Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20383334.roa
File: 3138352e3234302e3130372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 9vIWZpoMNtQkIUbA1pQfYy3lsc1uDmxu3Grs62DMf94=
Subject key identifier: C2:AE:5B:C6:34:6F:79:47:C4:EB:19:B9:C3:31:0B:FD:73:F9:70:69
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 328DAE103DA77922DF9B180ED1749D3D3DC61C61
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20383334.roa
Signing time: Fri 09 May 2025 00:03:32 +0000
ROA not before: Thu 08 May 2025 23:58:32 +0000
ROA not after: Fri 08 May 2026 00:03:32 +0000
asID: 834
IP address blocks: 185.240.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 May 2025 11:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:8d:ae:10:3d:a7:79:22:df:9b:18:0e:d1:74:9d:3d:3d:c6:1c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: May 8 23:58:32 2025 GMT
Not After : May 8 00:03:32 2026 GMT
Subject: CN=C2AE5BC6346F7947C4EB19B9C3310BFD73F97069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2e:ef:6d:6b:6f:26:fe:bb:bd:78:6e:89:22:
11:03:fa:b3:0f:3d:bc:d8:fb:65:76:9c:4a:4b:d2:
53:3a:dc:d9:5a:01:87:6e:5d:b7:3c:40:e1:5d:28:
92:7e:90:54:8d:08:58:eb:b3:e8:be:76:fe:4c:3b:
b3:dc:43:13:e7:a6:6a:3e:e1:48:69:6d:e5:ac:02:
97:c5:73:35:89:2d:bf:81:eb:85:9f:83:33:6c:87:
4a:31:b5:f1:04:d8:71:6c:13:42:9a:57:d9:d9:8d:
48:fd:47:33:62:02:25:80:eb:1d:67:b8:4c:92:15:
d8:65:f3:9b:c3:b1:33:f5:9b:6f:8e:01:ec:b7:4a:
ae:0c:92:09:de:73:42:9a:f3:2e:e4:af:6f:3b:c2:
b5:7f:23:90:ff:b2:4b:a7:9d:7d:a4:a6:32:3f:06:
4f:6a:ae:cf:0d:76:d9:39:6e:20:57:8f:0b:a0:c8:
63:b6:8a:bd:de:4d:08:3a:72:02:61:82:3c:76:57:
45:80:58:2b:33:f6:9e:ab:2d:ed:f1:b4:a5:b3:7c:
52:fc:92:0e:b2:0a:b4:31:3e:b7:09:fd:76:88:8d:
90:c2:fa:87:c7:b1:96:9e:f8:63:94:c6:e8:e4:c0:
b4:14:e4:59:d5:e9:6a:c5:b7:42:2f:f9:2c:31:94:
1e:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:AE:5B:C6:34:6F:79:47:C4:EB:19:B9:C3:31:0B:FD:73:F9:70:69
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.107.0/24
Signature Algorithm: sha256WithRSAEncryption
28:13:ac:59:cf:ee:3c:ec:32:09:bc:0f:ad:bb:d9:eb:f5:f1:
3a:56:ec:af:90:dc:44:bd:15:22:bf:52:54:e1:ae:ea:89:a9:
dd:7e:db:a0:63:7a:e5:f6:2b:40:f8:d8:35:6e:a7:e6:77:1a:
76:ac:8b:0a:e4:84:6b:9c:be:de:ea:1b:36:6e:b9:cf:8c:ad:
e3:c3:4c:33:46:c4:5a:b0:1b:30:fb:f1:8d:48:cd:b1:b1:0b:
5b:e1:b2:53:5c:5a:b1:a8:f6:0b:5e:3a:43:f3:2e:d5:f7:88:
20:fd:b4:89:02:45:db:62:ff:0c:05:e9:54:9a:12:f0:c5:1e:
53:9e:5a:e1:bb:82:c5:a1:1b:f0:1b:6e:bb:9e:ad:ff:7c:09:
c3:82:1d:f4:4f:9b:97:a4:f8:72:9b:6c:9d:99:9f:0f:00:49:
b0:72:c9:f1:33:43:d5:43:6f:9a:93:b6:46:d3:3d:04:21:fb:
a6:c5:bf:32:c1:50:11:40:79:7d:95:41:ee:8e:22:69:c6:a8:
1d:4b:c2:6a:2e:d9:d0:2e:75:51:16:59:84:0a:34:56:73:f7:
71:fe:ab:e5:0f:b9:68:5c:4f:f2:91:83:c1:3d:b9:07:62:71:
76:4f:21:a3:f8:b8:a0:1a:05:31:8a:5c:60:af:b7:7f:9c:f7:
fb:00:ba:39
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUMo2uED2neSLfmxgO0XSdPT3GHGEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA1MDgyMzU4MzJaFw0yNjA1MDgwMDAzMzJaMDMxMTAvBgNV
BAMTKEMyQUU1QkM2MzQ2Rjc5NDdDNEVCMTlCOUMzMzEwQkZENzNGOTcwNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVLu9ta28m/ru9eG6JIhED+rMP
PbzY+2V2nEpL0lM63NlaAYduXbc8QOFdKJJ+kFSNCFjrs+i+dv5MO7PcQxPnpmo+
4UhpbeWsApfFczWJLb+B64WfgzNsh0oxtfEE2HFsE0KaV9nZjUj9RzNiAiWA6x1n
uEySFdhl85vDsTP1m2+OAey3Sq4Mkgnec0Ka8y7kr287wrV/I5D/skunnX2kpjI/
Bk9qrs8Ndtk5biBXjwugyGO2ir3eTQg6cgJhgjx2V0WAWCsz9p6rLe3xtKWzfFL8
kg6yCrQxPrcJ/XaIjZDC+ofHsZae+GOUxujkwLQU5FnV6WrFt0Iv+SwxlB7XAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwq5bxjRveUfE6xm5wzEL/XP5cGkwHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnw
azANBgkqhkiG9w0BAQsFAAOCAQEAKBOsWc/uPOwyCbwPrbvZ6/XxOlbsr5DcRL0V
Ir9SVOGu6omp3X7boGN65fYrQPjYNW6n5ncadqyLCuSEa5y+3uobNm65z4yt48NM
M0bEWrAbMPvxjUjNsbELW+GyU1xasaj2C146Q/Mu1feIIP20iQJF22L/DAXpVJoS
8MUeU55a4buCxaEb8Btuu56t/3wJw4Id9E+bl6T4cptsnZmfDwBJsHLJ8TND1UNv
mpO2RtM9BCH7psW/MsFQEUB5fZVB7o4iacaoHUvCai7Z0C51URZZhAo0VnP3cf6r
5Q+5aFxP8pGDwT25B2Jxdk8ho/i4oBoFMYpcYK+3f5z3+wC6OQ==
-----END CERTIFICATE-----
Generated at Fri Jun 6 22:25:19 2025 by rpki-client