Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/38352e3139332e37372e302f32342d3234203d3e203136353039.roa
File: 38352e3139332e37372e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: NaO3QFzKeEmVmsVAoJ92EOlN/YunRq9UG8ygXgIwKpg=
Subject key identifier: 91:41:C8:11:8B:4E:9A:29:F2:D3:27:4C:9C:F2:3E:ED:1B:AF:D4:F7
Certificate issuer: /CN=ca1437e9f35edc54a3c0cd31167b996e60de1504
Certificate serial: 41D6D6100C04F0199ECB4AA47D871CAC887F4477
Authority key identifier: CA:14:37:E9:F3:5E:DC:54:A3:C0:CD:31:16:7B:99:6E:60:DE:15:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhQ36fNe3FSjwM0xFnuZbmDeFQQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/38352e3139332e37372e302f32342d3234203d3e203136353039.roa
Signing time: Wed 09 Jul 2025 08:57:42 +0000
ROA not before: Wed 09 Jul 2025 08:52:42 +0000
ROA not after: Wed 08 Jul 2026 08:57:42 +0000
asID: 16509
IP address blocks: 85.193.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Jul 2025 12:20:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:d6:d6:10:0c:04:f0:19:9e:cb:4a:a4:7d:87:1c:ac:88:7f:44:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1437e9f35edc54a3c0cd31167b996e60de1504
Validity
Not Before: Jul 9 08:52:42 2025 GMT
Not After : Jul 8 08:57:42 2026 GMT
Subject: CN=9141C8118B4E9A29F2D3274C9CF23EED1BAFD4F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:76:be:0f:71:0b:ee:3c:24:94:c8:c2:6a:0f:
7d:69:f2:8f:4e:01:e5:17:5a:73:d8:47:87:02:10:
d4:32:3c:94:a0:f8:2d:28:5f:83:cd:36:be:0b:ee:
0a:0a:22:9f:c4:c2:3d:d0:40:e3:6f:94:08:9f:09:
54:11:e7:cb:b6:fb:ab:dd:18:d1:2e:b3:dc:3b:57:
0a:69:c4:14:59:b6:78:64:dd:35:98:9c:ff:f4:6e:
78:10:97:6f:17:ec:78:6f:8d:67:08:ab:83:9c:24:
c8:67:84:52:fb:1d:c6:70:e9:61:8e:a9:06:70:43:
f4:7d:08:84:0b:57:d0:1e:34:bd:24:89:23:9a:57:
3e:e6:08:80:e1:da:21:29:37:a9:94:08:c2:bf:60:
64:a4:54:0e:6f:97:f1:31:d5:e7:bf:af:74:a9:14:
41:39:e2:b5:d9:73:f7:fe:56:55:40:b5:ac:7e:a7:
7b:51:7f:cb:fd:1d:74:96:fc:fe:62:28:a0:11:5f:
5e:94:7e:32:67:35:e4:70:e7:56:da:df:17:8b:1a:
32:4b:d9:65:a4:7e:d8:55:5b:b8:cd:b9:23:ee:37:
f5:af:ed:71:1a:a7:31:ec:7a:3f:67:13:a7:57:5f:
39:c1:c5:22:fd:95:58:97:0b:91:22:f7:73:3c:e2:
d0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:41:C8:11:8B:4E:9A:29:F2:D3:27:4C:9C:F2:3E:ED:1B:AF:D4:F7
X509v3 Authority Key Identifier:
keyid:CA:14:37:E9:F3:5E:DC:54:A3:C0:CD:31:16:7B:99:6E:60:DE:15:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/CA1437E9F35EDC54A3C0CD31167B996E60DE1504.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhQ36fNe3FSjwM0xFnuZbmDeFQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/53bd2bc1-4ea6-4bc5-a2a5-97e465472776/0/38352e3139332e37372e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.77.0/24
