Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/3134312e39382e34302e302f32332d3233203d3e20323132323338.roa
File: 3134312e39382e34302e302f32332d3233203d3e20323132323338.roa (raw, json)
Hash identifier: I9SmcjTazDZw8qDU79W/XyMaQ3mILf0xgtAns4TUE08=
Subject key identifier: 6B:54:FC:5B:E5:8D:1E:A2:5A:70:40:B1:44:DD:53:D1:28:BA:6A:5A
Certificate issuer: /CN=7e51cac1ce2afe1958b1fb6a6237717b0b5d4810
Certificate serial: 2663D6AEB485D737A9A24D300AB9E609F8F42902
Authority key identifier: 7E:51:CA:C1:CE:2A:FE:19:58:B1:FB:6A:62:37:71:7B:0B:5D:48:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/flHKwc4q_hlYsftqYjdxewtdSBA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/3134312e39382e34302e302f32332d3233203d3e20323132323338.roa
Signing time: Wed 05 Feb 2025 13:27:52 +0000
ROA not before: Wed 05 Feb 2025 13:22:52 +0000
ROA not after: Wed 04 Feb 2026 13:27:52 +0000
asID: 212238
IP address blocks: 141.98.40.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 05 Mar 2025 00:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:63:d6:ae:b4:85:d7:37:a9:a2:4d:30:0a:b9:e6:09:f8:f4:29:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e51cac1ce2afe1958b1fb6a6237717b0b5d4810
Validity
Not Before: Feb 5 13:22:52 2025 GMT
Not After : Feb 4 13:27:52 2026 GMT
Subject: CN=6B54FC5BE58D1EA25A7040B144DD53D128BA6A5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4e:07:3c:0f:1d:ba:71:e1:b3:9e:ee:57:e3:
13:47:7b:d6:d9:0d:f2:0e:29:08:78:5e:ae:47:94:
90:93:c6:bb:85:f2:ef:ce:83:db:6c:82:bf:fb:a2:
95:17:47:36:06:bb:4e:4e:65:e6:c1:e1:52:2c:52:
c0:b8:41:3e:54:e8:8d:2c:b9:a9:62:0a:08:68:9c:
e7:e2:90:5c:66:51:30:8f:83:2e:5a:51:f4:5d:ad:
a3:7a:36:a8:f1:83:79:be:2a:a5:78:fd:c8:fc:2a:
6a:e6:1f:9b:be:6b:db:ce:35:34:7a:9f:46:94:d1:
d1:8e:a4:b2:2f:8d:4e:0e:d5:91:c0:9e:dc:95:29:
dd:79:da:7b:3a:a0:78:81:cf:10:85:06:28:95:7a:
75:7c:72:e0:cc:ea:e6:f3:44:70:39:00:51:47:77:
49:29:aa:8f:ee:51:3b:95:19:20:d4:47:70:38:9b:
3c:5e:6a:d4:12:42:b1:da:ed:79:98:fe:0d:0b:8f:
a6:4e:40:c3:e9:e3:83:ce:e6:97:cd:9e:54:e4:c2:
cf:e5:23:64:64:b5:42:0c:39:9b:45:aa:53:60:fa:
e9:fd:11:6c:f9:b3:af:68:7c:b7:31:52:b9:8b:3d:
31:92:51:37:3e:6e:3d:56:88:42:57:07:0b:3d:6f:
61:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:54:FC:5B:E5:8D:1E:A2:5A:70:40:B1:44:DD:53:D1:28:BA:6A:5A
X509v3 Authority Key Identifier:
keyid:7E:51:CA:C1:CE:2A:FE:19:58:B1:FB:6A:62:37:71:7B:0B:5D:48:10
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/7E51CAC1CE2AFE1958B1FB6A6237717B0B5D4810.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/flHKwc4q_hlYsftqYjdxewtdSBA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/881b7f08-dd94-4cd0-aa38-8512f152bd32/0/3134312e39382e34302e302f32332d3233203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.40.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:b3:9d:c6:4d:26:7f:81:f5:9a:f3:62:35:f0:dd:82:2a:40:
