Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3438203d3e2030.roa
File: 326131343a373538323a3a2f33322d3438203d3e2030.roa (raw, json)
Hash identifier: AZU2MuTelOzLdrqNGvcsx+GO+Oo2S+zkDhogdJGfTFU=
Subject key identifier: A3:CA:89:5E:01:AD:08:06:EE:45:25:E8:DE:45:8C:25:35:E0:E5:94
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 5C6FE9DC6A7E50FE15D350B3F764ADAA7FCC8DB8
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3438203d3e2030.roa
Signing time: Fri 24 Jan 2025 08:05:04 +0000
ROA not before: Fri 24 Jan 2025 08:00:04 +0000
ROA not after: Fri 23 Jan 2026 08:05:04 +0000
asID: 0
IP address blocks: 2a14:7582::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:6f:e9:dc:6a:7e:50:fe:15:d3:50:b3:f7:64:ad:aa:7f:cc:8d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 24 08:00:04 2025 GMT
Not After : Jan 23 08:05:04 2026 GMT
Subject: CN=A3CA895E01AD0806EE4525E8DE458C2535E0E594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:94:e1:75:2c:ba:8f:26:97:1d:a0:29:a0:7b:
d6:14:d6:89:d5:41:87:75:3d:0d:e9:15:da:35:bc:
73:61:45:79:6e:a9:82:5a:6a:7e:4d:09:13:bd:4d:
5e:cc:35:6e:0d:2e:34:52:34:6d:7b:cb:45:60:2d:
41:97:2b:e5:e5:40:7d:57:5a:b4:e3:2b:7f:63:75:
75:fa:7a:29:fc:c2:71:24:09:c6:b0:1f:f8:77:13:
e3:5d:b4:02:26:27:c9:de:30:4f:5c:ba:6b:b4:8b:
15:7c:c9:62:14:6a:70:69:9c:a4:ea:d3:4a:42:5f:
9f:92:77:7a:2d:8f:93:8c:93:79:9b:c4:ed:6b:03:
f7:5f:19:29:30:a7:e7:be:81:ec:aa:0e:77:21:fe:
76:2d:23:31:4c:90:15:bf:ae:a4:8f:3b:5d:be:a3:
e1:0c:dc:63:f4:3c:41:52:8a:e1:aa:d5:04:e5:ca:
57:c2:7a:b9:ba:47:61:ed:7c:8e:1c:cf:b1:b5:12:
03:47:f2:41:45:94:31:22:72:ba:a1:47:03:70:98:
ca:c8:9d:e3:b9:62:19:73:27:f1:f3:9c:57:26:2e:
f9:ee:43:f6:be:c8:55:55:f0:5e:27:57:c5:c8:89:
aa:f2:78:ee:bb:5f:d5:c2:4e:29:66:39:3a:77:2a:
d0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:89:5E:01:AD:08:06:EE:45:25:E8:DE:45:8C:25:35:E0:E5:94
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538323a3a2f33322d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7582::/32
Signature Algorithm: sha256WithRSAEncryption
2e:fb:b7:ee:e8:84:fc:fa:75:20:00:59:82:7f:e4:ef:fd:10:
f8:8c:62:86:97:b9:db:43:88:d5:1c:2f:bd:00:f5:d4:fd:e8:
63:fa:72:f1:30:f1:3c:78:20:77:49:86:0c:45:59:54:fd:ec:
a3:d6:d7:e8:03:84:aa:14:aa:08:d6:f7:e4:68:47:bb:6c:95:
23:61:5b:0c:7c:c9:40:2c:06:46:1c:e0:a4:aa:46:c6:70:1d:
91:96:2f:cd:99:a2:6d:e6:48:d9:f7:15:c5:e4:c1:03:6b:0e:
7b:ec:b8:8d:42:57:61:2d:a5:13:1b:ff:5c:67:7c:83:e4:cf:
15:af:cb:2b:46:7e:54:d5:5d:ea:75:20:cd:2f:0e:72:e0:57:
ce:70:12:68:e5:e7:f8:3f:74:ab:5c:f2:0b:73:21:76:61:00:
35:c9:23:b5:2c:45:bd:41:4e:ed:d7:ca:b2:6a:ff:85:1e:9c:
9d:7e:d6:80:45:81:77:04:fd:df:f3:d8:54:bf:7c:ba:0b:e5:
02:5d:b1:f5:96:af:f1:c8:27:f2:58:b2:5e:b7:11:5e:d8:8d:
8c:25:dc:2f:67:0c:e7:3e:f0:18:b5:f4:6d:14:0d:83:23:b6:
64:1a:a1:56:3c:48:4e:ae:f3:c0:b2:0e:7e:24:14:47:69:45:
cf:15:1d:05
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUXG/p3Gp+UP4V01Cz92Stqn/MjbgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAxMjQwODAwMDRaFw0yNjAxMjMwODA1MDRaMDMxMTAvBgNV
BAMTKEEzQ0E4OTVFMDFBRDA4MDZFRTQ1MjVFOERFNDU4QzI1MzVFMEU1OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxlOF1LLqPJpcdoCmge9YU1onV
QYd1PQ3pFdo1vHNhRXluqYJaan5NCRO9TV7MNW4NLjRSNG17y0VgLUGXK+XlQH1X
WrTjK39jdXX6ein8wnEkCcawH/h3E+NdtAImJ8neME9cumu0ixV8yWIUanBpnKTq
00pCX5+Sd3otj5OMk3mbxO1rA/dfGSkwp+e+geyqDnch/nYtIzFMkBW/rqSPO12+
o+EM3GP0PEFSiuGq1QTlylfCerm6R2HtfI4cz7G1EgNH8kFFlDEicrqhRwNwmMrI
neO5YhlzJ/HznFcmLvnuQ/a+yFVV8F4nV8XIiaryeO67X9XCTilmOTp3KtA5AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUo8qJXgGtCAbuRSXo3kWMJTXg5ZQwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMy
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqFHWCMA0GCSqG
SIb3DQEBCwUAA4IBAQAu+7fu6IT8+nUgAFmCf+Tv/RD4jGKGl7nbQ4jVHC+9APXU
/ehj+nLxMPE8eCB3SYYMRVlU/eyj1tfoA4SqFKoI1vfkaEe7bJUjYVsMfMlALAZG
HOCkqkbGcB2Rli/NmaJt5kjZ9xXF5MEDaw577LiNQldhLaUTG/9cZ3yD5M8Vr8sr
Rn5U1V3qdSDNLw5y4FfOcBJo5ef4P3SrXPILcyF2YQA1ySO1LEW9QU7t18qyav+F
HpydftaARYF3BP3f89hUv3y6C+UCXbH1lq/xyCfyWLJetxFe2I2MJdwvZwznPvAY
tfRtFA2DI7ZkGqFWPEhOrvPAsg5+JBRHaUXPFR0F
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:43:21 2025 by rpki-client