Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20323132323338.roa
File: 3134352e37392e3136382e302f32332d3233203d3e20323132323338.roa (raw, json)
Hash identifier: BG/WCYQCTsoziat11lBhrHMlQfEeT3ZAw7V8gaYHzcY=
Subject key identifier: 39:56:01:21:0B:6C:7F:6E:08:19:FF:58:99:87:D5:10:F1:65:FD:C4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 165C8CF2EB69C45C829E7EA4D9C27AA70FCC01DC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20323132323338.roa
Signing time: Sun 15 Jun 2025 11:49:38 +0000
ROA not before: Sun 15 Jun 2025 11:44:38 +0000
ROA not after: Sun 14 Jun 2026 11:49:38 +0000
asID: 212238
IP address blocks: 145.79.168.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 16 Jun 2025 10:10:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:5c:8c:f2:eb:69:c4:5c:82:9e:7e:a4:d9:c2:7a:a7:0f:cc:01:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 15 11:44:38 2025 GMT
Not After : Jun 14 11:49:38 2026 GMT
Subject: CN=395601210B6C7F6E0819FF589987D510F165FDC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:57:94:67:4b:df:7f:3f:7f:72:88:fb:64:ec:
c9:75:b5:9c:e4:91:df:10:b9:93:70:ea:f0:c0:97:
0d:75:ca:e5:98:3e:42:70:f3:e5:4a:70:5e:ef:02:
f8:4d:39:20:cd:fc:f0:12:c5:89:59:98:db:66:78:
a0:35:72:eb:47:64:87:bf:00:93:c6:b7:b5:d4:33:
21:9e:4d:94:b3:c2:63:65:83:f5:45:f2:78:95:89:
1f:99:27:8f:5a:e4:e7:4c:43:5d:14:01:e9:3d:14:
76:98:c7:a3:4f:48:ab:c2:9e:f8:c6:89:ac:b4:36:
da:35:00:5b:91:d3:b2:7e:b7:d1:ee:9a:02:8d:7f:
b1:d6:ff:20:37:87:03:01:74:51:b9:6a:2d:78:14:
a9:96:2f:0a:1b:5e:c4:38:b6:7f:7f:d0:f2:a5:ad:
05:84:ed:ed:58:76:80:6b:33:c4:fe:d9:8e:19:9a:
a0:d1:12:28:72:34:0a:d2:4d:0d:c7:9d:b8:13:c7:
d9:9d:17:31:b9:1b:1c:b0:c1:56:48:41:74:fe:39:
a3:dd:dd:94:47:30:ce:77:76:82:d0:c9:6c:b5:f2:
6e:a0:34:f0:92:d9:fc:1b:f9:b8:cc:c7:34:24:cc:
39:03:64:27:d0:60:73:13:e2:2b:0d:3a:ef:45:10:
ab:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:56:01:21:0B:6C:7F:6E:08:19:FF:58:99:87:D5:10:F1:65:FD:C4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3134352e37392e3136382e302f32332d3233203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.79.168.0/23
Signature Algorithm: sha256WithRSAEncryption
21:e1:79:81:3e:41:d7:40:62:e6:b7:f9:61:34:cf:24:37:3f:
7b:eb:aa:e5:09:25:79:fc:0a:38:7b:10:36:67:76:e4:62:fd:
97:d5:31:bb:68:d6:9b:0e:12:a7:32:7c:af:1e:18:bb:df:4d:
ef:c7:16:dc:39:70:4e:81:23:b9:d7:08:c1:01:62:5d:59:b7:
3f:7e:32:b2:d8:2d:fd:43:ab:a9:a0:3c:02:6d:48:63:bc:17:
f0:11:3b:dc:04:73:72:61:a7:13:e2:6d:07:55:55:fe:2a:40:
4d:f8:d6:d2:03:c3:e9:5d:96:0c:fb:09:64:1e:5d:b1:02:c3:
d2:2e:8a:cc:46:3f:59:b4:d2:6f:74:8f:a1:4e:9e:a8:94:b2:
cc:db:b3:e2:b5:b6:fa:5e:74:24:cc:cd:27:82:0b:56:6f:2e:
aa:be:f8:68:a1:55:45:6e:45:7f:a8:7a:d0:1a:3b:ca:1a:fc:
e2:fa:d3:bf:28:21:7e:dd:61:53:24:c5:5a:63:f5:7b:b5:ae:
19:8b:a1:fb:8f:9a:8a:80:ff:6d:76:0e:13:a6:52:91:39:3c:
cd:50:18:91:37:b5:c3:ec:12:f7:d5:5a:a7:3d:23:33:b7:d7:
39:b4:3e:a4:b2:52:43:be:f6:3e:82:89:ba:3e:75:3c:3d:e7:
ad:9d:22:1f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFlyM8utpxFyCnn6k2cJ6pw/MAdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTUxMTQ0MzhaFw0yNjA2MTQxMTQ5MzhaMDMxMTAvBgNV
BAMTKDM5NTYwMTIxMEI2QzdGNkUwODE5RkY1ODk5ODdENTEwRjE2NUZEQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwV5RnS99/P39yiPtk7Ml1tZzk
kd8QuZNw6vDAlw11yuWYPkJw8+VKcF7vAvhNOSDN/PASxYlZmNtmeKA1cutHZIe/
AJPGt7XUMyGeTZSzwmNlg/VF8niViR+ZJ49a5OdMQ10UAek9FHaYx6NPSKvCnvjG
iay0Nto1AFuR07J+t9HumgKNf7HW/yA3hwMBdFG5ai14FKmWLwobXsQ4tn9/0PKl
rQWE7e1YdoBrM8T+2Y4ZmqDREihyNArSTQ3HnbgTx9mdFzG5GxywwVZIQXT+OaPd
3ZRHMM53doLQyWy18m6gNPCS2fwb+bjMxzQkzDkDZCfQYHMT4isNOu9FEKtdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUOVYBIQtsf24IGf9YmYfVEPFl/cQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNDM1MmUzNzM5MmUzMTM2
MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGRT6gwDQYJKoZIhvcNAQELBQADggEBACHheYE+QddAYua3+WE0zyQ3P3vrquUJ
JXn8Cjh7EDZnduRi/ZfVMbto1psOEqcyfK8eGLvfTe/HFtw5cE6BI7nXCMEBYl1Z
tz9+MrLYLf1Dq6mgPAJtSGO8F/ARO9wEc3JhpxPibQdVVf4qQE341tIDw+ldlgz7
CWQeXbECw9IuisxGP1m00m90j6FOnqiUsszbs+K1tvpedCTMzSeCC1ZvLqq++Gih
VUVuRX+oetAaO8oa/OL6078oIX7dYVMkxVpj9Xu1rhmLofuPmoqA/212DhOmUpE5
PM1QGJE3tcPsEvfVWqc9IzO31zm0PqSyUkO+9j6Cibo+dTw9562dIh8=
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:14:15 2025 by rpki-client