Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20383334.roa
File: 3138352e342e3232312e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: yHDeHLyLSdyK0xsu7EfGrBg+fYCjVuXFdWER8JTcqY8=
Subject key identifier: 72:DF:0A:FB:77:23:CC:4E:74:AE:50:EE:A3:BE:B3:7B:08:60:56:00
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 1B2A71F86E2DD5EBE7B08765243074F952AAF7F0
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20383334.roa
Signing time: Thu 23 Jan 2025 00:01:08 +0000
ROA not before: Wed 22 Jan 2025 23:56:08 +0000
ROA not after: Thu 22 Jan 2026 00:01:08 +0000
asID: 834
IP address blocks: 185.4.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 10:58:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:2a:71:f8:6e:2d:d5:eb:e7:b0:87:65:24:30:74:f9:52:aa:f7:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Jan 22 23:56:08 2025 GMT
Not After : Jan 22 00:01:08 2026 GMT
Subject: CN=72DF0AFB7723CC4E74AE50EEA3BEB37B08605600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f6:c1:31:b3:69:14:89:8e:fe:80:48:a8:e1:
aa:e4:7e:7a:2f:fe:09:24:34:03:39:fe:5a:ab:3b:
89:4f:52:e8:f2:ff:34:4a:ab:02:8f:1a:3a:2d:51:
5c:48:5e:39:45:51:0c:a5:9f:62:87:38:14:71:f3:
6e:ce:19:2f:fe:be:c6:42:a2:5c:e1:38:72:d0:ab:
d1:24:61:84:59:06:3c:28:0c:a1:a7:c3:c0:8d:aa:
6e:32:9a:dc:2a:34:c5:cf:21:51:08:9e:94:ef:30:
fd:5a:79:7d:d2:3c:96:68:96:38:09:34:c1:f2:f7:
4d:79:af:29:4c:26:06:24:cf:76:f3:74:3a:17:1e:
5d:cc:cb:ca:2a:59:88:12:95:b7:28:07:fa:c7:aa:
0a:c6:e0:1d:af:38:d3:a6:91:f0:27:78:83:1a:6e:
13:fa:91:b1:75:53:ce:5f:05:90:14:14:1c:4b:cb:
6f:18:f6:48:c7:60:6b:21:5d:c7:0b:22:30:c6:03:
fa:5a:6b:1a:61:dd:c2:64:3b:d9:34:3e:82:d1:74:
f9:9a:c4:2b:7c:fb:68:d9:32:18:50:e8:ed:8d:79:
6e:cf:4b:bc:ef:2f:28:2c:d1:c1:dc:41:28:49:d2:
ba:1b:67:75:13:e6:20:45:e4:93:39:f7:88:34:94:
4c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:DF:0A:FB:77:23:CC:4E:74:AE:50:EE:A3:BE:B3:7B:08:60:56:00
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e342e3232312e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.221.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:66:79:f1:58:78:66:27:62:2c:64:0c:6b:2f:a7:98:2e:47:
df:16:ec:1e:cb:dc:96:94:a6:eb:ca:b0:4a:00:cd:94:cd:99:
c4:37:c2:be:31:0a:ac:f1:47:5c:26:78:1c:02:c2:cc:7c:f5:
a1:87:93:d9:73:b9:b3:61:9b:38:b0:5e:47:11:30:b7:fe:52:
ae:8f:65:02:5f:61:33:01:1c:a9:4e:f8:88:54:d6:21:9d:85:
fa:62:7d:65:1b:59:14:ab:75:ac:2b:9f:c5:40:4b:9b:55:6d:
6c:68:54:89:c5:86:ac:3a:85:2a:56:22:16:f7:7b:c7:d1:09:
1f:a8:c4:fa:81:9f:9f:22:e6:a6:70:21:41:2e:d5:90:b0:cf:
3d:51:7b:0f:48:c4:17:13:0d:c5:f8:0e:ba:90:b9:20:d0:12:
7d:9b:d5:a5:be:d8:c1:53:6a:1d:28:33:9e:d6:d7:4f:25:42:
2f:9b:95:d4:4c:f6:0c:32:ad:d6:eb:23:49:7d:c7:f5:af:b8:
1c:cc:1e:60:96:82:4c:21:ea:6e:79:d1:81:00:27:78:79:8d:
6e:a3:6e:44:93:cb:73:00:59:6a:e5:ed:8c:41:32:e8:dd:57:
f5:da:4c:20:8c:47:82:12:0c:d8:f8:b3:11:6e:a3:68:35:a2:
59:f0:a2:08
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUGypx+G4t1evnsIdlJDB0+VKq9/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTAxMjIyMzU2MDhaFw0yNjAxMjIwMDAxMDhaMDMxMTAvBgNV
BAMTKDcyREYwQUZCNzcyM0NDNEU3NEFFNTBFRUEzQkVCMzdCMDg2MDU2MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDh9sExs2kUiY7+gEio4arkfnov
/gkkNAM5/lqrO4lPUujy/zRKqwKPGjotUVxIXjlFUQyln2KHOBRx827OGS/+vsZC
olzhOHLQq9EkYYRZBjwoDKGnw8CNqm4ymtwqNMXPIVEInpTvMP1aeX3SPJZoljgJ
NMHy9015rylMJgYkz3bzdDoXHl3My8oqWYgSlbcoB/rHqgrG4B2vONOmkfAneIMa
bhP6kbF1U85fBZAUFBxLy28Y9kjHYGshXccLIjDGA/paaxph3cJkO9k0PoLRdPma
xCt8+2jZMhhQ6O2NeW7PS7zvLygs0cHcQShJ0robZ3UT5iBF5JM594g0lEztAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUct8K+3cjzE50rlDuo76zewhgVgAwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzNDJlMzIzMjMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQTdMA0G
CSqGSIb3DQEBCwUAA4IBAQCkZnnxWHhmJ2IsZAxrL6eYLkffFuwey9yWlKbryrBK
AM2UzZnEN8K+MQqs8UdcJngcAsLMfPWhh5PZc7mzYZs4sF5HETC3/lKuj2UCX2Ez
ARypTviIVNYhnYX6Yn1lG1kUq3WsK5/FQEubVW1saFSJxYasOoUqViIW93vH0Qkf
qMT6gZ+fIuamcCFBLtWQsM89UXsPSMQXEw3F+A66kLkg0BJ9m9WlvtjBU2odKDOe
1tdPJUIvm5XUTPYMMq3W6yNJfcf1r7gczB5gloJMIepuedGBACd4eY1uo25Ek8tz
AFlq5e2MQTLo3Vf12kwgjEeCEgzY+LMRbqNoNaJZ8KII
-----END CERTIFICATE-----
Generated at Sun Apr 6 09:40:33 2025 by rpki-client