Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212895.roa
File: AS212895.roa (raw, json)
Hash identifier: vBSNafQf5orVtMgGvnur8tnIQ3GFc9mp0VsmYupwh10=
Subject key identifier: 50:6B:DC:1A:10:8B:8A:B0:41:8B:0D:D9:E7:52:64:7E:48:E2:3A:EB
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 77C0DD5E289DECBCC7BDDF04FC7EC49B3A1AF1AC
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212895.roa
Signing time: Fri 24 Jan 2025 04:23:41 +0000
ROA not before: Fri 24 Jan 2025 04:18:41 +0000
ROA not after: Fri 23 Jan 2026 04:23:41 +0000
asID: 212895
IP address blocks: 2a0f:85c1:b71::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 04 Mar 2025 18:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:c0:dd:5e:28:9d:ec:bc:c7:bd:df:04:fc:7e:c4:9b:3a:1a:f1:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jan 24 04:18:41 2025 GMT
Not After : Jan 23 04:23:41 2026 GMT
Subject: CN=506BDC1A108B8AB0418B0DD9E752647E48E23AEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:b0:ed:59:6c:12:80:e3:93:0d:f8:93:62:22:
46:74:81:56:e4:79:f3:25:65:ed:7e:d5:f6:d9:b2:
76:6b:b5:fe:61:53:b8:73:a2:ff:5d:f8:08:1f:44:
1d:04:a2:33:ca:97:39:9e:a3:01:48:9e:ba:2b:5a:
1c:a2:07:bc:8d:a9:c0:3f:8e:48:b1:0d:79:cb:93:
e1:4c:58:a4:eb:7f:67:5c:cd:12:b9:a1:fe:8e:22:
b3:5d:e9:04:8d:f5:33:b9:09:13:13:8c:70:33:67:
83:8b:05:d3:3f:12:fe:c3:eb:d0:36:ff:f0:bd:d7:
37:d0:d8:da:42:e2:b1:0a:7f:3e:55:e9:49:a5:f9:
35:ea:b9:ee:66:ad:3c:74:8f:6b:5f:b1:9f:15:e6:
88:9e:94:3d:97:7c:af:5c:94:32:a2:31:af:fc:4c:
ab:f9:83:af:b8:09:5c:52:0d:c6:21:94:04:16:bc:
cd:62:61:07:76:da:5f:dc:99:3e:29:bc:e2:5e:9d:
52:c6:bd:66:02:fd:a4:95:2c:bb:10:c9:4f:1c:c8:
d1:68:e4:95:8f:26:36:4a:9d:43:76:b1:72:76:ba:
a7:6a:c5:4b:fb:b6:28:56:cf:b7:97:c8:6e:d2:7d:
a4:90:a6:66:45:25:4e:9e:2f:2f:3a:32:4d:a1:38:
59:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:6B:DC:1A:10:8B:8A:B0:41:8B:0D:D9:E7:52:64:7E:48:E2:3A:EB
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS212895.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:b71::/48
Signature Algorithm: sha256WithRSAEncryption
62:43:af:bb:80:6c:6c:83:af:61:32:1a:b6:ef:5e:5b:9e:8d:
a9:f2:65:06:2a:72:c0:e1:4e:36:47:29:96:41:14:2f:a6:4b:
09:4b:74:03:43:8f:c7:40:5f:4a:b4:cd:a0:9c:13:fb:99:04:
9d:f1:5b:fc:d7:2f:5f:78:ac:b1:e5:82:4b:df:a7:08:e0:a5:
e4:f4:c8:22:48:68:9c:91:a3:21:e9:17:ae:a2:24:80:2b:f5:
65:cd:ef:7e:6b:af:11:a2:70:2d:0b:a0:26:67:0f:e7:73:e7:
79:81:4b:fe:3b:a4:d0:5d:7c:34:48:33:6b:5a:74:d1:8d:c2:
7b:bc:01:18:e9:f2:64:43:4d:fc:e5:fc:b8:96:90:ed:c9:96:
0b:f7:f3:8c:a8:1c:b4:7d:a8:ae:42:db:1c:38:e7:bf:e8:3b:
ac:0b:dc:90:92:7d:06:0a:d5:3e:57:67:df:a2:7f:3c:5a:95:
52:c1:53:e9:5d:d6:f3:d5:1c:1e:c5:39:ba:0e:9a:c6:72:a4:
6d:50:c9:b4:b3:6b:eb:4a:e6:29:0b:92:d2:a1:7c:25:bb:45:
eb:d7:9f:de:3e:0b:b9:af:ab:36:89:56:20:20:df:ad:8b:e4:
92:a4:b0:23:1a:10:a5:9c:82:af:6c:ed:cd:c0:9c:11:28:2b:
d0:8e:5a:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUd8DdXiid7LzHvd8E/H7Emzoa8awwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTAxMjQwNDE4NDFaFw0yNjAxMjMwNDIzNDFaMDMxMTAvBgNV
BAMTKDUwNkJEQzFBMTA4QjhBQjA0MThCMEREOUU3NTI2NDdFNDhFMjNBRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQsO1ZbBKA45MN+JNiIkZ0gVbk
efMlZe1+1fbZsnZrtf5hU7hzov9d+AgfRB0EojPKlzmeowFInrorWhyiB7yNqcA/
jkixDXnLk+FMWKTrf2dczRK5of6OIrNd6QSN9TO5CRMTjHAzZ4OLBdM/Ev7D69A2
//C91zfQ2NpC4rEKfz5V6Uml+TXque5mrTx0j2tfsZ8V5oielD2XfK9clDKiMa/8
TKv5g6+4CVxSDcYhlAQWvM1iYQd22l/cmT4pvOJenVLGvWYC/aSVLLsQyU8cyNFo
5JWPJjZKnUN2sXJ2uqdqxUv7tihWz7eXyG7SfaSQpmZFJU6eLy86Mk2hOFm9AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUUGvcGhCLirBBiw3Z51JkfkjiOuswHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEyODk1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg+F
wQtxMA0GCSqGSIb3DQEBCwUAA4IBAQBiQ6+7gGxsg69hMhq2715bno2p8mUGKnLA
4U42RymWQRQvpksJS3QDQ4/HQF9KtM2gnBP7mQSd8Vv81y9feKyx5YJL36cI4KXk
9MgiSGickaMh6ReuoiSAK/Vlze9+a68RonAtC6AmZw/nc+d5gUv+O6TQXXw0SDNr
WnTRjcJ7vAEY6fJkQ0385fy4lpDtyZYL9/OMqBy0faiuQtscOOe/6DusC9yQkn0G
CtU+V2ffon88WpVSwVPpXdbz1RwexTm6DprGcqRtUMm0s2vrSuYpC5LSoXwlu0Xr
15/ePgu5r6s2iVYgIN+ti+SSpLAjGhClnIKvbO3NwJwRKCvQjlpR
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:20:03 2025 by rpki-client