Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323133373038.roa
File: 3138352e3231372e3134302e302f32342d3234203d3e20323133373038.roa (raw, json)
Hash identifier: Fy1PxaLDxJIUOESR0a+y+ovZdXxgAO0kLIlCJ2NHuPY=
Subject key identifier: 7F:70:25:44:8D:44:1E:00:39:01:25:51:A9:FC:D9:76:6E:FC:23:3D
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 4E7030D57FA31D80F78FC5976E9A6947917076B4
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323133373038.roa
Signing time: Thu 02 Jan 2025 09:39:52 +0000
ROA not before: Thu 02 Jan 2025 09:34:52 +0000
ROA not after: Thu 01 Jan 2026 09:39:52 +0000
asID: 213708
IP address blocks: 185.217.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Feb 2025 10:59:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:70:30:d5:7f:a3:1d:80:f7:8f:c5:97:6e:9a:69:47:91:70:76:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Jan 2 09:34:52 2025 GMT
Not After : Jan 1 09:39:52 2026 GMT
Subject: CN=7F7025448D441E0039012551A9FCD9766EFC233D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:93:e3:3c:8e:c4:28:8d:25:bd:d2:f9:0d:33:
e5:25:f2:25:dd:87:d3:6c:29:8e:2d:99:b3:dd:a4:
94:6c:6f:49:df:41:97:76:cd:60:9f:27:1f:3a:03:
7b:82:89:18:2f:2a:b6:e0:dc:8b:3e:f1:9b:33:4c:
ef:8f:1a:d1:28:30:1a:15:a5:12:5a:78:cd:a2:04:
2c:4b:4d:81:96:f9:55:09:39:b5:68:73:b0:81:2f:
82:2d:94:45:4a:30:26:96:42:1a:e9:cb:1e:e3:df:
7a:22:ba:e9:01:b4:f8:2f:9e:db:94:98:45:f4:1d:
11:cc:b4:4e:8f:01:17:1e:ed:95:cf:62:fe:93:fe:
76:78:29:fa:b0:93:06:fa:f3:50:fc:f8:a7:24:e9:
24:ea:bd:d2:c8:c8:11:f2:17:3f:b3:24:03:cb:59:
f4:2b:91:1c:89:5a:47:9e:84:5c:be:bf:09:6f:42:
43:24:32:24:e8:4c:0d:91:03:d2:79:90:33:c8:aa:
06:04:72:0e:37:d0:b3:b3:ce:4d:87:f1:3c:8c:d9:
fb:c3:cd:cf:54:ad:9a:98:6a:83:70:45:55:31:e0:
74:69:e6:2a:2b:ec:d1:94:ba:87:bf:71:6b:dc:7e:
ff:21:48:ca:42:ca:fb:a9:72:77:6f:b3:fa:90:f2:
69:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:70:25:44:8D:44:1E:00:39:01:25:51:A9:FC:D9:76:6E:FC:23:3D
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e20323133373038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.140.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:dc:ca:4d:14:49:41:76:b2:4d:b7:59:06:ed:d6:3a:be:c1:
46:e5:ab:cb:8f:3c:ce:de:59:92:67:87:7d:9c:7e:2f:f5:e0:
79:0e:7c:58:78:a7:18:3d:68:3d:b9:fd:de:81:c4:b3:18:d6:
90:09:66:d6:e9:f8:ef:8c:a1:41:c6:32:fd:73:bc:fe:03:86:
13:7f:6d:17:b7:4d:e8:67:02:17:d8:d7:01:8f:49:8e:72:81:
c8:58:0c:59:b0:18:35:9e:3c:ac:d2:0b:48:f2:d0:bd:1e:63:
fd:95:19:73:c2:88:81:62:7c:f7:65:a9:50:03:6f:e6:c3:8a:
da:d4:a8:49:3c:4a:c8:97:f7:c4:09:6f:ef:ec:f4:69:14:2c:
df:54:eb:7d:10:ba:18:c2:1a:c6:b0:a0:7e:83:32:41:71:d1:
68:c4:91:06:4e:5d:3b:33:c8:e5:f9:77:41:90:c5:75:42:79:
cd:45:57:27:a6:7a:53:32:1b:78:60:a4:4b:b7:c5:51:5c:82:
b1:ea:a6:a0:d0:9b:0b:d1:82:1c:d8:bd:db:a0:72:f7:9d:22:
fd:18:a7:34:e9:a7:1e:2e:b9:97:2f:42:8e:4e:82:cd:e5:22:
0d:c4:7b:2c:09:7e:43:f9:65:a1:12:77:49:f7:43:7c:7b:76:
54:72:39:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTnAw1X+jHYD3j8WXbpppR5FwdrQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTAxMDIwOTM0NTJaFw0yNjAxMDEwOTM5NTJaMDMxMTAvBgNV
BAMTKDdGNzAyNTQ0OEQ0NDFFMDAzOTAxMjU1MUE5RkNEOTc2NkVGQzIzM0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5k+M8jsQojSW90vkNM+Ul8iXd
h9NsKY4tmbPdpJRsb0nfQZd2zWCfJx86A3uCiRgvKrbg3Is+8ZszTO+PGtEoMBoV
pRJaeM2iBCxLTYGW+VUJObVoc7CBL4ItlEVKMCaWQhrpyx7j33oiuukBtPgvntuU
mEX0HRHMtE6PARce7ZXPYv6T/nZ4Kfqwkwb681D8+Kck6STqvdLIyBHyFz+zJAPL
WfQrkRyJWkeehFy+vwlvQkMkMiToTA2RA9J5kDPIqgYEcg430LOzzk2H8TyM2fvD
zc9UrZqYaoNwRVUx4HRp5ior7NGUuoe/cWvcfv8hSMpCyvupcndvs/qQ8mmNAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUf3AlRI1EHgA5ASVRqfzZdm78Iz0wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzM3MzAzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZjDANBgkqhkiG9w0BAQsFAAOCAQEAjtzKTRRJQXayTbdZBu3WOr7BRuWr
y488zt5ZkmeHfZx+L/XgeQ58WHinGD1oPbn93oHEsxjWkAlm1un474yhQcYy/XO8
/gOGE39tF7dN6GcCF9jXAY9JjnKByFgMWbAYNZ48rNILSPLQvR5j/ZUZc8KIgWJ8
92WpUANv5sOK2tSoSTxKyJf3xAlv7+z0aRQs31TrfRC6GMIaxrCgfoMyQXHRaMSR
Bk5dOzPI5fl3QZDFdUJ5zUVXJ6Z6UzIbeGCkS7fFUVyCseqmoNCbC9GCHNi926By
950i/RinNOmnHi65ly9Cjk6CzeUiDcR7LAl+Q/lloRJ3SfdDfHt2VHI5Yg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 15:53:58 2025 by rpki-client