Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20383334.roa
File: 3130392e3233342e3231352e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: L9Fu6mDE2k8FycN8bXq9oNZ8B7j5sPTJcugjjSfJ7k0=
Subject key identifier: D8:30:DB:DF:2A:43:56:15:C4:BF:EC:94:B9:C8:C7:F4:A2:CE:96:EF
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 1A16A30ABA9BDBEEA90AAE666FFC5B881DCEE96D
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20383334.roa
Signing time: Sat 25 Jan 2025 13:44:04 +0000
ROA not before: Sat 25 Jan 2025 13:39:04 +0000
ROA not after: Sat 24 Jan 2026 13:44:04 +0000
asID: 834
IP address blocks: 109.234.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Jan 2025 21:58:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:16:a3:0a:ba:9b:db:ee:a9:0a:ae:66:6f:fc:5b:88:1d:ce:e9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 13:39:04 2025 GMT
Not After : Jan 24 13:44:04 2026 GMT
Subject: CN=D830DBDF2A435615C4BFEC94B9C8C7F4A2CE96EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7a:07:ba:18:26:ac:c2:ed:cb:7c:29:0c:b9:
f1:45:9d:45:87:04:10:37:70:cc:5c:bb:31:2e:cf:
99:46:05:53:d4:53:f9:f3:27:38:f1:c0:91:6c:34:
3c:19:7b:a5:fc:10:27:46:e8:24:56:c4:57:22:4e:
fc:8b:56:6a:97:fb:34:db:f6:53:83:66:7e:07:fe:
fb:00:4e:5c:45:a2:37:8b:8d:80:f5:bb:14:0d:07:
3e:0d:aa:d0:18:52:ef:a8:14:b4:7a:90:1a:27:97:
e5:2f:14:cc:f4:6b:2a:bb:0c:d9:5a:c2:32:be:61:
7d:72:34:9e:ca:7e:5a:b7:e4:68:9f:7d:27:ce:71:
64:69:dd:21:f7:08:ed:21:ef:26:06:46:3c:de:0c:
22:83:64:c4:ff:7a:41:4f:de:3d:49:f1:25:42:b1:
d9:e7:bf:7d:93:b6:00:14:2f:9c:f1:cf:ca:80:76:
2a:ae:c1:6c:89:d5:2c:7f:cc:59:c6:c2:48:a0:36:
84:3a:d7:84:a2:9a:61:0f:a6:7e:ad:4a:31:8e:d7:
75:01:74:4c:8a:b7:a8:45:7f:61:9b:d0:7d:d0:4c:
37:5d:d9:1e:85:47:4c:15:5b:46:07:9c:83:13:42:
bb:6d:37:1e:c1:69:11:d4:41:da:8e:9c:6e:0e:c9:
56:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:30:DB:DF:2A:43:56:15:C4:BF:EC:94:B9:C8:C7:F4:A2:CE:96:EF
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3130392e3233342e3231352e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.234.215.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:83:7a:9b:7d:38:49:ed:08:7f:55:01:59:f0:29:64:84:6e:
33:e1:e0:f5:ee:d4:f0:28:29:83:d9:29:4b:3f:bc:02:93:56:
47:54:7e:34:fe:2c:d6:43:59:79:68:b5:ed:04:27:fd:75:60:
78:7c:08:6a:76:1f:c0:26:95:bf:93:cd:95:be:d5:33:dd:a0:
f9:a3:f5:95:f3:51:ac:f0:f9:0c:b2:0d:de:42:86:e8:72:d3:
b4:10:32:d3:e9:dc:40:dd:9a:64:7d:de:00:fd:2d:93:9a:b8:
db:b2:26:7d:4c:3c:5b:c9:95:65:a6:c3:0e:0e:3c:68:cf:a6:
30:8f:3d:fa:f6:96:7f:8c:c3:90:d5:a3:05:1d:8c:87:77:a7:
08:fb:bb:09:8c:d5:5f:31:77:77:45:87:d5:7b:83:20:9e:8c:
f3:86:d8:36:e4:a0:5a:6c:ed:bc:48:76:03:4d:a3:5f:f1:af:
45:2f:d2:be:df:92:d9:f2:04:47:37:ba:77:62:bc:66:da:00:
18:d2:25:f0:23:3a:23:18:15:ce:78:29:99:6b:a5:9a:e6:79:
9d:ab:5a:92:91:6c:dd:cf:75:1e:b8:f2:61:5e:e0:fb:2e:0f:
35:80:76:d3:ab:21:29:64:47:63:c8:83:dc:1f:65:d0:60:c6:
f9:ff:20:69
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGhajCrqb2+6pCq5mb/xbiB3O6W0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUxMzM5MDRaFw0yNjAxMjQxMzQ0MDRaMDMxMTAvBgNV
BAMTKEQ4MzBEQkRGMkE0MzU2MTVDNEJGRUM5NEI5QzhDN0Y0QTJDRTk2RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQege6GCaswu3LfCkMufFFnUWH
BBA3cMxcuzEuz5lGBVPUU/nzJzjxwJFsNDwZe6X8ECdG6CRWxFciTvyLVmqX+zTb
9lODZn4H/vsATlxFojeLjYD1uxQNBz4NqtAYUu+oFLR6kBonl+UvFMz0ayq7DNla
wjK+YX1yNJ7Kflq35GiffSfOcWRp3SH3CO0h7yYGRjzeDCKDZMT/ekFP3j1J8SVC
sdnnv32TtgAUL5zxz8qAdiquwWyJ1Sx/zFnGwkigNoQ614SimmEPpn6tSjGO13UB
dEyKt6hFf2Gb0H3QTDdd2R6FR0wVW0YHnIMTQrttNx7BaRHUQdqOnG4OyVbtAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2DDb3ypDVhXEv+yUucjH9KLOlu8wHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzMDM5MmUzMjMzMzQyZTMy
MzEzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3q
1zANBgkqhkiG9w0BAQsFAAOCAQEAX4N6m304Se0If1UBWfApZIRuM+Hg9e7U8Cgp
g9kpSz+8ApNWR1R+NP4s1kNZeWi17QQn/XVgeHwIanYfwCaVv5PNlb7VM92g+aP1
lfNRrPD5DLIN3kKG6HLTtBAy0+ncQN2aZH3eAP0tk5q427ImfUw8W8mVZabDDg48
aM+mMI89+vaWf4zDkNWjBR2Mh3enCPu7CYzVXzF3d0WH1XuDIJ6M84bYNuSgWmzt
vEh2A02jX/GvRS/Svt+S2fIERze6d2K8ZtoAGNIl8CM6IxgVzngpmWulmuZ5nata
kpFs3c91HrjyYV7g+y4PNYB206shKWRHY8iD3B9l0GDG+f8gaQ==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:17:51 2025 by rpki-client