:68:06:
db:9d:3e:9f:f7:25:6f:bf:6f:96:fc:9b:e7:2f:4f:
75:88:c8:ba:7c:17:62:d4:e3:6c:e4:32:65:90:03:
d9:0b:0a:9f:fc:24:ab:60:f5:b9:d7:71:bb:bb:99:
5a:8a:42:98:c6:fd:61:8d:c9:bf:91:92:cd:32:5f:
4e:e7:b1:94:6a:13:dc:cc:b2:8b:f0:b4:5e:e2:3a:
04:18:f2:d3:86:29:16:78:59:69:52:3c:d5:c6:05:
a7:d2:79:3d:24:9b:be:32:90:fc:8a:04:24:92:31:
69:4d:70:fd:5e:fa:47:27:4b:c5:b2:ed:95:0d:a6:
47:4b:c7:9e:7a:0b:1e:52:db:5c:40:34:d2:22:f9:
ac:7f:79:5a:7f:47:ef:7e:d1:32:26:e1:c9:fc:35:
1a:b0:18:97:98:fe:0a:59:fe:8d:9b:0f:12:2b:2f:
1d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:97:B1:A4:FF:40:00:8D:1C:FD:3C:F3:AF:3E:3E:0B:BB:A5:FC:34
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a3330303a3a2f34302d3438203d3e20323134343536.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:300::/40
Signature Algorithm: sha256WithRSAEncryption
5a:0b:46:51:45:42:65:b2:8e:2e:0a:a7:53:c6:62:1f:ea:50:
c8:57:a7:61:2e:68:03:9d:6a:92:b6:b0:89:22:3f:99:be:b3:
77:0a:18:77:21:4b:74:34:5e:ab:c9:91:18:06:1a:10:91:6d:
3a:40:23:56:1a:2c:71:58:14:97:b7:b4:57:9e:5a:f2:91:56:
82:fc:ac:c1:af:c8:82:db:47:f0:ef:ad:16:d7:d7:2b:04:b3:
47:7b:8d:f8:09:10:6f:39:99:4d:d7:f6:08:a8:a0:00:64:12:
41:f7:2a:bb:7b:77:68:74:31:e7:43:04:88:2f:11:24:bb:83:
45:80:d1:1d:ee:27:2f:75:59:5f:8f:23:24:58:87:8f:f6:5a:
5e:4e:96:87:7a:1c:db:e1:b5:1c:29:57:9d:a9:ec:1a:fb:7b:
e2:8f:39:c0:c5:03:a1:2a:7b:18:ac:95:13:6a:72:8f:c4:0a:
fa:f4:8a:31:be:d2:30:de:c3:bb:36:c3:92:08:ae:6b:1f:8f:
2d:f1:b4:2e:ef:2e:a4:2d:84:fe:ec:04:cf:ad:a2:76:da:49:
1f:42:9a:37:6c:0f:e5:cd:92:7d:60:3f:6d:48:a8:96:5d:0c:
c9:c6:58:d7:ca:e6:bf:6d:9b:a2:55:b8:ac:bd:03:0c:82:3c:
4c:cb:a1:1c
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUSTOaNndmOWADSxESGYUWCD3ahJ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAxMjgwMDM4NDVaFw0yNjAxMjcwMDQzNDVaMDMxMTAvBgNV
BAMTKERBOTdCMUE0RkY0MDAwOEQxQ0ZEM0NGM0FGM0UzRTBCQkJBNUZDMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCMByLxUjPOt41OY6zglL7/tCNb
eaE6XKP1D+e2d0PV5dZT9kFv5MlRC2L9gRAPLz+xJSqiM0PsJvMgrfTMRj62bQXM
K+M0MyEOB0vGEoHHmxsgWI5hdXtoBtudPp/3JW+/b5b8m+cvT3WIyLp8F2LU42zk
MmWQA9kLCp/8JKtg9bnXcbu7mVqKQpjG/WGNyb+Rks0yX07nsZRqE9zMsovwtF7i
OgQY8tOGKRZ4WWlSPNXGBafSeT0km74ykPyKBCSSMWlNcP1e+kcnS8Wy7ZUNpkdL
x556Cx5S21xANNIi+ax/eVp/R+9+0TIm4cn8NRqwGJeY/gpZ/o2bDxIrLx3jAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQU2pexpP9AAI0c/Tzzrz4+C7ul/DQwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzMzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzNDM1MzYucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAqFHWBAzANBgkqhkiG9w0BAQsFAAOCAQEAWgtGUUVCZbKOLgqnU8Zi
H+pQyFenYS5oA51qkrawiSI/mb6zdwoYdyFLdDReq8mRGAYaEJFtOkAjVhoscVgU
l7e0V55a8pFWgvyswa/IgttH8O+tFtfXKwSzR3uN+AkQbzmZTdf2CKigAGQSQfcq
u3t3aHQx50MEiC8RJLuDRYDRHe4nL3VZX48jJFiHj/ZaXk6Wh3oc2+G1HClXnans
Gvt74o85wMUDoSp7GKyVE2pyj8QK+vSKMb7SMN7DuzbDkgiuax+PLfG0Lu8upC2E
/uwEz62idtpJH0KaN2wP5c2SfWA/bUioll0MycZY18rmv22bolW4rL0DDII8TMuh
HA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:48 2025 by rpki-client