Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e203230343733.roa
File: 33312e32322e3130372e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 00oOQnn48czAxVhvKzueKVN5mEiyLymd2dHUDhcTLO4=
Subject key identifier: 51:C4:9B:96:C3:08:4E:9C:DA:D7:68:93:E9:80:2C:50:5F:29:96:AA
Certificate issuer: /CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Certificate serial: 0C092E7FDD76BE1C81D2B0A94DEEF26B707CCCD8
Authority key identifier: C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e203230343733.roa
Signing time: Mon 16 Dec 2024 14:57:15 +0000
ROA not before: Mon 16 Dec 2024 14:52:15 +0000
ROA not after: Mon 15 Dec 2025 14:57:15 +0000
asID: 20473
IP address blocks: 31.22.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:09:2e:7f:dd:76:be:1c:81:d2:b0:a9:4d:ee:f2:6b:70:7c:cc:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c770f43358b97ba0aa9bdc62bbd511e90aeab29d
Validity
Not Before: Dec 16 14:52:15 2024 GMT
Not After : Dec 15 14:57:15 2025 GMT
Subject: CN=51C49B96C3084E9CDAD76893E9802C505F2996AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f9:3f:3f:13:24:18:52:32:8b:bf:0d:f6:de:
72:15:87:74:9a:46:ff:c5:65:7b:78:e0:d9:bb:b4:
69:47:55:95:cc:f4:be:40:40:a8:66:64:91:9f:cc:
f2:be:b4:54:0a:5a:f7:36:70:47:64:e1:76:cb:29:
7b:fc:d6:d1:c0:96:5d:81:21:ba:9b:f6:21:da:84:
73:1d:e2:e4:b6:da:d9:8a:84:8b:6d:f3:4c:f1:b4:
ed:fc:b4:ae:f6:79:66:12:11:2c:e5:4a:fc:1a:00:
6e:1d:1a:c2:05:5a:dd:da:bd:fd:0c:63:e5:69:c1:
ec:bd:eb:9f:73:6a:a7:3c:2b:30:49:95:70:2a:39:
6b:d7:03:3b:b3:ec:46:8d:89:75:5b:f9:63:40:23:
22:7c:0c:7b:f8:10:93:8e:42:65:32:fd:a6:2b:0e:
ea:19:27:99:c7:a3:18:00:7f:2f:e0:f3:3f:f8:1e:
46:a4:24:88:b1:d4:4f:24:6b:bc:ef:56:8d:2e:e5:
c2:c1:b5:47:bf:b7:f2:a1:96:ef:17:b1:54:f4:d9:
6e:56:1a:52:10:ff:23:46:19:5d:a3:50:ab:4f:0f:
ff:6f:2b:31:9a:57:a9:46:cb:4d:8d:74:d9:44:27:
05:e7:7c:a1:56:59:66:e9:65:43:0f:b2:3b:4e:b6:
35:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C4:9B:96:C3:08:4E:9C:DA:D7:68:93:E9:80:2C:50:5F:29:96:AA
X509v3 Authority Key Identifier:
keyid:C7:70:F4:33:58:B9:7B:A0:AA:9B:DC:62:BB:D5:11:E9:0A:EA:B2:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/C770F43358B97BA0AA9BDC62BBD511E90AEAB29D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3D0M1i5e6Cqm9xiu9UR6Qrqsp0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/eafebdb4-6f0b-404b-98e2-a26be94a6620/0/33312e32322e3130372e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:65:53:76:1b:d5:2c:ac:c6:a9:c1:17:41:9d:5d:95:9a:77:
4f:69:c0:4f:bd:ed:eb:cf:0c:2e:e0:71:5d:95:a5:6c:8a:06:
8c:ad:5c:a2:ae:55:5f:90:70:16:50:6a:00:51:5c:d1:70:85:
20:42:cf:df:ab:73:80:a9:fc:2a:5e:27:22:47:46:b8:b9:c8:
4d:fb:eb:25:e1:40:c4:71:ac:e5:64:20:1e:15:93:e9:0e:5e:
dd:06:a0:43:8f:ff:2f:f3:f7:4f:33:26:2c:f2:2d:1a:a4:e4:
68:8b:27:af:fc:cb:da:ce:3b:fd:c3:b3:4a:7f:b4:72:ef:7c:
3a:cc:4e:2b:6c:c6:27:d4:82:ea:43:20:a5:8e:e1:e5:06:0a:
70:02:c6:f3:79:7a:a0:bb:45:47:9a:e2:49:35:2b:c6:ae:5f:
31:0a:97:21:f3:7d:8b:0b:e7:a1:61:87:94:d6:f2:b4:d7:99:
81:73:4b:45:1e:b2:d7:68:57:1d:ff:c9:7b:eb:b8:ac:c5:9c:
51:a5:a8:19:09:36:41:2f:7e:01:45:b1:88:6c:5c:0b:18:cf:
21:bc:da:11:d1:9b:c3:38:2f:ac:fd:3b:1c:38:fc:27:b2:9a:
37:9d:03:a6:dc:85:2e:d1:1f:28:d7:eb:b9:6a:15:1b:16:2e:
e6:c0:75:b1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUDAkuf912vhyB0rCpTe7ya3B8zNgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzc3MGY0MzM1OGI5N2JhMGFhOWJkYzYyYmJkNTExZTkw
YWVhYjI5ZDAeFw0yNDEyMTYxNDUyMTVaFw0yNTEyMTUxNDU3MTVaMDMxMTAvBgNV
BAMTKDUxQzQ5Qjk2QzMwODRFOUNEQUQ3Njg5M0U5ODAyQzUwNUYyOTk2QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp+T8/EyQYUjKLvw323nIVh3Sa
Rv/FZXt44Nm7tGlHVZXM9L5AQKhmZJGfzPK+tFQKWvc2cEdk4XbLKXv81tHAll2B
Ibqb9iHahHMd4uS22tmKhItt80zxtO38tK72eWYSESzlSvwaAG4dGsIFWt3avf0M
Y+Vpwey9659zaqc8KzBJlXAqOWvXAzuz7EaNiXVb+WNAIyJ8DHv4EJOOQmUy/aYr
DuoZJ5nHoxgAfy/g8z/4HkakJIix1E8ka7zvVo0u5cLBtUe/t/Khlu8XsVT02W5W
GlIQ/yNGGV2jUKtPD/9vKzGaV6lGy02NdNlEJwXnfKFWWWbpZUMPsjtOtjXjAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUUcSblsMITpza12iT6YAsUF8plqowHwYDVR0j
BBgwFoAUx3D0M1i5e6Cqm9xiu9UR6Qrqsp0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQtNmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2
NjIwLzAvQzc3MEY0MzM1OEI5N0JBMEFBOUJEQzYyQkJENTExRTkwQUVBQjI5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3gzRDBNMWk1ZTZDcW05eGl1OVVSNlFy
cXNwMC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZWFmZWJkYjQt
NmYwYi00MDRiLTk4ZTItYTI2YmU5NGE2NjIwLzAvMzMzMTJlMzIzMjJlMzEzMDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM0MzczMy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB8W
azANBgkqhkiG9w0BAQsFAAOCAQEAHGVTdhvVLKzGqcEXQZ1dlZp3T2nAT73t688M
LuBxXZWlbIoGjK1coq5VX5BwFlBqAFFc0XCFIELP36tzgKn8Kl4nIkdGuLnITfvr
JeFAxHGs5WQgHhWT6Q5e3QagQ4//L/P3TzMmLPItGqTkaIsnr/zL2s47/cOzSn+0
cu98OsxOK2zGJ9SC6kMgpY7h5QYKcALG83l6oLtFR5riSTUrxq5fMQqXIfN9iwvn
oWGHlNbytNeZgXNLRR6y12hXHf/Je+u4rMWcUaWoGQk2QS9+AUWxiGxcCxjPIbza
EdGbwzgvrP07HDj8J7KaN50DptyFLtEfKNfruWoVGxYu5sB1sQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:34:42 2025 by rpki-client