Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3233203d3e20383334.roa
File: 3138352e3231332e3235302e302f32332d3233203d3e20383334.roa (raw, json)
Hash identifier: 6cjx4XDgGM0Ghy4c7u9+H60qAxCOxlYBTeiQpzCrDZg=
Subject key identifier: A5:17:41:82:E5:8D:73:ED:83:E6:94:74:BC:E3:CA:DE:64:D6:F3:EA
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 32832AFF8FCB7D81E636581367492F60524B3A03
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3233203d3e20383334.roa
Signing time: Sat 11 Jan 2025 12:13:55 +0000
ROA not before: Sat 11 Jan 2025 12:08:55 +0000
ROA not after: Sat 10 Jan 2026 12:13:55 +0000
asID: 834
IP address blocks: 185.213.250.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 11 Jan 2025 14:56:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:83:2a:ff:8f:cb:7d:81:e6:36:58:13:67:49:2f:60:52:4b:3a:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 12:08:55 2025 GMT
Not After : Jan 10 12:13:55 2026 GMT
Subject: CN=A5174182E58D73ED83E69474BCE3CADE64D6F3EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2b:62:d1:a0:32:10:3c:d0:d1:da:f4:5d:dc:
9f:75:a3:6d:b6:93:bf:34:05:4c:c6:60:f7:79:b5:
41:da:24:8e:ba:b1:cb:a0:10:dd:be:c9:11:b6:5b:
64:76:0d:4d:4f:e8:bb:34:ea:78:44:7c:0a:0f:a7:
35:2f:c0:bb:3b:87:dd:ce:17:8c:22:db:56:05:a5:
a3:7d:83:99:48:41:5b:0b:e2:ea:82:f2:8b:f1:3c:
07:65:50:42:07:66:13:28:89:22:a7:29:51:24:4f:
17:98:60:f3:7f:03:3b:6d:3c:25:8b:1c:d1:aa:ff:
eb:25:84:74:03:1f:4c:fc:54:67:d5:75:02:fc:51:
65:5e:68:8e:49:d8:0d:61:d4:3c:fe:14:00:49:56:
de:21:8f:38:9b:03:8a:86:3d:30:4a:a8:9d:47:f2:
69:a6:fb:af:d1:cd:b1:a2:57:ca:fd:44:60:ad:1b:
f7:25:dc:ce:ae:25:55:12:32:c3:08:d3:66:4b:60:
8c:c9:0d:7d:7a:07:2f:3f:f2:85:1f:6a:9d:a6:ac:
d9:40:a3:0e:5a:b1:b3:82:67:33:c9:0e:4c:57:90:
2f:ac:20:94:81:90:c3:e0:d2:38:9a:7d:fc:1d:1b:
33:31:f0:12:b9:23:1c:01:35:c0:6e:9a:1f:c7:68:
01:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:17:41:82:E5:8D:73:ED:83:E6:94:74:BC:E3:CA:DE:64:D6:F3:EA
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235302e302f32332d3233203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.250.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:a8:a0:1e:28:0c:12:f6:59:d0:ea:dd:49:bc:93:21:bc:41:
df:a7:0e:14:f2:73:36:8b:e2:9c:e9:fe:a1:9c:e6:ec:df:5a:
2f:97:4e:af:14:75:f2:a8:80:d8:79:a7:bc:88:7f:43:5f:f8:
83:6f:3e:46:75:9f:7b:31:ec:32:72:15:2a:64:7e:63:a1:2c:
58:96:0c:e0:41:07:e5:1f:5d:80:33:23:0b:7d:f1:44:bd:c7:
a9:d9:dd:83:d0:01:a6:28:91:62:9e:e2:72:93:3b:75:ee:7e:
84:c5:05:24:ec:0d:3a:43:52:2f:9b:06:fd:78:f2:d1:f7:6e:
3d:54:2e:2e:5f:65:a8:ff:aa:01:88:04:6d:86:6e:82:45:d8:
25:49:a3:e0:36:ed:cb:83:04:24:e3:bc:d3:b9:74:54:cd:88:
98:e9:aa:50:26:5e:de:c0:5f:10:20:51:3a:51:92:e6:7d:6d:
2b:89:e6:3f:dc:2f:9d:b6:e8:6b:84:dd:84:db:dc:b1:cd:ac:
d0:69:b6:11:98:51:6c:1b:d4:af:c0:dc:88:7b:03:79:2e:81:
46:16:84:ab:86:41:54:81:22:fe:cf:c0:bc:de:1b:ef:ac:e5:
4c:40:e1:cd:67:9c:eb:db:67:e8:bd:31:45:88:3f:95:9b:fc:
e6:07:2a:5e
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMoMq/4/LfYHmNlgTZ0kvYFJLOgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExMjA4NTVaFw0yNjAxMTAxMjEzNTVaMDMxMTAvBgNV
BAMTKEE1MTc0MTgyRTU4RDczRUQ4M0U2OTQ3NEJDRTNDQURFNjRENkYzRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGK2LRoDIQPNDR2vRd3J91o222
k780BUzGYPd5tUHaJI66scugEN2+yRG2W2R2DU1P6Ls06nhEfAoPpzUvwLs7h93O
F4wi21YFpaN9g5lIQVsL4uqC8ovxPAdlUEIHZhMoiSKnKVEkTxeYYPN/AzttPCWL
HNGq/+slhHQDH0z8VGfVdQL8UWVeaI5J2A1h1Dz+FABJVt4hjzibA4qGPTBKqJ1H
8mmm+6/RzbGiV8r9RGCtG/cl3M6uJVUSMsMI02ZLYIzJDX16By8/8oUfap2mrNlA
ow5asbOCZzPJDkxXkC+sIJSBkMPg0jiaffwdGzMx8BK5IxwBNcBumh/HaAHLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpRdBguWNc+2D5pR0vOPK3mTW8+owHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnV
+jANBgkqhkiG9w0BAQsFAAOCAQEAa6igHigMEvZZ0OrdSbyTIbxB36cOFPJzNovi
nOn+oZzm7N9aL5dOrxR18qiA2HmnvIh/Q1/4g28+RnWfezHsMnIVKmR+Y6EsWJYM
4EEH5R9dgDMjC33xRL3Hqdndg9ABpiiRYp7icpM7de5+hMUFJOwNOkNSL5sG/Xjy
0fduPVQuLl9lqP+qAYgEbYZugkXYJUmj4Dbty4MEJOO807l0VM2ImOmqUCZe3sBf
ECBROlGS5n1tK4nmP9wvnbboa4TdhNvcsc2s0Gm2EZhRbBvUr8DciHsDeS6BRhaE
q4ZBVIEi/s/AvN4b76zlTEDhzWec69tn6L0xRYg/lZv85gcqXg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:39:47 2025 by rpki-client