Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203136323736.roa
File: 38352e3135382e35372e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: OAq+vjbFzEehhXUmGiwtl3Lw/T/0SX5RyvnMOOdezy8=
Subject key identifier: FB:3C:7E:77:DD:E5:5E:8B:0F:B2:6F:D5:BF:31:A7:A2:5A:B6:D8:0C
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 0AD8754FF4CD2D81AACE288B3F0718B26DEE9434
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203136323736.roa
Signing time: Thu 19 Dec 2024 17:25:03 +0000
ROA not before: Thu 19 Dec 2024 17:20:03 +0000
ROA not after: Thu 18 Dec 2025 17:25:03 +0000
asID: 16276
IP address blocks: 85.158.57.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 00:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:d8:75:4f:f4:cd:2d:81:aa:ce:28:8b:3f:07:18:b2:6d:ee:94:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Dec 19 17:20:03 2024 GMT
Not After : Dec 18 17:25:03 2025 GMT
Subject: CN=FB3C7E77DDE55E8B0FB26FD5BF31A7A25AB6D80C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:eb:e8:7b:d7:d6:b8:16:4a:b6:31:25:1b:62:
9e:70:e7:d6:8b:87:d2:13:d5:73:c1:4a:f9:1a:8a:
3d:17:f9:5e:c0:81:72:c8:23:57:70:3c:40:14:3c:
ec:70:ba:d9:d8:95:15:9e:30:f9:01:f9:85:aa:cf:
32:c3:d2:7c:21:36:d4:61:4a:23:50:9e:75:0f:7d:
5f:47:c6:9b:e6:42:65:e7:ea:a6:d2:6d:48:21:8f:
fa:17:c6:5a:c5:be:3d:d2:0c:ba:98:b5:7b:24:6f:
a3:53:44:e3:bb:3f:3f:57:7b:db:3b:d7:e4:8c:1d:
74:e5:69:b6:d7:76:f8:eb:8b:42:59:3c:59:40:80:
51:57:97:64:76:6c:66:64:70:65:7c:42:ae:20:6b:
36:67:6a:b6:ac:39:7d:c3:12:c4:27:91:19:22:ac:
a1:67:6b:ac:36:99:a8:1a:bd:d1:df:41:dc:60:25:
d1:87:1e:b3:ee:c6:aa:90:26:f4:e5:91:c5:bc:3e:
03:23:3d:52:fd:c1:5c:31:fd:1d:3d:67:36:f8:6e:
f8:6d:a5:de:0a:9a:6f:fd:77:ce:e0:b0:f6:bb:66:
ae:c3:d3:c1:39:86:ab:ee:d3:d7:1b:3a:52:be:1e:
a0:b2:a0:54:93:b6:d9:8b:2d:3f:1b:e9:bd:0a:99:
54:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:3C:7E:77:DD:E5:5E:8B:0F:B2:6F:D5:BF:31:A7:A2:5A:B6:D8:0C
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e35372e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.57.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:d5:0e:c8:38:38:c2:f8:79:ea:d3:1c:73:32:e1:9a:7e:39:
de:75:0c:72:40:88:4f:b9:74:8d:93:aa:eb:44:88:05:cb:51:
94:60:78:76:7c:19:86:6c:75:c3:c9:08:5b:ee:fa:e7:42:ff:
ea:ae:a3:ff:13:fe:3a:13:00:ef:85:e9:af:fa:42:13:fa:cc:
fc:28:9d:58:c8:29:57:a1:f8:71:46:b1:7e:df:ff:57:ae:48:
3b:8b:bb:33:d6:d6:e9:c6:8e:10:77:6d:65:5c:df:96:6f:c3:
8f:cb:68:c4:2f:e2:03:fb:f0:ff:70:0a:0d:02:52:df:b1:1e:
d8:72:c2:ce:eb:67:f6:04:31:7a:94:ab:86:79:c5:53:12:02:
6a:07:f0:87:ba:55:a4:6c:09:0b:8e:68:6c:08:c4:19:04:86:
82:56:2c:52:ce:ff:2e:5f:59:96:7b:03:61:26:ca:4a:d7:24:
c6:b4:7e:f5:39:e2:73:de:cf:a1:6d:16:19:95:d6:a9:3f:74:
fe:d5:13:a1:c3:ca:f9:eb:77:54:c7:88:40:c8:10:0c:07:cf:
3d:f4:ad:f0:9a:0f:68:84:7f:c2:a2:02:06:71:32:d9:4a:04:
51:80:5b:ef:36:de:64:b9:ef:30:48:aa:be:fa:d1:76:7e:af:
47:35:b1:30
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUCth1T/TNLYGqziiLPwcYsm3ulDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNDEyMTkxNzIwMDNaFw0yNTEyMTgxNzI1MDNaMDMxMTAvBgNV
BAMTKEZCM0M3RTc3RERFNTVFOEIwRkIyNkZENUJGMzFBN0EyNUFCNkQ4MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCl6+h719a4Fkq2MSUbYp5w59aL
h9IT1XPBSvkaij0X+V7AgXLII1dwPEAUPOxwutnYlRWeMPkB+YWqzzLD0nwhNtRh
SiNQnnUPfV9HxpvmQmXn6qbSbUghj/oXxlrFvj3SDLqYtXskb6NTROO7Pz9Xe9s7
1+SMHXTlabbXdvjri0JZPFlAgFFXl2R2bGZkcGV8Qq4gazZnarasOX3DEsQnkRki
rKFna6w2magavdHfQdxgJdGHHrPuxqqQJvTlkcW8PgMjPVL9wVwx/R09Zzb4bvht
pd4Kmm/9d87gsPa7Zq7D08E5hqvu09cbOlK+HqCyoFSTttmLLT8b6b0KmVSJAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU+zx+d93lXosPsm/VvzGnolq22AwwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
OTANBgkqhkiG9w0BAQsFAAOCAQEATdUOyDg4wvh56tMcczLhmn453nUMckCIT7l0
jZOq60SIBctRlGB4dnwZhmx1w8kIW+7650L/6q6j/xP+OhMA74Xpr/pCE/rM/Cid
WMgpV6H4cUaxft//V65IO4u7M9bW6caOEHdtZVzflm/Dj8toxC/iA/vw/3AKDQJS
37Ee2HLCzutn9gQxepSrhnnFUxICagfwh7pVpGwJC45obAjEGQSGglYsUs7/Ll9Z
lnsDYSbKStckxrR+9Tnic97PoW0WGZXWqT90/tUTocPK+et3VMeIQMgQDAfPPfSt
8JoPaIR/wqICBnEy2UoEUYBb7zbeZLnvMEiqvvrRdn6vRzWxMA==
-----END CERTIFICATE-----
Generated at Wed Mar 12 04:35:27 2025 by rpki-client