Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20383334.roa
File: 3139342e33342e3235322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 2h8kvy6WBEIrxSHD1bXBUVOW6d0yP9zgIqd9pVncgpA=
Subject key identifier: 70:6A:FE:D8:05:4E:3D:CC:67:30:5E:99:D8:FA:89:8A:C3:F8:18:E5
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 564FAC57B618099EF18306427014EA9E34D7A81D
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20383334.roa
Signing time: Sat 11 Jan 2025 15:26:07 +0000
ROA not before: Sat 11 Jan 2025 15:21:07 +0000
ROA not after: Sat 10 Jan 2026 15:26:07 +0000
asID: 834
IP address blocks: 194.34.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 12 Jan 2025 22:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:4f:ac:57:b6:18:09:9e:f1:83:06:42:70:14:ea:9e:34:d7:a8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 11 15:21:07 2025 GMT
Not After : Jan 10 15:26:07 2026 GMT
Subject: CN=706AFED8054E3DCC67305E99D8FA898AC3F818E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:2d:f3:f7:e5:bd:81:09:ff:1b:14:3e:ab:5b:
45:07:de:52:f8:09:1e:e6:24:5a:52:db:24:f8:4f:
cc:76:81:66:9b:f6:a0:55:31:a2:16:7f:9c:47:11:
df:16:78:31:12:bc:70:63:c8:b9:da:81:1d:d6:b4:
c5:8d:ab:16:91:3f:c1:cb:13:71:5f:39:d5:a4:57:
a9:38:b2:fc:a7:a6:6a:4f:25:cf:1d:ac:15:7d:ed:
88:a1:f2:0a:0d:02:ae:f2:61:c4:74:c2:48:49:12:
8a:d7:bf:45:3c:3c:8b:70:de:63:0a:64:16:e9:47:
b5:35:2b:14:56:c9:e5:f4:68:c7:a7:e9:a1:07:d5:
45:98:ec:0b:49:1c:1b:c0:56:f2:fc:7a:8d:3f:61:
8d:f5:3f:91:d3:6c:e6:dd:eb:35:ba:b9:98:66:e9:
38:37:40:d6:ec:08:af:3f:8d:ed:ab:f2:03:41:5f:
3c:4a:cc:aa:13:af:a0:65:af:4a:ba:46:88:45:c5:
6f:09:f3:a0:46:36:53:66:42:61:27:d4:8c:be:21:
b3:31:f3:fe:8a:b3:d8:c5:07:27:e2:67:9e:11:e8:
85:c0:3b:8d:81:4f:b0:0a:36:57:1a:31:ac:44:8d:
c4:bc:9b:a8:de:3e:82:db:f0:1a:34:a7:27:1b:7f:
b3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:6A:FE:D8:05:4E:3D:CC:67:30:5E:99:D8:FA:89:8A:C3:F8:18:E5
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3139342e33342e3235322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:1a:c9:47:1b:1e:de:9f:08:3d:a8:fa:4d:97:a3:c9:d2:e9:
8a:2d:dc:48:a0:60:26:f2:4c:77:60:95:a7:ab:87:15:28:29:
67:f6:63:a1:9c:06:71:52:24:4a:77:8a:54:e5:24:82:29:b9:
5b:12:4a:bc:c3:73:32:38:f4:76:6a:40:b1:4f:66:50:fd:e8:
e9:5e:98:2a:66:aa:10:ea:3e:8c:b1:bd:98:aa:f7:74:99:77:
39:3d:6f:2e:19:1a:d0:a2:31:67:57:a4:be:60:ab:c1:5a:c3:
5a:db:a1:ef:1b:7e:67:12:e6:1a:8a:5c:6d:3f:b6:29:c3:bc:
eb:48:73:c4:06:0f:cc:bf:c9:0c:71:d7:86:dc:af:20:a6:fb:
27:ed:3b:ea:1b:5d:43:09:1d:b8:55:be:cb:21:80:a3:f4:8d:
9b:03:55:f7:d8:9d:93:a1:3c:1d:7e:53:c5:cf:59:0f:1d:a7:
d8:4d:76:d8:04:fc:53:06:e6:a0:60:78:de:e3:c6:32:ac:51:
65:ed:f4:95:3d:a9:e4:3f:f1:3c:8c:7f:32:ac:a8:fa:f9:c8:
fe:7c:d0:54:ff:59:69:00:3f:54:ad:4d:06:5c:7f:0d:0e:99:
db:5c:30:8a:a2:28:ae:95:14:42:3f:c9:c2:02:c1:1e:f6:b9:
37:a1:30:35
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUVk+sV7YYCZ7xgwZCcBTqnjTXqB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTExNTIxMDdaFw0yNjAxMTAxNTI2MDdaMDMxMTAvBgNV
BAMTKDcwNkFGRUQ4MDU0RTNEQ0M2NzMwNUU5OUQ4RkE4OThBQzNGODE4RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXLfP35b2BCf8bFD6rW0UH3lL4
CR7mJFpS2yT4T8x2gWab9qBVMaIWf5xHEd8WeDESvHBjyLnagR3WtMWNqxaRP8HL
E3FfOdWkV6k4svynpmpPJc8drBV97Yih8goNAq7yYcR0wkhJEorXv0U8PItw3mMK
ZBbpR7U1KxRWyeX0aMen6aEH1UWY7AtJHBvAVvL8eo0/YY31P5HTbObd6zW6uZhm
6Tg3QNbsCK8/je2r8gNBXzxKzKoTr6Blr0q6RohFxW8J86BGNlNmQmEn1Iy+IbMx
8/6Ks9jFByfiZ54R6IXAO42BT7AKNlcaMaxEjcS8m6jePoLb8Bo0pycbf7NJAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUcGr+2AVOPcxnMF6Z2PqJisP4GOUwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzOTM0MmUzMzM0MmUzMjM1
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCIvww
DQYJKoZIhvcNAQELBQADggEBAKYayUcbHt6fCD2o+k2Xo8nS6Yot3EigYCbyTHdg
laerhxUoKWf2Y6GcBnFSJEp3ilTlJIIpuVsSSrzDczI49HZqQLFPZlD96OlemCpm
qhDqPoyxvZiq93SZdzk9by4ZGtCiMWdXpL5gq8Faw1rboe8bfmcS5hqKXG0/tinD
vOtIc8QGD8y/yQxx14bcryCm+yftO+obXUMJHbhVvsshgKP0jZsDVffYnZOhPB1+
U8XPWQ8dp9hNdtgE/FMG5qBgeN7jxjKsUWXt9JU9qeQ/8TyMfzKsqPr5yP580FT/
WWkAP1StTQZcfw0OmdtcMIqiKK6VFEI/ycICwR72uTehMDU=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:37:57 2025 by rpki-client