Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396634303a3a2f34342d3438203d3e20323133353439.roa
File: 326131343a373538313a396634303a3a2f34342d3438203d3e20323133353439.roa (raw, json)
Hash identifier: cXFo2tUCgK9ARsfwbQhc9pG3z2rfsykl+vlRz9xNf6Y=
Subject key identifier: 08:FF:B7:C0:C4:27:75:90:03:6C:B3:83:FA:F7:D5:05:F0:41:CF:C8
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 3F33A18A920D7B273EDF521C85201B662C854D66
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396634303a3a2f34342d3438203d3e20323133353439.roa
Signing time: Thu 23 Jan 2025 02:12:59 +0000
ROA not before: Thu 23 Jan 2025 02:07:59 +0000
ROA not after: Thu 22 Jan 2026 02:12:59 +0000
asID: 213549
IP address blocks: 2a14:7581:9f40::/44 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:33:a1:8a:92:0d:7b:27:3e:df:52:1c:85:20:1b:66:2c:85:4d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 23 02:07:59 2025 GMT
Not After : Jan 22 02:12:59 2026 GMT
Subject: CN=08FFB7C0C4277590036CB383FAF7D505F041CFC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:3d:2f:b7:9c:85:71:b0:88:1b:15:ee:f5:
10:ad:07:d3:ca:92:f1:06:70:a9:7a:65:cc:37:c9:
64:38:a3:09:c9:8d:20:18:2a:4f:ec:a4:3c:3f:dc:
34:c6:0b:66:f8:8c:f0:39:5f:f9:2b:50:14:8b:9f:
a9:cc:71:7c:d2:94:12:73:f0:8f:02:6a:fb:ec:46:
1a:c9:df:11:4b:b6:1f:1d:c4:d6:81:1e:f0:f3:e2:
b8:0c:70:f2:f3:b7:26:9b:29:c1:20:d9:ba:05:ea:
dc:b8:a2:f2:d6:80:54:97:73:c6:e5:c8:8a:c6:1e:
13:60:00:d4:fb:15:36:d2:7e:75:c2:ef:ee:28:66:
86:ac:17:8d:96:bc:44:c9:ad:49:37:88:67:53:6e:
0c:34:b3:75:fc:5b:61:57:31:6d:94:c4:12:9f:0d:
d6:7c:b1:2e:9f:09:62:ca:3c:6a:00:e5:8f:5b:47:
88:74:09:21:da:8e:2f:3e:ba:f3:7f:80:97:e1:bb:
a0:21:7a:9f:fe:7a:13:8a:e7:11:83:fe:42:60:1f:
3f:fa:62:2d:c6:d9:6d:5e:0a:ea:76:b5:a8:a5:e4:
e7:5a:6f:95:bf:3c:13:6c:a4:ab:aa:aa:76:1e:01:
11:6b:20:48:bd:35:7d:e4:66:3a:1d:25:a1:b7:02:
e1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FF:B7:C0:C4:27:75:90:03:6C:B3:83:FA:F7:D5:05:F0:41:CF:C8
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a396634303a3a2f34342d3438203d3e20323133353439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:9f40::/44
Signature Algorithm: sha256WithRSAEncryption
80:04:f6:4f:bd:a4:ab:fb:f5:ed:2a:c4:4d:07:ae:3c:24:7c:
af:56:0e:21:3b:d5:b9:98:ae:11:37:b5:fe:33:f8:c0:b6:27:
d7:b1:9a:55:99:87:10:0a:d6:51:97:e6:81:a9:35:40:6d:4d:
c5:e2:3e:0a:19:29:75:05:a2:26:b0:75:96:15:49:c4:72:c7:
82:c3:1c:09:8f:bf:7f:88:cb:aa:b0:ad:71:ef:00:42:1b:7a:
79:1f:19:cf:fb:cc:11:27:64:a6:98:89:40:c7:27:d2:3b:01:
40:de:22:c3:a9:72:6f:c9:db:b4:0d:5e:23:3a:90:5c:08:9b:
0d:a2:94:a1:81:43:c7:43:2a:06:ce:11:1b:2c:b4:ee:a6:53:
34:4f:e7:fb:fe:50:b3:bc:cd:c1:8f:09:c0:68:6c:cc:a0:70:
89:72:59:cc:21:bb:53:13:fd:15:c9:68:c7:ad:29:43:7d:e5:
d3:5d:b5:12:42:b8:2a:9c:4d:cc:b3:35:52:a3:f6:2b:65:a5:
e1:06:87:77:18:2c:9e:84:74:c8:f8:67:10:39:7f:67:83:fc:
73:05:a2:42:9c:bb:ee:82:c6:af:e5:1d:7c:c8:84:d9:9a:5c:
81:ee:89:50:e3:2c:0e:17:00:b5:3d:22:74:15:87:38:c8:69:
a0:db:4c:ff
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUPzOhipINeyc+31IchSAbZiyFTWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAxMjMwMjA3NTlaFw0yNjAxMjIwMjEyNTlaMDMxMTAvBgNV
BAMTKDA4RkZCN0MwQzQyNzc1OTAwMzZDQjM4M0ZBRjdENTA1RjA0MUNGQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCojj0vt5yFcbCIGxXu9RCtB9PK
kvEGcKl6Zcw3yWQ4ownJjSAYKk/spDw/3DTGC2b4jPA5X/krUBSLn6nMcXzSlBJz
8I8CavvsRhrJ3xFLth8dxNaBHvDz4rgMcPLztyabKcEg2boF6ty4ovLWgFSXc8bl
yIrGHhNgANT7FTbSfnXC7+4oZoasF42WvETJrUk3iGdTbgw0s3X8W2FXMW2UxBKf
DdZ8sS6fCWLKPGoA5Y9bR4h0CSHaji8+uvN/gJfhu6Ahep/+ehOK5xGD/kJgHz/6
Yi3G2W1eCup2tail5Odab5W/PBNspKuqqnYeARFrIEi9NX3kZjodJaG3AuELAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUCP+3wMQndZADbLOD+vfVBfBBz8gwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2EzOTY2MzQzMDNhM2EyZjM0MzQyZDM0MzgyMDNkM2UyMDMyMzEzMzM1MzQzOS5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEw
DwQCAAIwCQMHBCoUdYGfQDANBgkqhkiG9w0BAQsFAAOCAQEAgAT2T72kq/v17SrE
TQeuPCR8r1YOITvVuZiuETe1/jP4wLYn17GaVZmHEArWUZfmgak1QG1NxeI+Chkp
dQWiJrB1lhVJxHLHgsMcCY+/f4jLqrCtce8AQht6eR8Zz/vMESdkppiJQMcn0jsB
QN4iw6lyb8nbtA1eIzqQXAibDaKUoYFDx0MqBs4RGyy07qZTNE/n+/5Qs7zNwY8J
wGhszKBwiXJZzCG7UxP9Fclox60pQ33l0121EkK4KpxNzLM1UqP2K2Wl4QaHdxgs
noR0yPhnEDl/Z4P8cwWiQpy77oLGr+UdfMiE2Zpcge6JUOMsDhcAtT0idBWHOMhp
oNtM/w==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:48:03 2025 by rpki-client