Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20383334.roa
File: 38352e3131372e3233302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: YhLHaPaP1s3HOwu6ReU6T5SeX7pg779qAdM5hzpLq/0=
Subject key identifier: AD:DA:B2:85:57:FB:84:3C:F6:7B:1F:97:A2:78:AF:81:8F:CE:91:73
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 0BB5756F0DBFA1E69389EF762B52C6D868882414
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20383334.roa
Signing time: Wed 12 Mar 2025 09:53:41 +0000
ROA not before: Wed 12 Mar 2025 09:48:41 +0000
ROA not after: Wed 11 Mar 2026 09:53:41 +0000
asID: 834
IP address blocks: 85.117.230.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Mar 2025 12:53:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:b5:75:6f:0d:bf:a1:e6:93:89:ef:76:2b:52:c6:d8:68:88:24:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Mar 12 09:48:41 2025 GMT
Not After : Mar 11 09:53:41 2026 GMT
Subject: CN=ADDAB28557FB843CF67B1F97A278AF818FCE9173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:39:62:38:a0:f4:75:5a:5c:eb:91:77:87:cb:
a3:91:38:75:e1:37:93:14:b4:22:ea:15:5c:00:c8:
63:25:48:7c:6a:5f:fb:61:2b:8a:83:a6:7b:8f:61:
ad:7c:17:0e:b2:53:4c:ef:22:1e:bd:95:d1:21:3f:
96:36:17:79:17:09:e7:43:b7:4a:13:04:64:0c:0b:
9b:7c:e0:f1:d7:06:d8:f1:c5:25:b9:3d:33:0d:6a:
40:b2:c9:8f:d5:c3:c3:17:e7:9b:77:f4:fd:be:a7:
4c:28:f4:50:7e:51:61:c3:ce:4e:dc:48:75:e8:df:
10:bd:95:6e:e2:56:c7:22:94:0f:22:cd:d7:62:d8:
c3:16:f2:1f:cb:78:4c:27:76:ba:58:49:d2:5a:0d:
63:b2:05:75:c1:64:58:df:0c:a4:71:8c:8d:6d:e0:
ac:3f:fa:91:51:a3:e3:d4:3c:a0:7d:2c:14:2d:cf:
7a:1d:42:f7:d5:51:8d:62:a7:55:a4:26:38:7b:77:
73:9e:08:e2:7e:8d:40:60:c2:5d:3b:8d:c8:fb:90:
f1:9b:80:a1:a0:3b:2b:55:b1:24:2c:5f:02:e9:94:
3d:45:7f:f3:0c:d6:a6:d4:be:8a:3f:be:4b:24:3d:
c0:38:50:cd:97:97:23:ed:92:ab:6d:95:70:04:aa:
21:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:DA:B2:85:57:FB:84:3C:F6:7B:1F:97:A2:78:AF:81:8F:CE:91:73
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/38352e3131372e3233302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.230.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:0e:91:ee:4c:c8:7a:52:56:4a:1b:a5:c7:17:6f:9f:92:67:
0a:f1:5d:4b:11:a4:09:1e:5a:10:81:11:37:70:95:89:d1:4c:
f6:fb:42:bf:88:36:42:ae:b5:57:23:da:ba:f8:84:cd:05:fb:
5c:33:33:33:2d:2d:6d:ca:28:70:10:67:af:cb:ab:40:31:71:
13:33:32:08:9d:30:9e:2b:e9:8f:30:82:f9:d7:bc:ac:b6:3c:
ad:6b:9b:81:f5:c9:49:a2:c4:f4:2f:21:b1:53:fe:cf:e8:53:
66:36:b8:e2:2d:03:88:7e:de:23:d2:4a:53:80:02:9b:fd:86:
d0:22:06:ce:81:16:fc:c7:e8:d4:18:c8:c6:01:a6:00:5b:58:
64:6a:75:6f:af:51:b1:b1:8f:83:80:65:87:ed:5d:01:5f:f7:
38:be:64:4d:86:62:e8:03:52:4a:74:a9:53:3e:42:8d:04:9e:
fd:b8:ac:76:9f:da:f3:ea:1d:0c:4e:44:70:fa:bc:22:51:59:
56:98:b7:70:8e:bc:8f:26:89:24:4f:e4:96:de:7a:f3:8f:7c:
7c:24:2f:f1:78:3e:81:a4:a6:81:5d:f3:5c:0f:6a:56:89:e9:
5e:e4:38:9e:9d:45:37:1e:0d:d1:82:6d:41:3c:b3:3b:eb:98:
9b:a1:3a:6a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUC7V1bw2/oeaTie92K1LG2GiIJBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTAzMTIwOTQ4NDFaFw0yNjAzMTEwOTUzNDFaMDMxMTAvBgNV
BAMTKEFEREFCMjg1NTdGQjg0M0NGNjdCMUY5N0EyNzhBRjgxOEZDRTkxNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTOWI4oPR1WlzrkXeHy6OROHXh
N5MUtCLqFVwAyGMlSHxqX/thK4qDpnuPYa18Fw6yU0zvIh69ldEhP5Y2F3kXCedD
t0oTBGQMC5t84PHXBtjxxSW5PTMNakCyyY/Vw8MX55t39P2+p0wo9FB+UWHDzk7c
SHXo3xC9lW7iVscilA8izddi2MMW8h/LeEwndrpYSdJaDWOyBXXBZFjfDKRxjI1t
4Kw/+pFRo+PUPKB9LBQtz3odQvfVUY1ip1WkJjh7d3OeCOJ+jUBgwl07jcj7kPGb
gKGgOytVsSQsXwLplD1Ff/MM1qbUvoo/vkskPcA4UM2XlyPtkqttlXAEqiEXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUrdqyhVf7hDz2ex+XonivgY/OkXMwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzgzNTJlMzEzMTM3MmUzMjMz
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVdeYw
DQYJKoZIhvcNAQELBQADggEBADwOke5MyHpSVkobpccXb5+SZwrxXUsRpAkeWhCB
ETdwlYnRTPb7Qr+INkKutVcj2rr4hM0F+1wzMzMtLW3KKHAQZ6/Lq0AxcRMzMgid
MJ4r6Y8wgvnXvKy2PK1rm4H1yUmixPQvIbFT/s/oU2Y2uOItA4h+3iPSSlOAApv9
htAiBs6BFvzH6NQYyMYBpgBbWGRqdW+vUbGxj4OAZYftXQFf9zi+ZE2GYugDUkp0
qVM+Qo0Env24rHaf2vPqHQxORHD6vCJRWVaYt3COvI8miSRP5JbeevOPfHwkL/F4
PoGkpoFd81wPalaJ6V7kOJ6dRTceDdGCbUE8szvrmJuhOmo=
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:39:47 2025 by rpki-client