Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32302e302f32342d3234203d3e203432363839.roa
File: 3139342e32362e32302e302f32342d3234203d3e203432363839.roa (raw, json)
Hash identifier: JaY7leQyqD7TafHM1w9O7ZFll0x7F/ScQAl/06fkEWc=
Subject key identifier: A8:C0:32:3C:36:02:10:41:70:EF:9A:2B:07:89:E4:45:5F:1A:8B:A5
Certificate issuer: /CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Certificate serial: 4BAE67D81551DE479110DF8BB2609418216DACC5
Authority key identifier: 45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32302e302f32342d3234203d3e203432363839.roa
Signing time: Tue 25 Mar 2025 06:19:57 +0000
ROA not before: Tue 25 Mar 2025 06:14:57 +0000
ROA not after: Tue 24 Mar 2026 06:19:57 +0000
asID: 42689
IP address blocks: 194.26.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 13:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:ae:67:d8:15:51:de:47:91:10:df:8b:b2:60:94:18:21:6d:ac:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45e8648e445dccd0d8ee699f5140bb814e43ae1b
Validity
Not Before: Mar 25 06:14:57 2025 GMT
Not After : Mar 24 06:19:57 2026 GMT
Subject: CN=A8C0323C3602104170EF9A2B0789E4455F1A8BA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ee:9b:81:34:13:c7:11:ba:ab:4a:03:3a:57:
85:9f:0f:08:b3:10:8d:27:05:ca:eb:e1:01:f9:c7:
cf:d8:5e:57:be:6b:5c:fe:6b:c9:b4:ca:17:2b:9e:
39:49:ac:bd:17:ec:ca:81:d1:f2:56:25:71:a5:3e:
5b:06:3e:74:ea:36:3c:aa:3b:e2:54:06:a9:15:c9:
ec:d0:21:cc:be:fa:68:f3:0f:13:a3:f2:61:dc:06:
8c:a7:0f:47:a7:0f:75:d0:fd:61:a1:ff:41:71:0e:
51:83:af:ec:3e:88:9a:cc:d9:ad:0b:3f:58:82:04:
b9:9a:16:57:df:8f:b2:52:1e:1c:16:46:56:3c:2b:
22:06:87:11:8f:6b:1a:e0:f7:45:95:99:40:74:ec:
2a:3e:88:28:fe:97:f7:0d:21:6d:e3:8f:0e:4e:32:
6c:d8:79:b8:38:36:be:8e:33:66:3b:51:c5:c9:13:
db:59:f4:b6:4a:f5:64:cf:ff:44:67:59:8e:55:01:
ef:e4:80:53:38:16:33:c8:ce:88:e1:4a:3b:ce:4a:
0b:28:24:15:a7:9c:a7:b1:e4:5e:5c:e3:22:14:01:
eb:af:ed:ab:6a:e9:05:aa:50:29:ce:9d:8d:1c:9b:
1a:a4:56:91:09:9f:33:a5:65:80:00:66:01:53:d9:
93:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C0:32:3C:36:02:10:41:70:EF:9A:2B:07:89:E4:45:5F:1A:8B:A5
X509v3 Authority Key Identifier:
keyid:45:E8:64:8E:44:5D:CC:D0:D8:EE:69:9F:51:40:BB:81:4E:43:AE:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/45E8648E445DCCD0D8EE699F5140BB814E43AE1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RehkjkRdzNDY7mmfUUC7gU5Drhs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/933b2fd7-31c1-451c-8288-c1aa0aa12750/0/3139342e32362e32302e302f32342d3234203d3e203432363839.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.20.0/24
