Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e20383334.roa
File: 38352e3233372e3230392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: ze7EKKoqxZ9JgGf9qF678SqPW2pNdbcS4wd/0c4pNW0=
Subject key identifier: A1:B5:DA:4B:BA:C9:03:F8:4C:A7:C3:D2:0F:5D:CC:DF:2A:D0:74:16
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4F17087010F9A169409F4D17167F6059B6033CEF
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e20383334.roa
Signing time: Fri 10 Jan 2025 00:04:13 +0000
ROA not before: Thu 09 Jan 2025 23:59:13 +0000
ROA not after: Fri 09 Jan 2026 00:04:13 +0000
asID: 834
IP address blocks: 85.237.209.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 01:37:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:17:08:70:10:f9:a1:69:40:9f:4d:17:16:7f:60:59:b6:03:3c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jan 9 23:59:13 2025 GMT
Not After : Jan 9 00:04:13 2026 GMT
Subject: CN=A1B5DA4BBAC903F84CA7C3D20F5DCCDF2AD07416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:76:7e:b2:dc:14:d9:c4:6d:87:60:0d:ae:1c:
b0:8c:7f:75:2b:64:d6:aa:b0:86:f7:23:20:30:ec:
ae:10:8a:86:e9:16:20:2d:8b:28:18:28:d0:50:41:
27:d0:71:eb:fd:b5:e5:27:d8:99:89:af:bc:f4:d4:
6f:b9:e7:57:13:c4:1f:03:29:90:88:4a:90:95:7f:
f0:09:9d:31:7f:16:1f:b7:97:4e:94:00:0a:08:35:
f3:2a:da:68:8b:ff:28:87:77:62:64:36:64:0f:d6:
45:f2:6c:df:3b:ee:c0:b5:14:80:80:5e:f3:14:46:
84:87:ef:8b:f9:35:56:6f:f2:53:0c:5a:fa:2b:79:
e3:de:7d:37:ff:34:e1:b5:a9:f9:1b:42:3c:85:f1:
36:ef:bb:94:7f:54:8b:19:75:00:6e:63:f5:ed:4b:
a5:de:b2:8e:13:a1:a0:41:3e:e1:9d:a3:54:7c:6f:
d5:7e:46:07:e5:bf:81:53:ac:05:0d:b7:a0:ab:6b:
47:ba:14:73:9e:29:92:6f:99:b8:73:be:86:14:0c:
2b:92:2d:d4:67:32:a1:f2:f3:ef:f4:30:d9:cb:48:
1d:23:a1:8c:7a:0e:b1:d1:bd:4c:1a:7d:20:19:ee:
ca:a4:e1:51:57:53:73:3f:ab:5b:ce:8c:af:7a:d6:
e3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B5:DA:4B:BA:C9:03:F8:4C:A7:C3:D2:0F:5D:CC:DF:2A:D0:74:16
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.209.0/24
Signature Algorithm: sha256WithRSAEncryption
20:1b:4d:b9:0f:1c:a1:1c:c3:16:28:7c:7d:be:28:6b:73:0f:
d0:52:0f:ef:1e:de:ea:bb:8a:51:03:2d:ab:4f:d8:91:2a:17:
12:59:b0:8e:74:e1:b7:c5:ed:cb:5f:47:94:57:73:2b:92:62:
e4:0d:f7:25:ce:e2:5a:c2:98:c1:be:b9:09:6c:31:a8:a7:f1:
2f:44:07:e3:ef:fe:cf:75:b6:24:90:d0:1a:39:e8:d3:71:8b:
a0:54:72:d6:52:cf:0e:99:de:42:04:97:bd:e1:72:54:54:4d:
72:93:b0:54:4f:d2:74:b9:cf:e2:15:63:ba:e0:a6:6a:00:d0:
94:12:46:d5:31:1a:c4:48:af:75:6b:6f:54:e3:5c:46:1f:bf:
0a:de:47:d6:e6:7b:b9:11:97:72:d3:dd:2a:41:b2:20:b6:df:
af:36:9d:23:4d:36:31:ff:9f:ea:71:9f:28:19:73:d2:27:c3:
b6:36:95:cc:d3:90:c5:21:99:fa:de:77:06:2a:cf:b7:bb:b0:
e0:1b:f1:d1:a6:5e:25:5f:3d:50:29:e4:78:18:44:9e:84:77:
fb:74:2b:55:83:d8:59:20:2c:fe:47:87:cd:73:cd:d0:13:cd:
1b:da:27:97:bf:e8:a6:d7:cf:f3:62:38:85:8d:9b:07:ea:6c:
6e:87:5e:ae
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUTxcIcBD5oWlAn00XFn9gWbYDPO8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTAxMDkyMzU5MTNaFw0yNjAxMDkwMDA0MTNaMDMxMTAvBgNV
BAMTKEExQjVEQTRCQkFDOTAzRjg0Q0E3QzNEMjBGNURDQ0RGMkFEMDc0MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTdn6y3BTZxG2HYA2uHLCMf3Ur
ZNaqsIb3IyAw7K4QiobpFiAtiygYKNBQQSfQcev9teUn2JmJr7z01G+551cTxB8D
KZCISpCVf/AJnTF/Fh+3l06UAAoINfMq2miL/yiHd2JkNmQP1kXybN877sC1FICA
XvMURoSH74v5NVZv8lMMWvoreePefTf/NOG1qfkbQjyF8Tbvu5R/VIsZdQBuY/Xt
S6Xeso4ToaBBPuGdo1R8b9V+Rgflv4FTrAUNt6Cra0e6FHOeKZJvmbhzvoYUDCuS
LdRnMqHy8+/0MNnLSB0joYx6DrHRvUwafSAZ7sqk4VFXU3M/q1vOjK961uPPAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUobXaS7rJA/hMp8PSD13M3yrQdBYwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7dEw
DQYJKoZIhvcNAQELBQADggEBACAbTbkPHKEcwxYofH2+KGtzD9BSD+8e3uq7ilED
LatP2JEqFxJZsI504bfF7ctfR5RXcyuSYuQN9yXO4lrCmMG+uQlsMain8S9EB+Pv
/s91tiSQ0Bo56NNxi6BUctZSzw6Z3kIEl73hclRUTXKTsFRP0nS5z+IVY7rgpmoA
0JQSRtUxGsRIr3Vrb1TjXEYfvwreR9bme7kRl3LT3SpBsiC23682nSNNNjH/n+px
nygZc9Inw7Y2lczTkMUhmfredwYqz7e7sOAb8dGmXiVfPVAp5HgYRJ6Ed/t0K1WD
2FkgLP5Hh81zzdATzRvaJ5e/6KbXz/NiOIWNmwfqbG6HXq4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:08:36 2025 by rpki-client