Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e2035303635.roa
File: 3138352e3231372e3134302e302f32342d3234203d3e2035303635.roa (raw, json)
Hash identifier: /gCZB+LDH1/r0GIrW5iHE7V2MVK/jlcO4S+1IB4i3so=
Subject key identifier: 3A:56:98:C8:FF:90:A0:6D:93:27:BF:E2:B8:15:FB:05:8F:C9:43:B6
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 77600A80A41BE6C8740BCF23C52582D4E6D66F7D
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e2035303635.roa
Signing time: Fri 16 May 2025 11:52:04 +0000
ROA not before: Fri 16 May 2025 11:47:04 +0000
ROA not after: Fri 15 May 2026 11:52:04 +0000
asID: 5065
IP address blocks: 185.217.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 07:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:60:0a:80:a4:1b:e6:c8:74:0b:cf:23:c5:25:82:d4:e6:d6:6f:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: May 16 11:47:04 2025 GMT
Not After : May 15 11:52:04 2026 GMT
Subject: CN=3A5698C8FF90A06D9327BFE2B815FB058FC943B6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:01:d8:3b:0a:2e:3d:4f:eb:c3:9b:75:cc:2d:
94:19:52:23:80:38:4c:d7:0d:68:f1:3b:b0:54:94:
90:49:bb:30:85:90:51:ec:6b:16:37:18:ed:fb:92:
4a:f1:32:c6:dd:29:9c:0d:ff:a3:8b:8b:46:13:84:
0c:63:ec:42:69:a6:f1:60:71:b2:d0:76:9a:d4:50:
af:69:8c:c0:09:1b:5f:93:dd:04:5f:ae:99:96:b8:
ea:a0:c8:bc:8a:41:ed:75:f2:2f:c4:4f:24:36:b0:
18:a5:cf:0a:dd:a6:3a:07:90:53:7d:84:e8:c5:cc:
5b:74:76:8a:d4:79:84:28:e0:a0:52:4a:db:3b:e6:
9d:fd:16:b6:c1:b4:c9:f0:86:6c:94:99:65:86:90:
6b:2d:a5:42:13:bf:76:e1:8d:b4:50:df:1b:de:a5:
55:0c:27:6a:21:29:ba:ce:40:88:a0:29:09:86:c4:
c3:5b:28:bc:49:f6:0e:d5:19:b7:4d:c5:85:2e:41:
7c:0c:2c:79:ba:9d:cb:6d:d4:30:87:2a:09:f6:8d:
a7:c0:c3:1e:11:60:15:b3:13:cf:9d:86:86:5c:ee:
39:f2:ec:62:f0:06:ff:6d:61:85:19:a5:7f:71:58:
24:e1:4b:54:8d:57:5f:cf:5b:70:81:f0:32:ec:99:
a1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:56:98:C8:FF:90:A0:6D:93:27:BF:E2:B8:15:FB:05:8F:C9:43:B6
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3231372e3134302e302f32342d3234203d3e2035303635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.140.0/24
Signature Algorithm: sha256WithRSAEncryption
04:30:2c:0b:1a:e9:31:64:dc:2e:57:8c:66:7e:a7:c4:1e:82:
25:ac:1b:df:c0:54:7e:ff:44:5a:d1:4e:e8:32:9e:20:eb:d9:
bb:e6:d4:70:6d:33:ca:dd:8d:62:f3:e5:81:70:53:34:2d:40:
00:81:0d:bf:c1:3b:3e:eb:4a:43:99:83:83:55:68:9a:d9:48:
30:e0:cd:74:56:75:5d:02:19:2b:35:d7:ad:40:bc:52:95:31:
9b:ea:8c:92:70:9a:94:56:cf:ff:e8:4d:ca:ab:ac:6b:22:9a:
70:3e:3b:3b:15:97:aa:c5:2a:1d:96:87:b9:70:ac:82:ea:69:
4c:93:e3:79:c1:e9:86:0b:11:dc:3a:20:18:55:dc:fd:23:5e:
54:8a:b2:8e:dc:4e:66:7c:ca:27:89:98:70:ea:79:f7:e6:7b:
5c:d6:df:3f:54:04:35:09:ba:d9:d1:3e:c1:7e:df:1c:bc:d3:
c9:89:9d:49:b1:4a:0b:2b:d9:a1:eb:3d:55:c8:7d:fe:b7:15:
88:b6:8d:85:35:36:02:c6:5f:17:8a:ca:47:9a:b6:2d:9c:1c:
a2:bb:fe:3f:26:72:a5:6c:39:3a:a4:42:c3:2f:af:4a:61:ad:
84:2c:79:c6:5a:4b:c5:71:06:55:d8:e8:f1:ea:9a:7e:18:19:
bb:ef:c4:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUd2AKgKQb5sh0C88jxSWC1ObWb30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA1MTYxMTQ3MDRaFw0yNjA1MTUxMTUyMDRaMDMxMTAvBgNV
BAMTKDNBNTY5OEM4RkY5MEEwNkQ5MzI3QkZFMkI4MTVGQjA1OEZDOTQzQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhAdg7Ci49T+vDm3XMLZQZUiOA
OEzXDWjxO7BUlJBJuzCFkFHsaxY3GO37kkrxMsbdKZwN/6OLi0YThAxj7EJppvFg
cbLQdprUUK9pjMAJG1+T3QRfrpmWuOqgyLyKQe118i/ETyQ2sBilzwrdpjoHkFN9
hOjFzFt0dorUeYQo4KBSSts75p39FrbBtMnwhmyUmWWGkGstpUITv3bhjbRQ3xve
pVUMJ2ohKbrOQIigKQmGxMNbKLxJ9g7VGbdNxYUuQXwMLHm6nctt1DCHKgn2jafA
wx4RYBWzE8+dhoZc7jny7GLwBv9tYYUZpX9xWCThS1SNV1/PW3CB8DLsmaETAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUOlaYyP+QoG2TJ7/iuBX7BY/JQ7YwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMxMzcyZTMx
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzAzNjM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udmMMA0GCSqGSIb3DQEBCwUAA4IBAQAEMCwLGukxZNwuV4xmfqfEHoIlrBvfwFR+
/0Ra0U7oMp4g69m75tRwbTPK3Y1i8+WBcFM0LUAAgQ2/wTs+60pDmYODVWia2Ugw
4M10VnVdAhkrNdetQLxSlTGb6oyScJqUVs//6E3Kq6xrIppwPjs7FZeqxSodloe5
cKyC6mlMk+N5wemGCxHcOiAYVdz9I15UirKO3E5mfMoniZhw6nn35ntc1t8/VAQ1
CbrZ0T7Bft8cvNPJiZ1JsUoLK9mh6z1VyH3+txWIto2FNTYCxl8XispHmrYtnByi
u/4/JnKlbDk6pELDL69KYa2ELHnGWkvFcQZV2Ojx6pp+GBm778SQ
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:40:42 2025 by rpki-client