Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20383334.roa
File: 38352e3131372e3232392e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 304w+2mVt2tGDO4pesKMYYBHuIPaxj4/xjCxmnbBFKE=
Subject key identifier: A1:8A:44:D8:CE:E8:94:7F:D9:77:D3:DE:AE:1A:2E:7B:F3:B1:35:98
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 522FF990350C40DC6230873C58BE7B00AB954B24
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20383334.roa
Signing time: Fri 10 Jan 2025 14:56:32 +0000
ROA not before: Fri 10 Jan 2025 14:51:32 +0000
ROA not after: Fri 09 Jan 2026 14:56:32 +0000
asID: 834
IP address blocks: 85.117.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 14:55:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:2f:f9:90:35:0c:40:dc:62:30:87:3c:58:be:7b:00:ab:95:4b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Jan 10 14:51:32 2025 GMT
Not After : Jan 9 14:56:32 2026 GMT
Subject: CN=A18A44D8CEE8947FD977D3DEAE1A2E7BF3B13598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:12:95:a2:a8:53:64:a7:63:41:e6:0b:ce:79:
cd:21:23:48:06:5e:86:13:2c:d3:6e:12:ed:b0:12:
2c:03:0c:3e:85:c0:7f:a7:ed:83:b7:35:7a:1d:88:
ee:07:78:06:31:fc:cc:b5:dc:10:4e:3c:65:5e:c7:
e1:e8:0f:0e:a9:8c:d3:9c:3e:c2:5a:47:64:ac:5c:
c4:74:67:c3:80:6f:dd:a9:23:09:19:d5:f7:d1:8a:
59:2e:7f:74:96:3f:31:38:77:0d:06:74:47:56:74:
f3:da:4a:5e:be:87:b4:0f:2b:98:96:59:b1:1a:31:
8a:30:25:49:2c:bb:d0:16:3c:e7:51:e2:65:22:fc:
17:08:a0:59:f5:6a:06:30:20:1e:5f:90:f0:a9:7d:
d6:a7:32:94:8e:33:94:2f:84:86:54:08:62:44:7d:
7a:a8:3b:33:b4:2f:8e:05:89:4c:4c:c6:fb:17:fb:
39:1c:bc:d3:97:2f:df:5c:a0:f4:df:1c:66:a4:e6:
cf:c0:d4:36:a8:42:a6:1e:c0:22:1d:26:8f:d5:7e:
34:8c:5a:75:ab:11:2f:39:f3:6f:9e:a2:a7:44:32:
7e:45:f7:3e:3d:47:f9:fd:9c:2b:a8:77:f9:ae:42:
35:30:24:b0:4a:76:ff:49:8c:1a:d7:b2:ad:57:4a:
47:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:8A:44:D8:CE:E8:94:7F:D9:77:D3:DE:AE:1A:2E:7B:F3:B1:35:98
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3232392e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.229.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:45:54:97:e7:9c:12:c2:37:9e:fb:fe:7e:13:01:c9:94:a7:
43:8d:98:ec:73:aa:91:dc:68:ad:58:a2:a2:0e:08:4e:ae:82:
0e:6c:e9:a1:2f:69:9c:b9:bc:11:08:d7:18:ab:f0:72:00:b8:
ac:0c:8b:6c:51:8e:f8:42:f3:00:55:92:7f:6f:77:d2:a5:88:
7a:29:51:26:e1:fe:f4:85:79:3e:d2:94:3c:29:1f:29:e6:6b:
a2:49:3b:bd:0d:73:5d:14:88:ad:5a:21:19:04:3e:ea:ed:16:
4e:e9:8e:ae:85:8b:bf:fe:a4:0b:5f:f0:7b:bd:b8:81:4e:1c:
44:72:13:50:35:b1:87:37:37:5a:00:a5:82:95:e1:a3:5a:53:
9c:68:93:00:51:c7:16:00:72:54:94:8c:a3:7e:d9:cc:bf:27:
61:a2:0f:35:19:90:dc:b4:0f:6e:50:2c:58:74:ba:fc:51:82:
e0:31:85:55:2d:dd:30:8f:c2:48:e2:9d:30:96:c7:16:4b:47:
1e:e7:62:ab:bf:be:3e:47:b3:5b:4a:06:03:1b:8f:1c:a3:fe:
41:d4:fc:9d:49:00:ac:55:3d:e6:e6:0e:8f:1a:ab:bd:6d:fe:
43:17:a1:88:d3:22:99:7e:ec:36:23:78:49:eb:64:4e:76:88:
06:e7:ea:ed
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUUi/5kDUMQNxiMIc8WL57AKuVSyQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAxMTAxNDUxMzJaFw0yNjAxMDkxNDU2MzJaMDMxMTAvBgNV
BAMTKEExOEE0NEQ4Q0VFODk0N0ZEOTc3RDNERUFFMUEyRTdCRjNCMTM1OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVEpWiqFNkp2NB5gvOec0hI0gG
XoYTLNNuEu2wEiwDDD6FwH+n7YO3NXodiO4HeAYx/My13BBOPGVex+HoDw6pjNOc
PsJaR2SsXMR0Z8OAb92pIwkZ1ffRilkuf3SWPzE4dw0GdEdWdPPaSl6+h7QPK5iW
WbEaMYowJUksu9AWPOdR4mUi/BcIoFn1agYwIB5fkPCpfdanMpSOM5QvhIZUCGJE
fXqoOzO0L44FiUxMxvsX+zkcvNOXL99coPTfHGak5s/A1DaoQqYewCIdJo/VfjSM
WnWrES8582+eoqdEMn5F9z49R/n9nCuod/muQjUwJLBKdv9JjBrXsq1XSkc7AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUoYpE2M7olH/Zd9Perhoue/OxNZgwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMy
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVdeUw
DQYJKoZIhvcNAQELBQADggEBAItFVJfnnBLCN577/n4TAcmUp0ONmOxzqpHcaK1Y
oqIOCE6ugg5s6aEvaZy5vBEI1xir8HIAuKwMi2xRjvhC8wBVkn9vd9KliHopUSbh
/vSFeT7SlDwpHynma6JJO70Nc10UiK1aIRkEPurtFk7pjq6Fi7/+pAtf8Hu9uIFO
HERyE1A1sYc3N1oApYKV4aNaU5xokwBRxxYAclSUjKN+2cy/J2GiDzUZkNy0D25Q
LFh0uvxRguAxhVUt3TCPwkjinTCWxxZLRx7nYqu/vj5Hs1tKBgMbjxyj/kHU/J1J
AKxVPebmDo8aq71t/kMXoYjTIpl+7DYjeEnrZE52iAbn6u0=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:36:19 2025 by rpki-client