Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a353030303a3a2f33362d3438203d3e203236303432.roa
File: 326131343a373538343a353030303a3a2f33362d3438203d3e203236303432.roa (raw, json)
Hash identifier: ZgEs7hixete9epKbzHFoSTJ0PbfMu6+IZj5+nf6fu0I=
Subject key identifier: A6:FF:97:F8:DC:D5:0D:FC:B3:C3:CC:CB:F6:58:D4:73:E2:4D:78:4A
Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Certificate serial: 4F3D96E7E110C23B21DA1D32E97435A89BBD63A4
Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a353030303a3a2f33362d3438203d3e203236303432.roa
Signing time: Mon 16 Dec 2024 15:03:12 +0000
ROA not before: Mon 16 Dec 2024 14:58:12 +0000
ROA not after: Mon 15 Dec 2025 15:03:12 +0000
asID: 26042
IP address blocks: 2a14:7584:5000::/36 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Feb 2025 00:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:3d:96:e7:e1:10:c2:3b:21:da:1d:32:e9:74:35:a8:9b:bd:63:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772
Validity
Not Before: Dec 16 14:58:12 2024 GMT
Not After : Dec 15 15:03:12 2025 GMT
Subject: CN=A6FF97F8DCD50DFCB3C3CCCBF658D473E24D784A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:81:6f:2a:7c:d7:ec:e5:00:e1:2e:c5:21:75:
0b:96:8b:09:02:95:e2:d6:69:79:af:62:c4:f2:c4:
e3:c8:6e:f5:5f:b3:6e:91:32:57:5a:b2:85:5d:82:
2b:c8:3d:4c:35:07:df:bc:e5:f7:47:3d:32:f9:59:
eb:3b:2a:bb:e0:85:9e:d7:2c:f3:68:5d:cf:16:6a:
c7:3d:c0:91:ad:0e:9e:40:b6:1e:03:90:b0:00:b9:
fb:49:57:27:da:5f:52:07:a1:ee:0f:6a:f6:4a:d8:
ec:1e:48:07:bd:1e:60:05:6a:09:f3:bf:ad:93:41:
de:7d:00:d7:b9:cf:12:47:df:c0:f6:59:e7:63:ff:
30:f1:c4:71:6b:ad:ec:7c:66:c0:a7:aa:bb:49:49:
19:44:65:03:cb:29:43:94:99:b0:3c:f5:64:23:2e:
6c:80:51:aa:16:6d:a3:75:d3:4d:81:10:ca:8b:ef:
02:f7:ff:b7:e0:e4:e0:f1:a0:e3:c0:b3:73:51:3a:
7f:26:92:fb:be:59:e6:45:a3:5e:ac:cf:eb:32:f4:
22:ba:2c:f8:c2:16:d8:e5:00:b5:e8:c8:3a:89:f1:
20:cc:e0:b0:14:76:44:4b:bb:65:41:38:c0:72:c1:
59:a2:52:86:e9:2c:47:2d:1d:c8:b1:26:30:de:48:
a8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FF:97:F8:DC:D5:0D:FC:B3:C3:CC:CB:F6:58:D4:73:E2:4D:78:4A
X509v3 Authority Key Identifier:
keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/326131343a373538343a353030303a3a2f33362d3438203d3e203236303432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:7584:5000::/36
Signature Algorithm: sha256WithRSAEncryption
57:79:77:7a:ce:c7:02:fb:c0:a3:ce:7d:57:40:94:11:a3:05:
e0:77:4b:c3:43:dd:c1:21:f7:18:e2:98:22:7c:1e:0e:cd:76:
b9:41:24:da:fc:57:d1:64:97:91:68:3b:b8:77:6c:e4:3a:25:
ba:60:b6:4a:38:e1:95:92:67:20:c4:27:f0:61:35:04:26:3b:
21:59:53:5b:7e:dd:08:b9:02:95:f7:a0:65:c2:55:a1:c9:80:
e3:6c:41:15:53:c8:92:60:dd:9e:73:25:87:f1:97:cd:ca:9d:
4d:b4:9d:3b:0b:c1:8c:6e:c3:6b:62:4f:cd:90:7f:69:56:85:
af:33:58:2f:90:c7:c9:bb:e7:ea:01:1a:f7:97:79:3f:c7:79:
47:0b:fb:df:32:7d:e9:67:8a:5e:be:dc:e8:5d:6a:12:5b:f5:
28:06:22:a1:b8:58:6a:3e:07:34:6a:87:fd:24:06:4b:7f:fb:
36:ce:84:63:25:06:f5:38:58:2e:c4:ab:27:8d:c2:3f:d9:e9:
50:83:74:6b:61:b7:10:e9:4a:76:b5:50:f7:0c:41:f6:17:9f:
63:84:bb:d7:d6:ec:62:98:43:f9:43:f3:80:9d:fd:09:2d:22:
de:8a:71:e9:a6:08:25:cf:85:d1:9b:27:04:f7:41:19:66:6c:
7a:da:22:88
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUTz2W5+EQwjsh2h0y6XQ1qJu9Y6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj
Y2ZkMzc3MjAeFw0yNDEyMTYxNDU4MTJaFw0yNTEyMTUxNTAzMTJaMDMxMTAvBgNV
BAMTKEE2RkY5N0Y4RENENTBERkNCM0MzQ0NDQkY2NThENDczRTI0RDc4NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDigW8qfNfs5QDhLsUhdQuWiwkC
leLWaXmvYsTyxOPIbvVfs26RMldasoVdgivIPUw1B9+85fdHPTL5Wes7KrvghZ7X
LPNoXc8Wasc9wJGtDp5Ath4DkLAAuftJVyfaX1IHoe4PavZK2OweSAe9HmAFagnz
v62TQd59ANe5zxJH38D2Wedj/zDxxHFrrex8ZsCnqrtJSRlEZQPLKUOUmbA89WQj
LmyAUaoWbaN1002BEMqL7wL3/7fg5ODxoOPAs3NROn8mkvu+WeZFo16sz+sy9CK6
LPjCFtjlALXoyDqJ8SDM4LAUdkRLu2VBOMBywVmiUobpLEctHcixJjDeSKgNAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUpv+X+NzVDfyzw8zL9ljUc+JNeEowHwYDVR0j
BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz
ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16
OU4zSS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODkyNzBmNmMt
YTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2YzODI0LzAvMzI2MTMxMzQzYTM3MzUzODM0
M2EzNTMwMzAzMDNhM2EyZjMzMzYyZDM0MzgyMDNkM2UyMDMyMzYzMDM0MzIucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQqFHWEUDANBgkqhkiG9w0BAQsFAAOCAQEAV3l3es7HAvvAo859V0CU
EaMF4HdLw0PdwSH3GOKYInweDs12uUEk2vxX0WSXkWg7uHds5DolumC2SjjhlZJn
IMQn8GE1BCY7IVlTW37dCLkClfegZcJVocmA42xBFVPIkmDdnnMlh/GXzcqdTbSd
OwvBjG7Da2JPzZB/aVaFrzNYL5DHybvn6gEa95d5P8d5Rwv73zJ96WeKXr7c6F1q
Elv1KAYiobhYaj4HNGqH/SQGS3/7Ns6EYyUG9ThYLsSrJ43CP9npUIN0a2G3EOlK
drVQ9wxB9hefY4S719bsYphD+UPzgJ39CS0i3opx6aYIJc+F0ZsnBPdBGWZsetoi
iA==
-----END CERTIFICATE-----
Generated at Sat Apr 5 05:15:06 2025 by rpki-client