Signature Algorithm: sha256WithRSAEncryption
49:57:8d:cf:72:d3:59:29:b5:61:61:17:0c:94:22:29:74:ce:
06:53:a2:e7:75:29:fc:95:90:16:d7:a7:67:01:20:12:50:b0:
1c:93:80:3a:16:7a:fd:57:ad:89:71:93:ed:ca:81:47:91:46:
d4:59:5e:b1:75:24:fa:bf:f2:36:5f:e5:d2:de:cd:67:9e:4e:
b4:78:ce:c8:71:b5:5b:96:d6:b1:38:ae:7e:c4:93:45:01:35:
64:f0:8e:4d:83:3c:ed:83:96:88:11:8a:d2:ca:75:8e:b0:be:
a9:05:c6:3e:81:f9:42:99:db:7e:4f:65:06:c5:20:42:19:4f:
15:25:be:4e:ed:40:15:95:77:38:1c:13:c4:0d:f6:c4:9d:43:
2f:6b:b2:9a:50:71:78:0b:5c:be:d4:ea:02:9e:11:bf:7a:29:
a8:bd:79:08:da:86:43:f4:91:35:af:7e:6b:c8:57:f5:31:69:
aa:0b:4c:c2:52:d7:c1:e8:bb:56:2a:7e:9a:67:9a:4e:c9:1d:
4f:48:00:d4:fb:c5:e3:62:f2:42:eb:2b:53:59:53:16:d8:fb:
69:22:cb:18:4e:8b:45:16:77:7c:73:ad:94:82:58:60:1c:76:
e7:26:9e:5c:4d:e7:7b:94:57:26:3e:eb:c5:5e:ce:c0:84:61:
7f:33:ea:a6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUS65n2BVR3keREN+LsmCUGCFtrMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVlODY0OGU0NDVkY2NkMGQ4ZWU2OTlmNTE0MGJiODE0
ZTQzYWUxYjAeFw0yNTAzMjUwNjE0NTdaFw0yNjAzMjQwNjE5NTdaMDMxMTAvBgNV
BAMTKEE4QzAzMjNDMzYwMjEwNDE3MEVGOUEyQjA3ODlFNDQ1NUYxQThCQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN7puBNBPHEbqrSgM6V4WfDwiz
EI0nBcrr4QH5x8/YXle+a1z+a8m0yhcrnjlJrL0X7MqB0fJWJXGlPlsGPnTqNjyq
O+JUBqkVyezQIcy++mjzDxOj8mHcBoynD0enD3XQ/WGh/0FxDlGDr+w+iJrM2a0L
P1iCBLmaFlffj7JSHhwWRlY8KyIGhxGPaxrg90WVmUB07Co+iCj+l/cNIW3jjw5O
MmzYebg4Nr6OM2Y7UcXJE9tZ9LZK9WTP/0RnWY5VAe/kgFM4FjPIzojhSjvOSgso
JBWnnKex5F5c4yIUAeuv7atq6QWqUCnOnY0cmxqkVpEJnzOlZYAAZgFT2ZOvAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqMAyPDYCEEFw75orB4nkRV8ai6UwHwYDVR0j
BBgwFoAURehkjkRdzNDY7mmfUUC7gU5DrhswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTMzYjJmZDctMzFjMS00NTFjLTgyODgtYzFhYTBhYTEy
NzUwLzAvNDVFODY0OEU0NDVEQ0NEMEQ4RUU2OTlGNTE0MEJCODE0RTQzQUUxQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JlaGtqa1Jkek5EWTdtbWZVVUM3Z1U1
RHJocy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTMzYjJmZDct
MzFjMS00NTFjLTgyODgtYzFhYTBhYTEyNzUwLzAvMzEzOTM0MmUzMjM2MmUzMjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM2MzgzOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIa
FDANBgkqhkiG9w0BAQsFAAOCAQEASVeNz3LTWSm1YWEXDJQiKXTOBlOi53Up/JWQ
FtenZwEgElCwHJOAOhZ6/VetiXGT7cqBR5FG1FlesXUk+r/yNl/l0t7NZ55OtHjO
yHG1W5bWsTiufsSTRQE1ZPCOTYM87YOWiBGK0sp1jrC+qQXGPoH5Qpnbfk9lBsUg
QhlPFSW+Tu1AFZV3OBwTxA32xJ1DL2uymlBxeAtcvtTqAp4Rv3opqL15CNqGQ/SR
Na9+a8hX9TFpqgtMwlLXwei7Vip+mmeaTskdT0gA1PvF42LyQusrU1lTFtj7aSLL
GE6LRRZ3fHOtlIJYYBx25yaeXE3ne5RXJj7rxV7OwIRhfzPqpg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:59:40 2025 by rpki-client