Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20383334.roa
File: 38352e3230392e3232392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: M9xVJG7zTAsHIVA9f8+oeI3uvZdAnreuarl/GNEwZuU=
Subject key identifier: CF:BA:2F:3A:AF:F4:89:03:28:06:33:8C:B1:73:94:18:1D:9B:16:77
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 510BFF2B53433B9DC1D2617B9D0E4CE6395CB638
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20383334.roa
Signing time: Sat 11 Jan 2025 00:01:11 +0000
ROA not before: Fri 10 Jan 2025 23:56:11 +0000
ROA not after: Sat 10 Jan 2026 00:01:11 +0000
asID: 834
IP address blocks: 85.209.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Jan 2025 06:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:0b:ff:2b:53:43:3b:9d:c1:d2:61:7b:9d:0e:4c:e6:39:5c:b6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Jan 10 23:56:11 2025 GMT
Not After : Jan 10 00:01:11 2026 GMT
Subject: CN=CFBA2F3AAFF489032806338CB17394181D9B1677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a0:48:c4:57:70:25:0c:ad:57:81:c4:e2:6a:
76:90:69:15:64:db:8b:e8:ed:5d:9f:01:16:41:e3:
55:a8:34:4f:fd:6f:f2:69:74:c3:f4:fe:b0:20:67:
c8:14:a4:fd:8c:b8:be:95:62:9d:c2:12:9a:79:67:
60:88:ea:0f:cd:21:be:92:2e:70:02:81:5b:e0:5f:
21:ce:14:c6:f6:73:94:78:d6:8b:36:67:b9:82:81:
d5:1d:ed:d2:ec:a1:6e:2b:b4:a6:4b:23:fd:bb:8c:
54:86:3b:96:b2:37:ea:b7:e6:a7:ea:fa:15:bb:e2:
0c:ba:d1:87:70:59:1d:b7:db:63:5d:e6:2e:f5:13:
28:81:29:92:a3:c4:49:c1:b7:c4:57:94:3c:83:f3:
07:ee:09:fc:6c:1f:6f:48:60:e4:2f:49:6a:f8:3e:
eb:cc:4e:79:56:88:d7:a8:3d:63:da:24:d3:fc:a9:
4c:17:aa:b1:90:98:c5:9f:d2:d1:f9:1c:d7:25:fc:
21:f9:55:4c:2a:70:eb:34:a1:4c:c5:de:b8:c1:be:
1f:2d:3a:c5:f9:38:ba:81:70:f1:1b:38:50:e9:21:
e9:3c:30:eb:49:f3:66:f6:bb:15:43:48:88:7c:48:
02:c1:20:bc:d8:d5:a4:5e:cb:05:00:38:7a:77:47:
ef:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:BA:2F:3A:AF:F4:89:03:28:06:33:8C:B1:73:94:18:1D:9B:16:77
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/38352e3230392e3232392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.229.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ee:34:33:16:6c:73:ea:0b:d2:f0:77:a2:cd:10:c8:17:25:
94:f9:0c:16:b4:9c:14:ea:d8:89:50:80:7e:a5:89:30:66:1a:
36:57:7a:b9:d5:e5:3e:0f:92:3d:67:8b:1c:c7:21:01:8f:3e:
8a:95:d1:91:80:3c:b4:55:33:38:72:ae:f4:be:d2:1e:2b:f4:
16:b6:1d:32:0c:e6:9a:12:28:fb:97:ce:92:94:64:40:5c:25:
32:58:c2:1c:f5:0a:e6:d1:ba:42:39:89:cf:9b:e8:6b:37:4e:
43:7c:6a:79:2f:c1:78:a7:06:56:56:72:6f:77:9a:2b:08:ce:
a3:d1:18:4a:bd:0e:3e:f8:93:d2:92:e4:0c:6d:88:e8:7a:1c:
f2:0c:9b:ba:69:4c:d1:ac:21:e2:8d:f5:be:7e:41:51:2a:50:
5a:27:52:e3:e5:a7:c3:64:bd:39:fd:40:ec:2d:c4:31:39:65:
7d:a3:88:7e:80:7c:df:fa:8a:da:08:3e:61:6e:92:4b:65:99:
83:1c:bd:95:b1:7c:06:67:5a:e4:18:18:03:54:9f:16:29:f7:
2d:2c:35:a4:e4:c4:06:42:da:fe:90:e5:76:3d:11:b8:b7:03:
8a:33:6c:2e:b4:fc:68:71:e1:70:3d:89:ad:f9:d9:ad:06:90:
28:21:14:cb
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUQv/K1NDO53B0mF7nQ5M5jlctjgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTAxMTAyMzU2MTFaFw0yNjAxMTAwMDAxMTFaMDMxMTAvBgNV
BAMTKENGQkEyRjNBQUZGNDg5MDMyODA2MzM4Q0IxNzM5NDE4MUQ5QjE2NzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhoEjEV3AlDK1XgcTianaQaRVk
24vo7V2fARZB41WoNE/9b/JpdMP0/rAgZ8gUpP2MuL6VYp3CEpp5Z2CI6g/NIb6S
LnACgVvgXyHOFMb2c5R41os2Z7mCgdUd7dLsoW4rtKZLI/27jFSGO5ayN+q35qfq
+hW74gy60YdwWR2322Nd5i71EyiBKZKjxEnBt8RXlDyD8wfuCfxsH29IYOQvSWr4
PuvMTnlWiNeoPWPaJNP8qUwXqrGQmMWf0tH5HNcl/CH5VUwqcOs0oUzF3rjBvh8t
OsX5OLqBcPEbOFDpIek8MOtJ82b2uxVDSIh8SALBILzY1aReywUAOHp3R+93AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUz7ovOq/0iQMoBjOMsXOUGB2bFncwHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzgzNTJlMzIzMDM5MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV0eUw
DQYJKoZIhvcNAQELBQADggEBAKTuNDMWbHPqC9Lwd6LNEMgXJZT5DBa0nBTq2IlQ
gH6liTBmGjZXernV5T4Pkj1nixzHIQGPPoqV0ZGAPLRVMzhyrvS+0h4r9Ba2HTIM
5poSKPuXzpKUZEBcJTJYwhz1CubRukI5ic+b6Gs3TkN8ankvwXinBlZWcm93misI
zqPRGEq9Dj74k9KS5AxtiOh6HPIMm7ppTNGsIeKN9b5+QVEqUFonUuPlp8NkvTn9
QOwtxDE5ZX2jiH6AfN/6itoIPmFukktlmYMcvZWxfAZnWuQYGANUnxYp9y0sNaTk
xAZC2v6Q5XY9Ebi3A4ozbC60/Ghx4XA9ia352a0GkCghFMs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:44:56 2025 by rpki-client