Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
File: 3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: SKhTV84jNI1MhV+XLYyiYmvQWNoZGMyb4/D7Z/xQFXo=
Subject key identifier: 2E:24:67:82:9F:96:C1:1F:1E:5A:4B:E6:5F:C0:CE:13:DA:30:D4:F8
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3DCD9AB5D36719748F30D3CE1E59D59B42D450C2
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
Signing time: Tue 05 Nov 2024 17:43:27 +0000
ROA not before: Tue 05 Nov 2024 17:38:27 +0000
ROA not after: Tue 04 Nov 2025 17:43:27 +0000
asID: 61317
IP address blocks: 185.213.242.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 00:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:cd:9a:b5:d3:67:19:74:8f:30:d3:ce:1e:59:d5:9b:42:d4:50:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Nov 5 17:38:27 2024 GMT
Not After : Nov 4 17:43:27 2025 GMT
Subject: CN=2E2467829F96C11F1E5A4BE65FC0CE13DA30D4F8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8e:6b:c5:e9:1f:2e:90:a7:9a:a5:3b:df:90:
d3:92:5b:44:98:65:42:2d:e4:76:72:f9:68:ae:d4:
e2:48:6e:05:5a:49:a0:e5:bb:62:e1:d5:ec:0b:b9:
5a:cf:7e:63:cc:88:97:d2:aa:27:a4:f8:02:43:bd:
9e:74:73:83:c8:3c:00:f5:58:ad:74:68:9d:ac:70:
7e:ad:ea:5e:d5:66:db:b0:28:7b:39:65:a1:67:4d:
f4:bb:29:e6:09:80:4a:fc:c3:39:ab:67:c1:c4:9b:
d8:6c:c3:82:41:a1:d9:a7:82:6c:c9:95:e3:f0:78:
60:5b:d6:35:5c:14:d0:98:26:8b:43:d1:bd:5c:79:
df:17:2d:06:14:36:ad:7f:71:3f:d0:64:d2:a7:26:
9a:19:04:ef:12:85:08:a4:01:a5:6c:75:e6:3e:55:
74:8e:ff:4a:85:4d:90:3b:3c:5b:a1:9f:43:30:ef:
82:b9:21:4b:2c:97:db:79:b0:66:0c:ca:fe:b3:a4:
7f:3a:52:99:ad:50:cc:ee:76:08:15:3c:27:dd:5d:
1f:6e:fe:40:31:c7:6c:a9:54:1c:1f:5e:e9:a3:41:
ec:25:4c:e9:5d:3b:f9:d7:69:d5:4b:96:e8:82:f3:
5e:51:9d:72:e7:f6:a2:4a:cb:e1:2e:c6:63:bd:d3:
21:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:24:67:82:9F:96:C1:1F:1E:5A:4B:E6:5F:C0:CE:13:DA:30:D4:F8
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234322e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.242.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ed:e8:d0:b4:73:14:ec:00:e9:21:55:09:32:53:fd:33:bc:
fc:73:28:b7:50:c2:c9:04:6c:ad:50:c6:d1:ed:13:03:9f:79:
6e:a1:1c:cb:b9:43:b8:fa:38:a6:d4:77:89:24:c3:17:15:a4:
8c:ce:36:af:56:85:ac:e4:f5:22:4b:e9:70:b1:d0:66:0b:23:
bb:67:1d:da:1a:99:01:55:ad:45:d2:c3:08:8e:38:99:3c:2b:
12:d8:3b:63:49:1c:77:ed:e7:d5:ec:e7:60:1a:d3:99:b1:48:
c1:5f:fc:91:c6:c7:dd:8d:e0:64:c1:ad:32:28:6c:a8:62:e2:
5f:90:81:90:a6:a3:4f:a3:47:d7:78:a4:8e:1e:92:ac:e1:30:
8d:3f:04:ef:a4:61:66:c8:c2:fc:38:61:45:8d:b6:d6:12:b4:
e2:24:90:6a:cb:b4:17:9d:98:3c:d1:11:3e:70:0e:49:81:b9:
e5:85:0e:f7:cf:0f:63:60:d6:ba:b5:fd:ac:55:00:ec:cf:bf:
e5:5f:f0:23:c5:14:20:98:cb:b3:41:0f:34:fe:2c:ad:db:24:
d8:b4:76:76:eb:bd:7a:04:7e:d6:2a:e7:37:b0:b6:2a:94:e0:
94:54:4a:4f:7d:7a:7b:c0:61:7d:16:52:db:a6:c4:33:3b:3e:
45:e3:01:03
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPc2atdNnGXSPMNPOHlnVm0LUUMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNDExMDUxNzM4MjdaFw0yNTExMDQxNzQzMjdaMDMxMTAvBgNV
BAMTKDJFMjQ2NzgyOUY5NkMxMUYxRTVBNEJFNjVGQzBDRTEzREEzMEQ0RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwjmvF6R8ukKeapTvfkNOSW0SY
ZUIt5HZy+Wiu1OJIbgVaSaDlu2Lh1ewLuVrPfmPMiJfSqiek+AJDvZ50c4PIPAD1
WK10aJ2scH6t6l7VZtuwKHs5ZaFnTfS7KeYJgEr8wzmrZ8HEm9hsw4JBodmngmzJ
lePweGBb1jVcFNCYJotD0b1ced8XLQYUNq1/cT/QZNKnJpoZBO8ShQikAaVsdeY+
VXSO/0qFTZA7PFuhn0Mw74K5IUssl9t5sGYMyv6zpH86UpmtUMzudggVPCfdXR9u
/kAxx2ypVBwfXumjQewlTOldO/nXadVLluiC815RnXLn9qJKy+EuxmO90yEVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQULiRngp+WwR8eWkvmX8DOE9ow1PgwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fIwDQYJKoZIhvcNAQELBQADggEBABjt6NC0cxTsAOkhVQkyU/0zvPxzKLdQ
wskEbK1QxtHtEwOfeW6hHMu5Q7j6OKbUd4kkwxcVpIzONq9Whazk9SJL6XCx0GYL
I7tnHdoamQFVrUXSwwiOOJk8KxLYO2NJHHft59Xs52Aa05mxSMFf/JHGx92N4GTB
rTIobKhi4l+QgZCmo0+jR9d4pI4ekqzhMI0/BO+kYWbIwvw4YUWNttYStOIkkGrL
tBedmDzRET5wDkmBueWFDvfPD2Ng1rq1/axVAOzPv+Vf8CPFFCCYy7NBDzT+LK3b
JNi0dnbrvXoEftYq5zewtiqU4JRUSk99envAYX0WUtumxDM7PkXjAQM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:24 2025 by rpki-client