Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20383334.roa
File: 3138352e3232392e3230332e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: UXig/TwCvZA6G46gkMbMCRZRPP6OaLfVARJUIuNH3r0=
Subject key identifier: DB:3D:0D:75:9F:57:94:7C:FC:C5:A2:E0:A2:FA:36:AA:06:F2:EA:AA
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 3C56989EFB606219797F20DC396BDF73CDF92322
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20383334.roa
Signing time: Fri 24 Oct 2025 11:53:45 +0000
ROA not before: Fri 24 Oct 2025 11:48:45 +0000
ROA not after: Fri 23 Oct 2026 11:53:45 +0000
asID: 834
IP address blocks: 185.229.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 26 Oct 2025 13:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:56:98:9e:fb:60:62:19:79:7f:20:dc:39:6b:df:73:cd:f9:23:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Oct 24 11:48:45 2025 GMT
Not After : Oct 23 11:53:45 2026 GMT
Subject: CN=DB3D0D759F57947CFCC5A2E0A2FA36AA06F2EAAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:65:21:32:19:30:54:82:b4:85:a0:2d:21:85:
43:a6:18:0a:08:be:b6:6e:72:54:ca:12:2e:4b:ca:
b3:45:e6:20:b4:8c:a5:3d:f1:da:1d:ba:6c:0b:08:
d4:5c:4b:c5:0d:32:4f:2c:45:f2:34:66:a4:f7:ea:
35:3b:09:e5:94:88:68:77:10:a1:86:5b:55:62:f7:
f4:07:ae:e8:4d:42:71:94:ca:31:c7:95:08:14:52:
f0:a6:8a:e5:e9:0f:05:c8:f0:1c:76:e6:ef:50:48:
9e:98:cc:e5:fc:93:68:81:19:dd:3d:57:6a:22:14:
1a:9e:32:8e:40:9f:af:59:31:2f:44:12:5e:a8:f8:
0a:8c:d0:20:e9:28:92:a4:85:ce:25:ee:68:e0:ac:
ca:ff:4f:50:ba:f6:7a:4e:25:4e:ee:63:9b:d4:89:
2c:73:3b:27:a8:b9:e3:fc:a0:d1:ba:14:29:1b:05:
d2:76:1f:8f:dd:4e:17:c9:4b:81:aa:73:80:9f:f8:
d6:26:b0:3b:6d:07:94:0d:63:1a:a4:7e:67:e8:e3:
06:d8:1b:08:25:d8:1f:91:1a:1c:4e:3c:b5:69:b3:
0c:83:99:f2:be:8b:d9:cf:47:01:9c:99:df:1b:89:
73:25:1a:f7:a5:2f:0a:79:35:f2:2a:04:60:57:50:
02:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3D:0D:75:9F:57:94:7C:FC:C5:A2:E0:A2:FA:36:AA:06:F2:EA:AA
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230332e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.203.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:aa:98:02:ac:33:22:a4:80:d3:3d:9a:19:9b:1d:1f:ca:96:
d5:e5:38:33:a2:7c:62:7b:87:47:7a:80:b6:50:46:94:b6:96:
62:85:28:c2:53:3a:10:23:a7:8f:65:9a:a9:f2:2c:f7:d0:88:
e7:f1:cf:fd:f0:f4:01:73:8e:58:6e:96:51:10:c0:94:7d:8d:
a7:d1:36:42:a5:2e:3e:5c:a5:c0:3d:fa:22:bc:db:58:35:19:
4c:e9:3b:d9:0b:99:67:c0:d3:8d:cb:5f:2c:d7:82:e5:dd:09:
cb:89:41:95:5c:ac:35:80:38:cc:59:ce:9e:69:5e:42:6f:18:
39:5b:c4:c0:74:3d:c4:7f:c6:98:ce:d2:5b:ab:7f:5b:55:28:
ea:2b:ec:d8:73:e8:30:6f:7c:e1:0d:71:79:20:66:ed:fe:9f:
b6:2c:ce:32:5e:fe:0e:d2:10:f0:02:35:e1:68:a9:04:92:2d:
ca:fe:e9:97:fb:7b:1c:67:fc:73:0f:eb:22:4e:b5:89:c2:9f:
18:d2:b4:de:d7:b2:59:49:a8:08:f9:49:7c:09:53:27:49:55:
4a:f6:84:60:61:13:9c:c5:32:dc:8d:ba:96:b5:0f:99:fb:8a:
c1:9f:5f:9c:95:32:26:42:71:2a:fe:e1:70:bb:68:2a:c9:76:
f7:64:42:41
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPFaYnvtgYhl5fyDcOWvfc835IyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTEwMjQxMTQ4NDVaFw0yNjEwMjMxMTUzNDVaMDMxMTAvBgNV
BAMTKERCM0QwRDc1OUY1Nzk0N0NGQ0M1QTJFMEEyRkEzNkFBMDZGMkVBQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzZSEyGTBUgrSFoC0hhUOmGAoI
vrZuclTKEi5LyrNF5iC0jKU98dodumwLCNRcS8UNMk8sRfI0ZqT36jU7CeWUiGh3
EKGGW1Vi9/QHruhNQnGUyjHHlQgUUvCmiuXpDwXI8Bx25u9QSJ6YzOX8k2iBGd09
V2oiFBqeMo5An69ZMS9EEl6o+AqM0CDpKJKkhc4l7mjgrMr/T1C69npOJU7uY5vU
iSxzOyeoueP8oNG6FCkbBdJ2H4/dThfJS4Gqc4Cf+NYmsDttB5QNYxqkfmfo4wbY
Gwgl2B+RGhxOPLVpswyDmfK+i9nPRwGcmd8biXMlGvelLwp5NfIqBGBXUAJLAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2z0NdZ9XlHz8xaLgovo2qgby6qowHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnl
yzANBgkqhkiG9w0BAQsFAAOCAQEAw6qYAqwzIqSA0z2aGZsdH8qW1eU4M6J8YnuH
R3qAtlBGlLaWYoUowlM6ECOnj2WaqfIs99CI5/HP/fD0AXOOWG6WURDAlH2Np9E2
QqUuPlylwD36IrzbWDUZTOk72QuZZ8DTjctfLNeC5d0Jy4lBlVysNYA4zFnOnmle
Qm8YOVvEwHQ9xH/GmM7SW6t/W1Uo6ivs2HPoMG984Q1xeSBm7f6ftizOMl7+DtIQ
8AI14WipBJItyv7pl/t7HGf8cw/rIk61icKfGNK03teyWUmoCPlJfAlTJ0lVSvaE
YGETnMUy3I26lrUPmfuKwZ9fnJUyJkJxKv7hcLtoKsl292RCQQ==
-----END CERTIFICATE-----
Generated at Tue Oct 28 00:54:28 2025 by rpki-client