Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20383334.roa
File: 3137382e3133322e3139382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: Y1NBTVjca6xFekh04TC+V1Z4NuX2I+nvpxqiwd1Y1VI=
Subject key identifier: 75:A9:AA:26:F5:A0:9B:A7:66:BA:4E:49:7D:9E:0A:56:A3:D6:CB:43
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 31FB82F0D1474C850503C4A04B9B0181122804A7
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20383334.roa
Signing time: Sat 25 Jan 2025 13:44:04 +0000
ROA not before: Sat 25 Jan 2025 13:39:04 +0000
ROA not after: Sat 24 Jan 2026 13:44:04 +0000
asID: 834
IP address blocks: 178.132.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 19:11:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:fb:82:f0:d1:47:4c:85:05:03:c4:a0:4b:9b:01:81:12:28:04:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Jan 25 13:39:04 2025 GMT
Not After : Jan 24 13:44:04 2026 GMT
Subject: CN=75A9AA26F5A09BA766BA4E497D9E0A56A3D6CB43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:89:9c:38:2e:a1:6c:bf:c3:69:80:76:d0:4f:
1f:12:c1:0f:f3:dc:3e:d5:02:2a:6e:2b:04:9e:71:
6c:9e:3d:16:f9:f0:ae:4e:b8:0d:80:8b:d0:24:16:
dd:2f:88:9b:f9:a8:69:f4:33:32:80:82:92:4c:c3:
be:e3:a0:7f:de:5c:e6:68:0b:d7:60:7f:f3:89:98:
42:52:76:11:89:92:74:b1:6b:51:2d:d7:f9:bd:e6:
bc:4d:14:40:0e:ec:5c:ba:63:6f:a5:9e:52:a7:e3:
8d:cf:b4:f4:e5:af:96:ec:4a:f8:b1:0d:b5:e3:dc:
40:db:ad:fa:90:bd:a4:da:b4:6d:3c:7d:c1:63:9f:
92:20:10:91:c5:21:d8:7d:ea:ac:b2:80:e7:89:14:
c1:58:9c:05:09:db:be:d4:5a:83:26:fe:dc:0f:e1:
9b:c9:e9:27:29:ae:63:50:d6:0d:5a:29:d1:05:dc:
aa:6a:50:3f:c3:fc:85:40:b5:ba:44:1e:df:70:26:
96:49:06:b9:6f:64:68:44:5b:89:71:d8:f7:7a:53:
1c:25:d0:34:c3:65:41:6c:aa:0e:71:17:5f:2f:cf:
d0:d1:ed:c7:25:71:3a:c4:02:24:d2:34:39:d9:ec:
8b:10:51:1e:8e:80:fe:03:e2:2f:7f:05:91:07:f7:
54:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:A9:AA:26:F5:A0:9B:A7:66:BA:4E:49:7D:9E:0A:56:A3:D6:CB:43
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.198.0/24
Signature Algorithm: sha256WithRSAEncryption
19:cb:b8:8c:47:33:71:49:ef:5e:3c:a3:3d:7f:5d:50:58:54:
2c:83:5e:52:cc:ff:04:b3:a3:ef:7b:a8:93:86:f7:85:ad:e6:
6d:f6:61:de:a3:91:a2:4a:6e:d1:df:04:32:03:ed:13:ff:79:
67:f6:48:ce:41:6b:10:bf:02:a3:ac:73:63:78:53:08:4e:1e:
0e:c4:2e:1c:0f:fd:c0:ea:28:3a:d3:ac:bc:32:ea:70:b4:39:
8f:e8:28:39:41:f7:92:fc:8d:6d:37:fc:d7:41:21:42:0e:ef:
c3:bb:ad:37:e1:ee:18:54:e5:dc:b1:b2:ba:5e:9a:46:cc:01:
24:ab:12:9c:38:a8:0a:c3:68:f9:24:e0:28:7e:78:9e:9b:ed:
c7:9f:9d:96:0f:0c:31:01:29:60:9a:fc:39:dc:71:4b:c5:37:
15:e2:fc:3f:df:22:50:7c:de:11:4e:2d:6e:2d:0b:3a:55:c4:
0d:0a:47:7c:2e:ef:e7:1d:79:a9:e5:b1:6f:80:eb:a6:7d:4f:
bd:4c:4a:4b:24:4c:a4:4c:a5:8f:4b:5f:b1:63:6d:96:20:19:
21:b9:dd:7b:f7:88:ce:b3:7f:52:e2:6f:d0:7f:70:d3:19:32:
0d:39:84:51:d1:4b:c6:98:50:99:a2:3f:dd:81:2b:7c:66:03:
8b:2d:b4:ce
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMfuC8NFHTIUFA8SgS5sBgRIoBKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTAxMjUxMzM5MDRaFw0yNjAxMjQxMzQ0MDRaMDMxMTAvBgNV
BAMTKDc1QTlBQTI2RjVBMDlCQTc2NkJBNEU0OTdEOUUwQTU2QTNENkNCNDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0iZw4LqFsv8NpgHbQTx8SwQ/z
3D7VAipuKwSecWyePRb58K5OuA2Ai9AkFt0viJv5qGn0MzKAgpJMw77joH/eXOZo
C9dgf/OJmEJSdhGJknSxa1Et1/m95rxNFEAO7Fy6Y2+lnlKn443PtPTlr5bsSvix
DbXj3EDbrfqQvaTatG08fcFjn5IgEJHFIdh96qyygOeJFMFYnAUJ277UWoMm/twP
4ZvJ6ScprmNQ1g1aKdEF3KpqUD/D/IVAtbpEHt9wJpZJBrlvZGhEW4lx2Pd6Uxwl
0DTDZUFsqg5xF18vz9DR7cclcTrEAiTSNDnZ7IsQUR6OgP4D4i9/BZEH91StAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUdamqJvWgm6dmuk5JfZ4KVqPWy0MwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALKE
xjANBgkqhkiG9w0BAQsFAAOCAQEAGcu4jEczcUnvXjyjPX9dUFhULINeUsz/BLOj
73uok4b3ha3mbfZh3qORokpu0d8EMgPtE/95Z/ZIzkFrEL8Co6xzY3hTCE4eDsQu
HA/9wOooOtOsvDLqcLQ5j+goOUH3kvyNbTf810EhQg7vw7utN+HuGFTl3LGyul6a
RswBJKsSnDioCsNo+STgKH54npvtx5+dlg8MMQEpYJr8OdxxS8U3FeL8P98iUHze
EU4tbi0LOlXEDQpHfC7v5x15qeWxb4Drpn1PvUxKSyRMpEylj0tfsWNtliAZIbnd
e/eIzrN/UuJv0H9w0xkyDTmEUdFLxphQmaI/3YErfGYDiy20zg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:42 2025 by rpki-client