Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa
File: 3138352e3130302e3231342e302f32332d3234203d3e20383334.roa (raw, json)
Hash identifier: nJx7oNzGJ4BmcJ7C029k+zioUr4GRJckaBw1VTN8p7c=
Subject key identifier: 36:D7:6D:71:9C:B6:F9:85:1D:6C:BE:10:04:02:EB:EB:D7:61:7F:6A
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 1F8C3DCA19315102E55784899753EC607C242ABC
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa
Signing time: Sat 01 Mar 2025 00:00:27 +0000
ROA not before: Fri 28 Feb 2025 23:55:27 +0000
ROA not after: Sat 28 Feb 2026 00:00:27 +0000
asID: 834
IP address blocks: 185.100.214.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 08:52:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:8c:3d:ca:19:31:51:02:e5:57:84:89:97:53:ec:60:7c:24:2a:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Feb 28 23:55:27 2025 GMT
Not After : Feb 28 00:00:27 2026 GMT
Subject: CN=36D76D719CB6F9851D6CBE100402EBEBD7617F6A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:72:cf:12:6d:a6:d8:5c:4d:26:5e:ff:b6:f1:
1a:cb:5f:8d:9c:f0:18:b0:19:5f:9c:f6:e5:58:2b:
74:e1:d4:39:8a:b7:f6:49:f6:ac:e6:76:ee:a4:6e:
ce:ff:e1:1b:b0:02:39:e4:e3:64:b5:64:15:46:7e:
6f:da:24:8e:87:c9:2a:0b:f7:f9:c9:67:23:4c:6e:
26:2d:2e:a4:7f:dc:cc:9e:1f:c5:46:65:61:8f:12:
06:c1:32:e2:ab:a2:51:e4:bb:17:b2:8f:68:30:d0:
d2:13:91:54:88:e8:b3:bd:ff:c5:7e:40:2b:e7:c1:
27:37:47:4d:59:e8:cd:a7:b2:7a:2b:d3:f0:89:22:
91:1e:99:6e:35:5e:02:11:7d:94:e5:d0:b4:20:66:
df:00:75:8e:26:c4:c6:d4:b9:f7:fd:27:43:42:44:
9f:15:51:82:27:0d:53:88:3a:10:0b:74:e5:b6:70:
fe:c0:0b:44:e0:a6:a9:aa:bf:c4:5a:53:0f:fd:e5:
25:6f:b0:f4:7b:7f:35:7a:d9:48:11:9e:14:df:99:
85:ec:bc:8c:e4:f7:7e:3e:46:2b:64:1f:b7:a2:0d:
46:54:a9:41:19:67:b8:b7:53:96:1e:ad:fb:6f:9a:
b5:0d:2c:b1:03:67:4d:c8:13:31:b7:00:d1:b6:02:
2f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D7:6D:71:9C:B6:F9:85:1D:6C:BE:10:04:02:EB:EB:D7:61:7F:6A
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231342e302f32332d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.214.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:f9:c0:cb:c1:3e:4e:7c:8e:5d:fb:fc:e6:62:f0:03:35:00:
46:13:91:48:21:32:0b:b4:75:a8:01:c4:f9:c2:30:ac:01:a7:
0a:ff:47:52:0a:34:16:bb:69:8b:b5:e8:be:8e:cd:7c:04:4e:
70:84:62:7c:58:3e:b7:8c:75:b4:04:3a:4d:f4:eb:a3:0d:fe:
05:59:e5:50:07:56:26:e3:d4:93:32:27:26:cf:78:12:6b:7f:
56:72:1e:51:27:c4:0f:f0:08:61:de:0d:93:19:0f:7d:8f:28:
6e:4a:63:12:40:48:a3:91:59:57:a7:5f:4c:97:6b:b8:37:33:
b2:15:26:47:c0:48:71:f2:e9:f2:2a:54:27:c8:35:6f:54:95:
93:30:bc:2f:bb:ec:c6:81:9f:fd:29:91:46:a2:ee:80:91:dd:
0a:41:56:a0:a5:9f:2d:5e:98:35:a5:8f:43:59:f5:b8:e7:f5:
84:44:07:bc:9c:62:63:a6:1e:4a:e2:44:51:e3:21:a8:a9:cb:
86:ac:47:e4:5b:6a:65:cb:54:e9:3b:bb:a0:77:b8:30:14:a9:
b7:76:58:17:6f:27:73:33:9c:a3:47:76:42:81:bc:29:56:81:
4e:c5:e2:e6:43:08:5f:70:77:11:7a:17:c2:e6:8a:04:74:f4:
b9:4b:ca:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUH4w9yhkxUQLlV4SJl1PsYHwkKrwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAyMjgyMzU1MjdaFw0yNjAyMjgwMDAwMjdaMDMxMTAvBgNV
BAMTKDM2RDc2RDcxOUNCNkY5ODUxRDZDQkUxMDA0MDJFQkVCRDc2MTdGNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCucs8SbabYXE0mXv+28RrLX42c
8BiwGV+c9uVYK3Th1DmKt/ZJ9qzmdu6kbs7/4RuwAjnk42S1ZBVGfm/aJI6HySoL
9/nJZyNMbiYtLqR/3MyeH8VGZWGPEgbBMuKrolHkuxeyj2gw0NITkVSI6LO9/8V+
QCvnwSc3R01Z6M2nsnor0/CJIpEemW41XgIRfZTl0LQgZt8AdY4mxMbUuff9J0NC
RJ8VUYInDVOIOhALdOW2cP7AC0Tgpqmqv8RaUw/95SVvsPR7fzV62UgRnhTfmYXs
vIzk934+RitkH7eiDUZUqUEZZ7i3U5YerftvmrUNLLEDZ03IEzG3ANG2Ai8xAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUNtdtcZy2+YUdbL4QBALr69dhf2owHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzNDJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAblk
1jANBgkqhkiG9w0BAQsFAAOCAQEATvnAy8E+TnyOXfv85mLwAzUARhORSCEyC7R1
qAHE+cIwrAGnCv9HUgo0Frtpi7Xovo7NfAROcIRifFg+t4x1tAQ6TfTrow3+BVnl
UAdWJuPUkzInJs94Emt/VnIeUSfED/AIYd4NkxkPfY8obkpjEkBIo5FZV6dfTJdr
uDczshUmR8BIcfLp8ipUJ8g1b1SVkzC8L7vsxoGf/SmRRqLugJHdCkFWoKWfLV6Y
NaWPQ1n1uOf1hEQHvJxiY6YeSuJEUeMhqKnLhqxH5FtqZctU6Tu7oHe4MBSpt3ZY
F28nczOco0d2QoG8KVaBTsXi5kMIX3B3EXoXwuaKBHT0uUvKaw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:27:18 2025 by rpki-client