Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32332d3233203d3e20383334.roa
File: 3139342e33342e3235322e302f32332d3233203d3e20383334.roa (raw, json)
Hash identifier: PVTrj+Ri9s5PSkVi2h+fEsNhtGEPi8jzN1uwIMwqIjk=
Subject key identifier: A0:E9:AB:43:B9:48:45:2D:71:05:12:B7:E4:E2:B1:EA:6A:C7:32:5C
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 31B46E8D031615A47148EB66289DB642D1F57ABE
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32332d3233203d3e20383334.roa
Signing time: Sat 11 Jan 2025 12:13:57 +0000
ROA not before: Sat 11 Jan 2025 12:08:57 +0000
ROA not after: Sat 10 Jan 2026 12:13:57 +0000
asID: 834
IP address blocks: 194.34.252.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 11 Jan 2025 15:25:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:b4:6e:8d:03:16:15:a4:71:48:eb:66:28:9d:b6:42:d1:f5:7a:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 12:08:57 2025 GMT
Not After : Jan 10 12:13:57 2026 GMT
Subject: CN=A0E9AB43B948452D710512B7E4E2B1EA6AC7325C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4a:18:90:94:69:17:0a:b8:8c:04:f7:53:6e:
65:83:92:7b:bc:da:36:45:d2:8b:fc:fd:22:d2:50:
a7:df:cf:12:e9:7f:23:f1:60:62:88:03:f6:8e:65:
97:48:81:af:93:db:45:cf:6e:8a:ab:e1:65:43:f8:
9b:c0:18:b4:2b:9d:d0:00:08:80:75:6e:02:b4:05:
34:ff:c8:fd:c9:53:db:66:b8:ed:3f:40:d9:94:c3:
1a:7b:df:0a:57:8a:2d:88:d8:52:ef:7c:12:0a:d2:
1e:d4:73:41:c6:78:69:21:74:e1:96:e2:41:1f:92:
b4:4f:71:b5:a3:d3:67:a0:4c:71:8f:d6:0e:91:66:
1b:11:28:77:02:34:c7:f1:d9:44:58:bc:d8:ac:c8:
d8:87:6d:41:fd:30:7c:69:9e:bb:89:55:ca:55:17:
05:36:a6:a4:65:b1:9f:65:cf:c0:cb:62:05:2a:f8:
bd:5a:55:c4:31:8b:46:80:2e:a1:cb:5a:76:87:79:
ac:ee:55:15:bc:f0:4e:c1:28:ca:d7:4c:d8:59:b9:
da:6a:fd:d6:1b:b0:da:fb:47:27:0a:11:35:6f:2a:
f2:b6:97:75:09:ec:4d:b3:5d:01:eb:c0:4a:27:4f:
5e:9f:e8:fe:d5:ed:92:56:e6:52:8f:03:e0:af:c5:
e0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:E9:AB:43:B9:48:45:2D:71:05:12:B7:E4:E2:B1:EA:6A:C7:32:5C
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32332d3233203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.252.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:44:7b:bc:a1:a1:c1:9c:81:d3:d9:80:78:a3:3d:43:83:02:
8d:d8:44:dc:37:bf:07:a4:72:2d:cd:92:67:7b:6b:eb:1a:20:
d1:50:17:8d:cb:ee:52:39:32:05:b7:4b:f8:b7:a0:7e:12:85:
43:26:90:a5:ae:77:4a:41:6c:19:e1:b8:d9:2b:e8:19:b8:c3:
25:71:53:b4:b5:51:7e:aa:af:b4:5f:98:cb:3a:de:07:a1:b6:
3c:7e:90:e0:2f:d1:9b:3b:4f:7b:37:6a:7c:c8:03:34:26:2c:
04:8a:bb:07:26:c0:c6:35:57:a0:6f:5f:cb:a5:28:eb:43:7d:
a8:1c:e2:55:00:1a:9c:d3:3b:d1:13:e5:68:36:06:c1:94:e5:
80:f1:85:8c:87:36:42:ab:8e:d9:e3:ee:2c:d3:9f:ac:35:46:
51:35:2b:3d:f8:4b:47:e0:0b:ed:35:85:68:6c:ee:73:6f:1b:
45:c9:35:9f:46:6e:12:65:d8:4a:80:5c:3b:8f:70:7e:fa:ca:
99:af:ed:39:2b:8d:09:e1:f8:37:4b:5d:b3:95:a6:45:91:a4:
54:0c:3a:f5:7b:e8:41:42:0b:9b:19:83:b0:86:b1:5f:c9:31:
69:4c:bf:1d:0a:e8:aa:2b:12:8d:93:c3:f5:48:82:1e:83:85:
73:04:fa:98
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUMbRujQMWFaRxSOtmKJ22QtH1er4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExMjA4NTdaFw0yNjAxMTAxMjEzNTdaMDMxMTAvBgNV
BAMTKEEwRTlBQjQzQjk0ODQ1MkQ3MTA1MTJCN0U0RTJCMUVBNkFDNzMyNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmShiQlGkXCriMBPdTbmWDknu8
2jZF0ov8/SLSUKffzxLpfyPxYGKIA/aOZZdIga+T20XPboqr4WVD+JvAGLQrndAA
CIB1bgK0BTT/yP3JU9tmuO0/QNmUwxp73wpXii2I2FLvfBIK0h7Uc0HGeGkhdOGW
4kEfkrRPcbWj02egTHGP1g6RZhsRKHcCNMfx2URYvNisyNiHbUH9MHxpnruJVcpV
FwU2pqRlsZ9lz8DLYgUq+L1aVcQxi0aALqHLWnaHeazuVRW88E7BKMrXTNhZudpq
/dYbsNr7RycKETVvKvK2l3UJ7E2zXQHrwEonT16f6P7V7ZJW5lKPA+CvxeB7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUoOmrQ7lIRS1xBRK35OKx6mrHMlwwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHCIvww
DQYJKoZIhvcNAQELBQADggEBAAtEe7yhocGcgdPZgHijPUODAo3YRNw3vwekci3N
kmd7a+saINFQF43L7lI5MgW3S/i3oH4ShUMmkKWud0pBbBnhuNkr6Bm4wyVxU7S1
UX6qr7RfmMs63gehtjx+kOAv0Zs7T3s3anzIAzQmLASKuwcmwMY1V6BvX8ulKOtD
fagc4lUAGpzTO9ET5Wg2BsGU5YDxhYyHNkKrjtnj7izTn6w1RlE1Kz34S0fgC+01
hWhs7nNvG0XJNZ9GbhJl2EqAXDuPcH76ypmv7TkrjQnh+DdLXbOVpkWRpFQMOvV7
6EFCC5sZg7CGsV/JMWlMvx0K6KorEo2Tw/VIgh6DhXME+pg=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:28:21 2025 by rpki-client