96:ae:dc:52:f3:5d:fc:a1:75:e0:55:a9:85:09:bb:47:76:0d:
44:e1:82:82:a7:d6:8f:85:32:b1:f4:34:e7:e4:fb:ab:87:57:
20:9b:d8:21:6d:52:0e:ad:0c:ba:50:77:db:a9:86:d8:e0:5f:
cd:d6:34:f6:6e:d5:eb:cb:69:7a:cf:32:15:81:4c:c4:bd:f5:
5e:15:4f:76:74:72:87:48:c2:02:57:44:41:26:ae:89:fe:cc:
7a:9e:9d:30:8a:21:cc:b1:0b:33:a4:d4:6f:db:fb:18:52:0e:
4f:dd:82:1a:b0:11:2f:90:8c:9f:ea:af:ba:71:45:cd:b0:63:
e0:0d:52:0e:98:d8:89:88:e9:f6:f8:12:18:c6:7f:17:77:e7:
df:16:66:ab:3e:11:07:44:56:5e:29:b3:e6:78:e7:f6:71:a9:
b4:46:a3:9d:c0:b2:6e:83:e3:54:2f:38:1b:ca:2d:80:53:cb:
ac:29:23:d6:44:d6:7d:8b:e8:a3:a6:ed:4d:34:9b:b6:42:95:
1a:87:15:ef:c5:b1:d2:8d:50:6a:e4:25:72:03:5e:a6:07:01:
26:aa:ea:f6:8d:e9:f7:1c:5e:db:93:75:b8:99:a2:fe:2d:9f:
d3:99:8c:21
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJmPWrrSF1zepok0wCrnmCfj0KQIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2U1MWNhYzFjZTJhZmUxOTU4YjFmYjZhNjIzNzcxN2Iw
YjVkNDgxMDAeFw0yNTAyMDUxMzIyNTJaFw0yNjAyMDQxMzI3NTJaMDMxMTAvBgNV
BAMTKDZCNTRGQzVCRTU4RDFFQTI1QTcwNDBCMTQ0REQ1M0QxMjhCQTZBNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChTgc8Dx26ceGznu5X4xNHe9bZ
DfIOKQh4Xq5HlJCTxruF8u/Og9tsgr/7opUXRzYGu05OZebB4VIsUsC4QT5U6I0s
ualiCghonOfikFxmUTCPgy5aUfRdraN6Nqjxg3m+KqV4/cj8KmrmH5u+a9vONTR6
n0aU0dGOpLIvjU4O1ZHAntyVKd152ns6oHiBzxCFBiiVenV8cuDM6ubzRHA5AFFH
d0kpqo/uUTuVGSDUR3A4mzxeatQSQrHa7XmY/g0Lj6ZOQMPp44PO5pfNnlTkws/l
I2RktUIMOZtFqlNg+un9EWz5s69ofLcxUrmLPTGSUTc+bj1WiEJXBws9b2F7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUa1T8W+WNHqJacECxRN1T0Si6alowHwYDVR0j
BBgwFoAUflHKwc4q/hlYsftqYjdxewtdSBAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODgxYjdmMDgtZGQ5NC00Y2QwLWFhMzgtODUxMmYxNTJi
ZDMyLzAvN0U1MUNBQzFDRTJBRkUxOTU4QjFGQjZBNjIzNzcxN0IwQjVENDgxMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2ZsSEt3YzRxX2hsWXNmdHFZamR4ZXd0
ZFNCQS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODgxYjdmMDgt
ZGQ5NC00Y2QwLWFhMzgtODUxMmYxNTJiZDMyLzAvMzEzNDMxMmUzOTM4MmUzNDMw
MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzMTMyMzIzMzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
jWIoMA0GCSqGSIb3DQEBCwUAA4IBAQC9s53GTSZ/gfWa82I18N2CKkCWrtxS8138
oXXgVamFCbtHdg1E4YKCp9aPhTKx9DTn5Purh1cgm9ghbVIOrQy6UHfbqYbY4F/N
1jT2btXry2l6zzIVgUzEvfVeFU92dHKHSMICV0RBJq6J/sx6np0wiiHMsQszpNRv
2/sYUg5P3YIasBEvkIyf6q+6cUXNsGPgDVIOmNiJiOn2+BIYxn8Xd+ffFmarPhEH
RFZeKbPmeOf2cam0RqOdwLJug+NULzgbyi2AU8usKSPWRNZ9i+ijpu1NNJu2QpUa
hxXvxbHSjVBq5CVyA16mBwEmqur2jen3HF7bk3W4maL+LZ/TmYwh
-----END CERTIFICATE-----
Generated at Sat Apr 5 04:34:04 2025 by rpki-client