Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
File: 326131343a373538333a3a2f33322d3438203d3e2030.roa (raw, json)
Hash identifier: RlNdC3smI1h0x+mpgxe4OL7qBMjKPYE803S/lgVLCQg=
Subject key identifier: DD:89:E6:4A:62:ED:D7:94:BD:B7:93:32:41:AC:08:CE:61:A9:9C:74
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 200AF012EA776CE7AF9E72F8DB3C582CD06DD5D7
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
Signing time: Fri 03 Jan 2025 13:58:39 +0000
ROA not before: Fri 03 Jan 2025 13:53:39 +0000
ROA not after: Fri 02 Jan 2026 13:58:39 +0000
asID: 0
IP address blocks: 2a14:7583::/32 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0a:f0:12:ea:77:6c:e7:af:9e:72:f8:db:3c:58:2c:d0:6d:d5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Jan 3 13:53:39 2025 GMT
Not After : Jan 2 13:58:39 2026 GMT
Subject: CN=DD89E64A62EDD794BDB7933241AC08CE61A99C74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e2:54:11:3b:75:77:11:ed:dd:4a:52:8b:23:
e7:be:1a:af:6f:dd:48:74:9f:b1:a9:d2:bb:31:0b:
28:5b:2b:a1:f9:97:90:06:9f:2d:b0:7e:35:d3:f6:
b1:d3:4f:c7:ad:1c:dd:7f:8f:78:16:f6:c6:63:9a:
89:cd:bc:6b:73:d6:e3:df:dd:2e:b7:b8:3b:04:9b:
f1:bd:b8:e7:7e:32:75:49:ed:48:c7:7a:2e:ca:97:
ab:24:69:57:63:81:b6:36:47:7e:e7:b4:fb:7d:b8:
b8:bc:f5:d7:97:92:52:ae:fc:08:b8:b6:9d:7c:60:
50:b9:74:b8:b5:48:2d:5e:43:72:0d:3a:21:a7:c7:
9b:6d:9a:5f:2f:6d:72:48:7f:39:0e:b6:d9:54:00:
01:c2:0f:92:c6:a0:bc:1c:41:05:f6:0c:0a:52:72:
f8:92:04:0a:b6:37:f5:c6:02:e0:4d:1a:f7:b0:8e:
b8:5f:1d:a2:56:e4:98:5d:30:49:c2:4f:0c:fc:04:
9d:f2:fd:bc:41:da:fd:58:d2:6b:3c:98:ce:0b:90:
0c:8c:0d:b3:4a:1f:10:78:50:02:cb:17:f0:84:56:
f9:b1:4f:3e:be:7d:e5:df:88:89:e5:bf:01:32:39:
6d:66:94:32:8e:1d:ee:b9:44:ba:dc:9f:df:12:44:
38:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:89:E6:4A:62:ED:D7:94:BD:B7:93:32:41:AC:08:CE:61:A9:9C:74
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538333a3a2f33322d3438203d3e2030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7583::/32
Signature Algorithm: sha256WithRSAEncryption
83:bd:0d:78:d2:c2:8e:ff:bb:06:1b:7a:79:6c:0e:8d:98:a4:
10:83:ff:ea:07:e3:3c:6d:f2:9f:72:30:4f:fb:a9:25:f9:6a:
62:4c:c7:9f:7a:e6:ce:60:07:29:8f:cc:ab:6f:32:25:e2:af:
c4:21:70:1e:a0:b1:12:3b:23:d6:b5:99:4f:57:f4:d1:d3:71:
75:64:ce:f3:9a:bc:bf:67:c1:b7:37:64:25:b6:a9:2f:6d:3d:
c7:00:53:f1:44:1a:fc:e4:d5:86:b5:fd:31:d1:91:dc:ee:39:
e8:43:5a:1f:d4:ff:1f:2c:ff:8f:06:06:06:b2:1d:36:6b:35:
fe:77:16:59:3a:93:30:1c:1f:3b:bc:6b:b1:fa:0d:21:80:65:
11:ce:8c:f1:9a:82:11:bb:e3:cb:64:95:9b:5c:f8:00:2f:e2:
66:73:b6:90:ab:1e:fc:a1:62:6a:2e:37:b3:e1:a7:77:07:59:
84:3e:a2:58:1c:0f:d3:8d:02:fd:47:de:7b:6f:66:81:5b:1d:
e5:1d:9e:b4:ff:ba:58:1f:34:a5:d0:bb:48:5a:c9:84:4c:f1:
1c:23:f2:9f:0d:2a:d2:93:00:0c:41:87:1a:8b:33:c4:fb:2f:
64:0a:7d:ef:0e:8b:d1:dc:1c:0a:4b:ee:b5:2c:48:17:38:6a:
37:19:76:74
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUIArwEup3bOevnnL42zxYLNBt1dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNTAxMDMxMzUzMzlaFw0yNjAxMDIxMzU4MzlaMDMxMTAvBgNV
BAMTKEREODlFNjRBNjJFREQ3OTRCREI3OTMzMjQxQUMwOENFNjFBOTlDNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCE4lQRO3V3Ee3dSlKLI+e+Gq9v
3Uh0n7Gp0rsxCyhbK6H5l5AGny2wfjXT9rHTT8etHN1/j3gW9sZjmonNvGtz1uPf
3S63uDsEm/G9uOd+MnVJ7UjHei7Kl6skaVdjgbY2R37ntPt9uLi89deXklKu/Ai4
tp18YFC5dLi1SC1eQ3INOiGnx5ttml8vbXJIfzkOttlUAAHCD5LGoLwcQQX2DApS
cviSBAq2N/XGAuBNGvewjrhfHaJW5JhdMEnCTwz8BJ3y/bxB2v1Y0ms8mM4LkAyM
DbNKHxB4UALLF/CEVvmxTz6+feXfiInlvwEyOW1mlDKOHe65RLrcn98SRDjjAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU3YnmSmLt15S9t5MyQawIzmGpnHQwHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODMz
M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqFHWDMA0GCSqG
SIb3DQEBCwUAA4IBAQCDvQ140sKO/7sGG3p5bA6NmKQQg//qB+M8bfKfcjBP+6kl
+WpiTMefeubOYAcpj8yrbzIl4q/EIXAeoLESOyPWtZlPV/TR03F1ZM7zmry/Z8G3
N2QltqkvbT3HAFPxRBr85NWGtf0x0ZHc7jnoQ1of1P8fLP+PBgYGsh02azX+dxZZ
OpMwHB87vGux+g0hgGURzozxmoIRu+PLZJWbXPgAL+Jmc7aQqx78oWJqLjez4ad3
B1mEPqJYHA/TjQL9R957b2aBWx3lHZ60/7pYHzSl0LtIWsmETPEcI/KfDSrSkwAM
QYcaizPE+y9kCn3vDovR3BwKS+61LEgXOGo3GXZ0
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:43:12 2025 by rpki-client