Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6665393a3a2f34382d3438203d3e20323133353439.roa
File: 326131343a373538313a6665393a3a2f34382d3438203d3e20323133353439.roa (raw, json)
Hash identifier: x3XxMbCLwcDphrtjMX36IvbGoWclwPuLRwUsyVVRUEY=
Subject key identifier: 05:98:AA:56:8F:26:0E:24:2D:35:05:4A:B6:C5:FF:DD:4D:74:81:08
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 538E06D6E0A42BC9E34A0AC7CDD308D12F6F1EF9
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6665393a3a2f34382d3438203d3e20323133353439.roa
Signing time: Wed 22 Jan 2025 14:15:23 +0000
ROA not before: Wed 22 Jan 2025 14:10:23 +0000
ROA not after: Wed 21 Jan 2026 14:15:23 +0000
asID: 213549
IP address blocks: 2a14:7581:fe9::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:8e:06:d6:e0:a4:2b:c9:e3:4a:0a:c7:cd:d3:08:d1:2f:6f:1e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 22 14:10:23 2025 GMT
Not After : Jan 21 14:15:23 2026 GMT
Subject: CN=0598AA568F260E242D35054AB6C5FFDD4D748108
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:01:78:e2:d1:21:9f:f0:91:b5:78:28:83:22:
ad:c0:3a:20:89:69:33:21:d6:b5:17:ec:84:e4:6f:
5b:3d:09:b7:70:f0:f9:14:bc:b6:38:60:5c:ac:a8:
f7:b3:21:b1:fe:0a:c1:20:ac:a6:7c:24:3f:a6:94:
7c:0c:d7:88:41:89:69:c7:c5:da:4f:cc:39:eb:e0:
fc:e2:d1:16:be:a7:ad:97:3d:ef:0d:89:26:91:91:
d8:a0:29:69:52:ff:ab:3b:69:47:da:39:ae:b6:1b:
01:61:4b:04:8b:28:ef:67:d5:62:e4:eb:a2:05:bc:
c3:ba:b0:7c:f3:e0:bf:3d:39:59:50:7e:78:d2:50:
5c:b9:c1:c9:ef:d1:ca:c0:97:f9:f0:74:61:96:8d:
d4:d3:31:f5:ab:0e:42:7e:0d:4f:65:58:51:47:74:
22:3f:04:a3:80:dc:3d:9d:0c:69:9c:da:25:1a:66:
75:00:6b:29:44:fe:fe:40:62:5d:f6:67:d3:ef:30:
cb:43:17:6b:84:91:e0:32:92:f5:39:98:fc:0b:6e:
60:88:58:46:cf:8c:09:e5:66:1c:c9:92:01:92:42:
84:47:c0:0b:31:ee:2b:a8:1c:90:cc:06:a9:b4:cf:
7c:84:c9:58:11:44:0d:31:df:de:4c:70:50:ad:7f:
b8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:98:AA:56:8F:26:0E:24:2D:35:05:4A:B6:C5:FF:DD:4D:74:81:08
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6665393a3a2f34382d3438203d3e20323133353439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:fe9::/48
Signature Algorithm: sha256WithRSAEncryption
1f:fb:5c:30:63:48:aa:e1:92:1c:08:4f:5e:e3:22:0d:a3:24:
da:97:0a:39:26:8c:a7:bc:84:7e:2a:bd:38:6b:14:73:ef:77:
5e:a1:c4:1a:2d:84:db:47:8f:14:5d:61:5a:69:25:dc:16:27:
a1:aa:6a:6b:09:3b:f6:41:44:d4:7f:ba:68:cc:6c:20:e0:07:
d6:6f:49:6f:ff:20:79:87:e2:1c:72:48:fc:50:37:00:a8:31:
87:39:01:18:cc:e1:42:a1:10:0f:b8:2b:92:66:06:4b:a0:0d:
be:d3:65:f8:09:ba:23:6f:84:8c:07:67:ab:4e:78:40:4c:e6:
16:a3:be:f9:18:27:50:d8:df:7c:00:6f:ee:1f:d2:6e:14:a3:
a0:f0:24:3f:b6:26:2d:7c:18:26:fb:8b:71:c9:97:b0:5f:bd:
a1:66:27:29:66:a3:08:67:97:6b:4f:97:ff:17:8e:29:e1:5a:
1c:34:b5:a3:2f:ca:a1:27:c4:71:56:c1:c8:cc:8f:b2:05:1b:
68:ab:72:ba:a0:a1:dd:58:3c:2c:6b:61:4a:51:32:1b:4e:b5:
ee:68:4e:d7:53:ba:5b:c3:a6:08:37:7f:f3:92:16:3d:23:e4:
67:b4:d0:f8:95:61:f4:20:b9:b0:32:44:88:cc:25:53:2b:a6:
c5:6d:54:6e
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgIUU44G1uCkK8njSgrHzdMI0S9vHvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAxMjIxNDEwMjNaFw0yNjAxMjExNDE1MjNaMDMxMTAvBgNV
BAMTKDA1OThBQTU2OEYyNjBFMjQyRDM1MDU0QUI2QzVGRkRENEQ3NDgxMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXAXji0SGf8JG1eCiDIq3AOiCJ
aTMh1rUX7ITkb1s9Cbdw8PkUvLY4YFysqPezIbH+CsEgrKZ8JD+mlHwM14hBiWnH
xdpPzDnr4Pzi0Ra+p62XPe8NiSaRkdigKWlS/6s7aUfaOa62GwFhSwSLKO9n1WLk
66IFvMO6sHzz4L89OVlQfnjSUFy5wcnv0crAl/nwdGGWjdTTMfWrDkJ+DU9lWFFH
dCI/BKOA3D2dDGmc2iUaZnUAaylE/v5AYl32Z9PvMMtDF2uEkeAykvU5mPwLbmCI
WEbPjAnlZhzJkgGSQoRHwAsx7iuoHJDMBqm0z3yEyVgRRA0x395McFCtf7jpAgMB
AAGjggJIMIICRDAdBgNVHQ4EFgQUBZiqVo8mDiQtNQVKtsX/3U10gQgwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjY1MzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMxMzMzNTM0Mzkucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAqFHWBD+kwDQYJKoZIhvcNAQELBQADggEBAB/7XDBjSKrhkhwIT17j
Ig2jJNqXCjkmjKe8hH4qvThrFHPvd16hxBothNtHjxRdYVppJdwWJ6GqamsJO/ZB
RNR/umjMbCDgB9ZvSW//IHmH4hxySPxQNwCoMYc5ARjM4UKhEA+4K5JmBkugDb7T
ZfgJuiNvhIwHZ6tOeEBM5hajvvkYJ1DY33wAb+4f0m4Uo6DwJD+2Ji18GCb7i3HJ
l7BfvaFmJylmowhnl2tPl/8XjinhWhw0taMvyqEnxHFWwcjMj7IFG2ircrqgod1Y
PCxrYUpRMhtOte5oTtdTulvDpgg3f/OSFj0j5Ge00PiVYfQgubAyRIjMJVMrpsVt
VG4=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:46:41 2025 by rpki-client