Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e20383334.roa
File: 3138352e3235302e34302e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: 5Uix5bDQtTEIDG3ONyrpN8y2O7PmTfob22b1y88t5Ig=
Subject key identifier: F6:95:F6:51:73:AE:DA:EE:0E:17:9B:68:64:95:FB:9A:83:A2:9B:B9
Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Certificate serial: 3D0599D4757F8AC9C320EE34E6522F9124DA6A6C
Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e20383334.roa
Signing time: Mon 17 Feb 2025 00:00:28 +0000
ROA not before: Sun 16 Feb 2025 23:55:28 +0000
ROA not after: Mon 16 Feb 2026 00:00:28 +0000
asID: 834
IP address blocks: 185.250.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 07:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:05:99:d4:75:7f:8a:c9:c3:20:ee:34:e6:52:2f:91:24:da:6a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce
Validity
Not Before: Feb 16 23:55:28 2025 GMT
Not After : Feb 16 00:00:28 2026 GMT
Subject: CN=F695F65173AEDAEE0E179B686495FB9A83A29BB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:95:1c:d8:b5:60:b9:23:b6:c6:55:4c:f8:f2:
c8:c7:88:ed:bc:fd:12:1a:61:fc:53:10:fe:2b:d7:
87:d3:8d:b3:37:3c:ea:6f:c2:7e:82:57:87:c9:95:
d0:50:35:9e:f4:ef:a3:56:ed:f8:34:aa:de:24:b0:
31:d2:b6:46:ef:4e:83:97:17:97:a1:a9:3f:77:e6:
94:ba:1d:f7:62:a1:8d:07:02:9c:a1:ee:5b:13:e9:
5e:c5:a4:78:0d:54:70:19:43:48:1b:89:c9:54:2a:
e5:44:d0:b4:9d:f0:6b:0f:02:16:e4:0b:2f:cf:1c:
b0:39:4f:a2:b2:9a:91:a9:4b:4c:97:2b:3c:4d:22:
4c:0c:19:b0:1e:60:d9:7c:8e:4b:da:76:a6:bb:4f:
a0:0f:65:92:db:b7:75:7b:d0:8c:42:06:af:14:f5:
34:32:1f:d5:89:cb:70:f7:57:f4:98:e2:76:d5:b0:
12:ed:65:7f:47:84:ed:a0:4c:2a:9c:be:e4:00:8a:
32:d9:a2:53:92:4c:90:1d:c1:d2:ee:e4:21:25:fb:
73:ab:6b:9b:25:3b:41:2f:9e:00:4e:d9:83:79:4c:
a5:bc:57:1b:98:2b:27:b1:db:22:0e:72:fb:3b:2e:
ae:2e:9d:fd:1b:ce:3a:fd:6d:c1:5d:b5:56:e4:37:
2b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:95:F6:51:73:AE:DA:EE:0E:17:9B:68:64:95:FB:9A:83:A2:9B:B9
X509v3 Authority Key Identifier:
keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/3138352e3235302e34302e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.40.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f2:02:f9:a6:80:1b:e5:db:71:ff:10:7f:71:c0:39:ad:ae:
4c:9d:8f:89:1f:47:64:e5:76:0b:a2:76:68:33:fe:6c:aa:a6:
09:6a:e0:bb:c0:c1:bc:27:94:80:49:63:cd:ed:b2:d7:5f:bd:
2f:0e:c3:d0:59:c3:be:c6:dc:e3:59:0b:22:66:53:15:7d:42:
29:77:b5:c7:d1:fc:12:60:98:54:df:74:09:28:12:10:6c:8b:
23:e9:62:01:69:b2:bc:12:bf:48:53:2a:dd:68:3a:20:8c:0f:
7d:bf:97:d4:bd:15:55:eb:f8:bf:04:d8:ec:d6:a3:04:4f:a4:
35:d1:f1:7a:c7:27:ab:52:de:b3:5b:28:a4:42:b0:78:90:82:
06:4f:95:84:d5:ce:25:8b:96:ee:2f:c1:64:91:a1:4b:0c:25:
44:13:1b:32:2e:d1:a1:9d:d3:9f:a1:aa:7d:6a:e7:88:c7:8c:
0e:a4:29:9e:78:88:d5:29:69:ce:15:65:62:c9:60:8f:1f:bf:
6f:40:48:6c:3f:48:4f:d4:10:1c:71:8d:42:b4:50:ee:54:47:
bb:80:94:1f:57:c4:ad:14:d3:6b:02:64:1e:7d:d3:c9:4f:6b:
aa:dd:ad:14:e2:06:2e:9c:f1:52:7d:e4:cb:9c:b2:94:d1:11:
59:df:31:f4
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPQWZ1HV/isnDIO405lIvkSTaamwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi
YWFmNjRjZTAeFw0yNTAyMTYyMzU1MjhaFw0yNjAyMTYwMDAwMjhaMDMxMTAvBgNV
BAMTKEY2OTVGNjUxNzNBRURBRUUwRTE3OUI2ODY0OTVGQjlBODNBMjlCQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9lRzYtWC5I7bGVUz48sjHiO28
/RIaYfxTEP4r14fTjbM3POpvwn6CV4fJldBQNZ7076NW7fg0qt4ksDHStkbvToOX
F5ehqT935pS6HfdioY0HApyh7lsT6V7FpHgNVHAZQ0gbiclUKuVE0LSd8GsPAhbk
Cy/PHLA5T6KympGpS0yXKzxNIkwMGbAeYNl8jkvadqa7T6APZZLbt3V70IxCBq8U
9TQyH9WJy3D3V/SY4nbVsBLtZX9HhO2gTCqcvuQAijLZolOSTJAdwdLu5CEl+3Or
a5slO0EvngBO2YN5TKW8VxuYKyex2yIOcvs7Lq4unf0bzjr9bcFdtVbkNyu5AgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU9pX2UXOu2u4OF5toZJX7moOim7kwHwYDVR0j
BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj
ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx
dlpNNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt
YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzEzODM1MmUzMjM1MzAyZTM0
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5+igw
DQYJKoZIhvcNAQELBQADggEBABTyAvmmgBvl23H/EH9xwDmtrkydj4kfR2Tldgui
dmgz/myqpglq4LvAwbwnlIBJY83tstdfvS8Ow9BZw77G3ONZCyJmUxV9Qil3tcfR
/BJgmFTfdAkoEhBsiyPpYgFpsrwSv0hTKt1oOiCMD32/l9S9FVXr+L8E2OzWowRP
pDXR8XrHJ6tS3rNbKKRCsHiQggZPlYTVziWLlu4vwWSRoUsMJUQTGzIu0aGd05+h
qn1q54jHjA6kKZ54iNUpac4VZWLJYI8fv29ASGw/SE/UEBxxjUK0UO5UR7uAlB9X
xK0U02sCZB5908lPa6rdrRTiBi6c8VJ95MucspTREVnfMfQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:54:12 2025 by rpki-client