Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20383334.roa
File: 3138352e3232362e3135342e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: nBa213K6KQSqlxgJdjqsn5+YygSXDUs1n/tvwIcCt0w=
Subject key identifier: 06:B2:38:3B:5B:04:FF:F2:BB:F9:F0:79:12:30:26:11:EC:A1:15:45
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 233A272B99566C4ED08D0DF6F8AC0B26A5FD8BC6
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20383334.roa
Signing time: Fri 29 Nov 2024 00:01:08 +0000
ROA not before: Thu 28 Nov 2024 23:56:08 +0000
ROA not after: Fri 28 Nov 2025 00:01:08 +0000
asID: 834
IP address blocks: 185.226.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 16:54:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:3a:27:2b:99:56:6c:4e:d0:8d:0d:f6:f8:ac:0b:26:a5:fd:8b:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Nov 28 23:56:08 2024 GMT
Not After : Nov 28 00:01:08 2025 GMT
Subject: CN=06B2383B5B04FFF2BBF9F07912302611ECA11545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d8:6f:b6:9c:f8:f5:5f:85:83:0d:90:67:3d:
00:d3:40:7b:5e:c9:46:de:1f:ef:72:9e:53:e6:21:
48:e3:77:6c:b8:fc:8d:c1:71:88:c9:bd:f8:48:4f:
70:d2:97:3c:37:d9:98:86:43:14:e9:1e:4e:ab:8f:
89:47:a4:11:67:9c:8b:d0:62:e1:84:62:65:86:88:
3a:62:bb:83:f3:a9:fc:7e:fb:e6:0c:77:39:bc:21:
76:d4:38:8e:09:1a:3a:8e:b0:c3:ff:a2:e9:1e:f6:
ec:5d:76:36:62:6c:68:b6:fb:58:17:bd:7b:7a:d2:
97:a9:66:e0:91:21:81:f9:cc:fd:d0:76:14:9b:a3:
54:09:96:63:05:37:62:c5:13:53:a0:f5:ee:13:50:
05:2b:3e:a1:95:b3:4d:14:78:d3:e5:07:90:35:9d:
81:af:ea:54:05:34:a0:09:b2:28:c3:63:63:4c:6c:
27:2d:b3:3d:61:8c:ea:f5:f1:bf:4f:47:13:e5:4a:
9f:75:09:3f:91:51:71:6d:97:d2:c1:40:d5:6e:84:
e3:1f:80:f2:0b:83:ca:60:40:0e:2c:e9:c3:96:ba:
19:9b:0e:47:65:50:dd:44:c0:ce:d7:7b:97:56:b7:
15:46:86:57:2d:8a:5c:e9:35:8f:27:18:69:3a:77:
8d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B2:38:3B:5B:04:FF:F2:BB:F9:F0:79:12:30:26:11:EC:A1:15:45
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135342e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.154.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4b:84:b8:22:42:b9:3a:9f:40:52:bb:3f:4a:6a:6b:bd:09:
c7:c8:dd:17:00:1e:f1:9e:48:c0:65:5c:14:df:c6:26:47:13:
aa:9a:9e:b9:7b:46:e2:e2:fd:0e:fb:a8:ae:ca:95:75:b4:ab:
9c:85:42:23:cc:f4:bf:e8:56:f5:87:ff:34:cf:e7:a9:6a:df:
79:01:7b:bd:71:74:74:fd:30:03:41:50:a1:95:45:38:87:47:
bd:b0:50:b0:87:b2:5d:c4:8c:68:04:73:ba:90:48:7f:0a:f9:
2a:a4:ed:3c:76:58:a9:3d:aa:69:55:c4:22:6f:e5:bf:b8:c5:
fc:28:0f:cc:e4:c0:03:da:3e:71:8f:6f:84:b9:9b:c9:c8:75:
eb:31:44:9a:ae:54:96:e6:10:a5:ea:33:b9:15:66:24:12:8d:
1b:f9:3c:7d:90:2b:eb:b1:d2:9a:31:df:56:99:e5:75:a7:d6:
76:16:b5:48:b9:41:2a:d3:81:b4:6d:20:2d:80:93:e7:34:49:
4b:03:a3:a9:35:4f:53:e2:69:8b:56:0f:58:0d:9f:3c:e8:62:
da:7a:ca:d7:bc:ec:03:a2:3e:ce:6c:db:e5:65:ea:12:fc:6f:
b2:75:3a:2f:07:78:bb:8d:16:f8:a1:cb:c1:20:fc:0b:de:f7:
97:dd:96:77
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUIzonK5lWbE7QjQ32+KwLJqX9i8YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNDExMjgyMzU2MDhaFw0yNTExMjgwMDAxMDhaMDMxMTAvBgNV
BAMTKDA2QjIzODNCNUIwNEZGRjJCQkY5RjA3OTEyMzAyNjExRUNBMTE1NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm2G+2nPj1X4WDDZBnPQDTQHte
yUbeH+9ynlPmIUjjd2y4/I3BcYjJvfhIT3DSlzw32ZiGQxTpHk6rj4lHpBFnnIvQ
YuGEYmWGiDpiu4Pzqfx+++YMdzm8IXbUOI4JGjqOsMP/ouke9uxddjZibGi2+1gX
vXt60pepZuCRIYH5zP3QdhSbo1QJlmMFN2LFE1Og9e4TUAUrPqGVs00UeNPlB5A1
nYGv6lQFNKAJsijDY2NMbCctsz1hjOr18b9PRxPlSp91CT+RUXFtl9LBQNVuhOMf
gPILg8pgQA4s6cOWuhmbDkdlUN1EwM7Xe5dWtxVGhlctilzpNY8nGGk6d43vAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUBrI4O1sE//K7+fB5EjAmEeyhFUUwHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALni
mjANBgkqhkiG9w0BAQsFAAOCAQEAO0uEuCJCuTqfQFK7P0pqa70Jx8jdFwAe8Z5I
wGVcFN/GJkcTqpqeuXtG4uL9DvuorsqVdbSrnIVCI8z0v+hW9Yf/NM/nqWrfeQF7
vXF0dP0wA0FQoZVFOIdHvbBQsIeyXcSMaARzupBIfwr5KqTtPHZYqT2qaVXEIm/l
v7jF/CgPzOTAA9o+cY9vhLmbych16zFEmq5UluYQpeozuRVmJBKNG/k8fZAr67HS
mjHfVpnldafWdha1SLlBKtOBtG0gLYCT5zRJSwOjqTVPU+Jpi1YPWA2fPOhi2nrK
17zsA6I+zmzb5WXqEvxvsnU6Lwd4u40W+KHLwSD8C973l92Wdw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:40:56 2025 by rpki-client