Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666393a3a2f34382d3438203d3e2030.roa
File: 326131343a373538313a6666393a3a2f34382d3438203d3e2030.roa (raw, json)
Hash identifier: FS2VPA7aVuexP9eRT6RQKDo+Odb/qSzhl060rO/GWFI=
Subject key identifier: 91:42:DA:76:56:09:DB:46:E6:18:38:E7:C5:60:4F:1A:0A:8E:B8:84
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 41E34D6BA14C40DC1D3C5E6B5BC9A2E2BC502349
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666393a3a2f34382d3438203d3e2030.roa
Signing time: Thu 12 Dec 2024 04:24:29 +0000
ROA not before: Thu 12 Dec 2024 04:19:29 +0000
ROA not after: Thu 11 Dec 2025 04:24:29 +0000
asID: 0
IP address blocks: 2a14:7581:ff9::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:e3:4d:6b:a1:4c:40:dc:1d:3c:5e:6b:5b:c9:a2:e2:bc:50:23:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Dec 12 04:19:29 2024 GMT
Not After : Dec 11 04:24:29 2025 GMT
Subject: CN=9142DA765609DB46E61838E7C5604F1A0A8EB884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:53:13:d0:03:c2:be:12:4c:b7:2d:19:a9:a0:
f7:9d:94:8d:24:cf:46:a8:63:67:64:4b:d8:d0:00:
b5:85:ba:a9:1d:47:35:d0:40:0c:45:5d:cb:78:eb:
c8:39:7b:e6:e6:fd:eb:0c:99:5f:ab:35:39:1f:91:
7d:2e:25:62:10:e4:c3:20:39:56:93:34:79:57:d8:
2f:e8:f7:9c:a8:ae:62:0d:93:5f:e3:3e:ec:c1:4e:
01:59:ff:21:3e:19:ba:d9:fc:9d:97:c9:1e:33:5d:
10:ea:46:8f:46:e0:7f:5d:00:2a:eb:ba:2a:cc:f7:
c3:ce:6d:ab:ad:f9:f9:9e:70:eb:16:14:50:80:1e:
66:fb:1f:67:4a:c2:4f:e8:25:b4:ca:03:92:02:d1:
7e:b7:79:e0:8b:40:ad:b2:38:d4:d2:dd:13:81:99:
31:e8:a1:23:bd:16:e1:54:8e:27:23:e7:e8:4e:e8:
49:1c:81:5f:34:ef:fc:9d:7b:52:be:a3:31:21:57:
06:cc:16:fa:b1:bd:e4:66:db:4e:fb:aa:25:a3:0a:
cd:5f:97:9c:f8:f9:bd:fe:1d:c7:8c:7c:0d:ab:6f:
61:09:5f:ec:2f:0e:7e:fd:9e:df:8c:e2:1a:85:d3:
99:62:95:a0:cd:44:d7:b4:b2:a1:1a:1a:c7:26:9a:
2c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:42:DA:76:56:09:DB:46:E6:18:38:E7:C5:60:4F:1A:0A:8E:B8:84
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538313a6666393a3a2f34382d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7581:ff9::/48
Signature Algorithm: sha256WithRSAEncryption
82:e3:00:7a:9e:1b:46:16:c6:91:a6:ea:6d:95:21:ea:23:8f:
12:6a:54:a8:3f:ed:f7:ef:1f:6d:de:81:f9:5b:d4:cf:51:d6:
25:ca:d8:c7:fc:ab:df:4f:cc:ec:5b:d1:6f:13:e4:e7:ef:81:
16:74:4f:c9:be:fa:a6:6c:c8:d0:7d:a0:a2:35:c5:05:f4:22:
a5:d3:2c:b2:7a:36:25:ce:20:b8:33:89:a4:60:44:a6:02:be:
f6:82:7b:85:a8:6b:23:e0:65:4c:4c:e7:ba:76:d9:6a:36:81:
eb:fd:6f:41:ec:9d:a8:0a:9a:37:1a:07:ad:97:e2:56:ce:aa:
a4:cc:e6:bf:54:6f:6b:f2:36:6a:2e:22:70:84:b6:6e:9e:02:
1b:3b:16:d0:b6:bb:42:d7:82:f6:75:a3:b0:ff:3d:bc:e1:2c:
bd:3c:97:0e:b4:69:9f:ee:ee:0f:0d:e8:5c:cd:7b:a8:d3:ea:
cb:a2:16:16:e6:ea:f2:ad:39:10:e4:1c:f7:4a:cb:ba:51:1e:
c3:e5:f1:7f:fb:64:bc:e5:8b:85:d9:7a:b0:88:71:38:15:64:
1a:c5:69:49:e5:76:09:8a:ab:18:98:d8:61:7a:26:da:61:67:
17:75:ac:f1:48:68:a6:49:d0:1d:ab:6e:62:d6:ce:47:6e:40:
1c:9c:ad:e2
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUQeNNa6FMQNwdPF5rW8mi4rxQI0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEyMTIwNDE5MjlaFw0yNTEyMTEwNDI0MjlaMDMxMTAvBgNV
BAMTKDkxNDJEQTc2NTYwOURCNDZFNjE4MzhFN0M1NjA0RjFBMEE4RUI4ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvUxPQA8K+Eky3LRmpoPedlI0k
z0aoY2dkS9jQALWFuqkdRzXQQAxFXct468g5e+bm/esMmV+rNTkfkX0uJWIQ5MMg
OVaTNHlX2C/o95yormINk1/jPuzBTgFZ/yE+GbrZ/J2XyR4zXRDqRo9G4H9dACrr
uirM98PObaut+fmecOsWFFCAHmb7H2dKwk/oJbTKA5IC0X63eeCLQK2yONTS3ROB
mTHooSO9FuFUjicj5+hO6EkcgV807/yde1K+ozEhVwbMFvqxveRm2077qiWjCs1f
l5z4+b3+HceMfA2rb2EJX+wvDn79nt+M4hqF05lilaDNRNe0sqEaGscmmizbAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUkULadlYJ20bmGDjnxWBPGgqOuIQwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMx
M2E2NjY2MzkzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoU
dYEP+TANBgkqhkiG9w0BAQsFAAOCAQEAguMAep4bRhbGkabqbZUh6iOPEmpUqD/t
9+8fbd6B+VvUz1HWJcrYx/yr30/M7FvRbxPk5++BFnRPyb76pmzI0H2gojXFBfQi
pdMssno2Jc4guDOJpGBEpgK+9oJ7hahrI+BlTEznunbZajaB6/1vQeydqAqaNxoH
rZfiVs6qpMzmv1Rva/I2ai4icIS2bp4CGzsW0La7QteC9nWjsP89vOEsvTyXDrRp
n+7uDw3oXM17qNPqy6IWFubq8q05EOQc90rLulEew+Xxf/tkvOWLhdl6sIhxOBVk
GsVpSeV2CYqrGJjYYXom2mFnF3Ws8UhopknQHatuYtbOR25AHJyt4g==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:44:17 2025 by rpki-client