Signature Algorithm: sha256WithRSAEncryption
54:93:08:86:8f:8e:fe:5e:4e:c6:92:e5:ce:03:0f:32:a1:82:
13:bf:b1:db:5b:52:43:d6:b7:13:06:e1:e0:71:16:d2:87:3f:
8f:5d:5d:22:f9:b9:0f:66:51:1d:7a:67:67:98:6b:9b:c5:59:
20:36:9d:81:42:de:b8:10:c6:74:42:cf:9e:aa:d6:c0:6a:fb:
11:97:0d:a6:58:3b:08:42:e7:b3:c8:3d:ad:92:88:10:62:85:
cf:7d:95:6d:f2:b6:1d:98:1d:9c:31:ba:03:5a:31:de:c3:92:
10:9e:95:6d:5e:32:9d:bf:ba:11:50:1c:ce:3e:09:e8:33:a6:
ae:d3:ba:eb:a8:d0:4d:fc:54:6e:91:cf:6d:31:d4:31:70:3d:
cb:04:ff:b4:ae:2e:c3:2f:30:69:fc:1e:a3:ba:7c:4c:1c:44:
14:5f:1e:69:04:04:64:21:37:0c:68:0e:05:09:03:26:05:6f:
a8:de:1f:8e:06:cc:a2:a0:b3:46:7d:a1:4b:51:ea:c5:fa:9a:
22:a0:5e:e6:81:6d:74:60:f5:0c:35:48:42:a4:51:ca:0a:de:
87:52:c6:c0:7f:91:8b:84:bc:d7:64:6f:9a:e1:0d:9f:9b:ce:
ee:3e:11:b9:94:38:8e:11:95:4d:f7:b3:37:87:65:65:ae:1e:
a5:87:6f:1e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQdbWEAwE8Bmey0qkfYccrIh/RHcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2ExNDM3ZTlmMzVlZGM1NGEzYzBjZDMxMTY3Yjk5NmU2
MGRlMTUwNDAeFw0yNTA3MDkwODUyNDJaFw0yNjA3MDgwODU3NDJaMDMxMTAvBgNV
BAMTKDkxNDFDODExOEI0RTlBMjlGMkQzMjc0QzlDRjIzRUVEMUJBRkQ0RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCadr4PcQvuPCSUyMJqD31p8o9O
AeUXWnPYR4cCENQyPJSg+C0oX4PNNr4L7goKIp/Ewj3QQONvlAifCVQR58u2+6vd
GNEus9w7VwppxBRZtnhk3TWYnP/0bngQl28X7HhvjWcIq4OcJMhnhFL7HcZw6WGO
qQZwQ/R9CIQLV9AeNL0kiSOaVz7mCIDh2iEpN6mUCMK/YGSkVA5vl/Ex1ee/r3Sp
FEE54rXZc/f+VlVAtax+p3tRf8v9HXSW/P5iKKARX16UfjJnNeRw51ba3xeLGjJL
2WWkfthVW7jNuSPuN/Wv7XEapzHsej9nE6dXXznBxSL9lViXC5Ei93M84tA/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkUHIEYtOminy0ydMnPI+7Ruv1PcwHwYDVR0j
BBgwFoAUyhQ36fNe3FSjwM0xFnuZbmDeFQQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTNiZDJiYzEtNGVhNi00YmM1LWEyYTUtOTdlNDY1NDcy
Nzc2LzAvQ0ExNDM3RTlGMzVFREM1NEEzQzBDRDMxMTY3Qjk5NkU2MERFMTUwNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3loUTM2Zk5lM0ZTandNMHhGbnVaYm1E
ZUZRUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNTNiZDJiYzEt
NGVhNi00YmM1LWEyYTUtOTdlNDY1NDcyNzc2LzAvMzgzNTJlMzEzOTMzMmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjM1MzAzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXB
TTANBgkqhkiG9w0BAQsFAAOCAQEAVJMIho+O/l5OxpLlzgMPMqGCE7+x21tSQ9a3
Ewbh4HEW0oc/j11dIvm5D2ZRHXpnZ5hrm8VZIDadgULeuBDGdELPnqrWwGr7EZcN
plg7CELns8g9rZKIEGKFz32VbfK2HZgdnDG6A1ox3sOSEJ6VbV4ynb+6EVAczj4J
6DOmrtO666jQTfxUbpHPbTHUMXA9ywT/tK4uwy8wafweo7p8TBxEFF8eaQQEZCE3
DGgOBQkDJgVvqN4fjgbMoqCzRn2hS1HqxfqaIqBe5oFtdGD1DDVIQqRRygreh1LG
wH+Ri4S812RvmuENn5vO7j4RuZQ4jhGVTfezN4dlZa4epYdvHg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:57:27 2025 by rpki-client