Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
File: 38352e3233372e3232332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: SaMMxOIqMw/auFUGuggXMjrnRcCx3urMYzalhYpuHew=
Subject key identifier: F7:37:60:CF:CF:75:A7:FD:3D:24:1A:26:4B:BB:E7:D5:27:F6:23:F6
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 69181C91A75A447151DFAFE62027B576C0E55D1F
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
Signing time: Tue 01 Jul 2025 00:00:58 +0000
ROA not before: Mon 30 Jun 2025 23:55:58 +0000
ROA not after: Tue 30 Jun 2026 00:00:58 +0000
asID: 834
IP address blocks: 85.237.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Jul 2025 05:41:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:18:1c:91:a7:5a:44:71:51:df:af:e6:20:27:b5:76:c0:e5:5d:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 30 23:55:58 2025 GMT
Not After : Jun 30 00:00:58 2026 GMT
Subject: CN=F73760CFCF75A7FD3D241A264BBBE7D527F623F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:92:9e:52:28:d5:c7:eb:f8:87:47:a3:27:92:
b1:1a:0f:eb:6e:ed:52:94:5f:5e:07:cd:f7:7f:bf:
67:f4:3a:4c:88:02:e6:eb:64:75:ee:13:ed:1d:bc:
b8:57:27:1c:ab:48:cd:ac:4c:2d:a5:a1:42:1a:ac:
5a:b1:f3:f1:4f:db:1b:91:83:5a:5e:0f:76:1b:e7:
1b:60:ea:ce:ab:97:b8:19:8a:98:92:49:27:f3:f5:
aa:ef:04:52:28:7c:b5:49:92:95:be:a0:c0:94:48:
c3:a4:48:f7:c1:bc:f7:39:d2:aa:3e:e3:ad:84:99:
e3:af:08:bd:a7:3b:fd:be:f2:87:69:16:76:c4:ec:
45:6f:37:a8:39:ea:96:b7:62:71:0c:15:97:06:5f:
1b:59:84:e1:69:b7:93:27:04:ca:8b:e6:61:de:33:
1a:1f:d7:19:5e:30:43:1d:e4:e8:7d:d3:76:ad:90:
43:77:7f:96:3b:ba:cc:9c:91:88:91:13:27:7c:5b:
74:73:31:60:47:c8:a2:fa:17:d1:14:27:e7:1f:f2:
21:08:95:9a:8e:1a:7c:0c:5a:10:e0:bf:87:77:56:
2c:4a:bd:9f:db:7a:79:5b:7b:73:54:d7:44:31:02:
37:43:d8:c8:ed:a2:65:2a:1a:db:d0:ea:3d:fb:0d:
2d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:37:60:CF:CF:75:A7:FD:3D:24:1A:26:4B:BB:E7:D5:27:F6:23:F6
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.223.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f7:be:6d:59:cb:21:a8:6d:08:e8:bf:f6:2a:3e:12:6b:3f:
63:53:8b:66:26:1e:44:68:7f:7e:12:15:75:e2:02:c1:f6:9d:
9e:a2:d2:4b:02:e2:8c:86:f7:ca:5f:e0:bf:ac:dc:4f:7a:98:
0d:ed:32:52:d7:a6:7e:94:b3:94:30:dd:3a:0a:5b:b5:40:8d:
d6:a5:2b:75:98:bf:73:65:7c:10:18:d3:2d:c3:ef:4f:ba:a7:
72:be:a3:66:cb:13:91:2f:20:bd:5a:e8:b3:1c:be:33:d6:ea:
ef:04:59:f3:64:5b:a4:16:de:e7:a1:be:43:b5:1d:6d:25:6b:
19:db:8d:8b:7a:8d:66:87:06:c8:f9:b8:77:69:af:a6:6a:37:
bf:e1:d3:c1:16:ff:ae:57:5f:02:bf:78:0f:4f:d7:32:06:16:
5d:54:38:3e:27:00:16:81:bb:1b:60:db:34:92:68:42:f8:d2:
a9:38:08:91:3b:f1:ec:70:a0:c3:bd:98:72:69:2f:a8:22:ab:
0d:3e:7d:12:ec:ce:e8:e5:f4:0f:a7:80:0f:9b:70:05:c2:56:
2c:1e:a9:25:31:53:b0:00:68:77:60:69:1e:10:d2:54:a9:3c:
d8:79:07:a7:94:c4:0a:59:69:a7:db:23:2e:44:51:f9:a5:1a:
93:55:dd:6d
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUaRgckadaRHFR36/mICe1dsDlXR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA2MzAyMzU1NThaFw0yNjA2MzAwMDAwNThaMDMxMTAvBgNV
BAMTKEY3Mzc2MENGQ0Y3NUE3RkQzRDI0MUEyNjRCQkJFN0Q1MjdGNjIzRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjkp5SKNXH6/iHR6MnkrEaD+tu
7VKUX14Hzfd/v2f0OkyIAubrZHXuE+0dvLhXJxyrSM2sTC2loUIarFqx8/FP2xuR
g1peD3Yb5xtg6s6rl7gZipiSSSfz9arvBFIofLVJkpW+oMCUSMOkSPfBvPc50qo+
462EmeOvCL2nO/2+8odpFnbE7EVvN6g56pa3YnEMFZcGXxtZhOFpt5MnBMqL5mHe
Mxof1xleMEMd5Oh903atkEN3f5Y7usyckYiREyd8W3RzMWBHyKL6F9EUJ+cf8iEI
lZqOGnwMWhDgv4d3VixKvZ/benlbe3NU10QxAjdD2MjtomUqGtvQ6j37DS3nAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU9zdgz891p/09JBomS7vn1Sf2I/YwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7d8w
DQYJKoZIhvcNAQELBQADggEBAIH3vm1ZyyGobQjov/YqPhJrP2NTi2YmHkRof34S
FXXiAsH2nZ6i0ksC4oyG98pf4L+s3E96mA3tMlLXpn6Us5Qw3ToKW7VAjdalK3WY
v3NlfBAY0y3D70+6p3K+o2bLE5EvIL1a6LMcvjPW6u8EWfNkW6QW3uehvkO1HW0l
axnbjYt6jWaHBsj5uHdpr6ZqN7/h08EW/65XXwK/eA9P1zIGFl1UOD4nABaBuxtg
2zSSaEL40qk4CJE78exwoMO9mHJpL6giqw0+fRLszujl9A+ngA+bcAXCViweqSUx
U7AAaHdgaR4Q0lSpPNh5B6eUxApZaafbIy5EUfmlGpNV3W0=
-----END CERTIFICATE-----
Generated at Thu Jul 31 23:34:41 2025 by rpki-client