Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e203630373831.roa
File: 3135392e3235332e342e302f32342d3234203d3e203630373831.roa (raw, json)
Hash identifier: vnxOwMr1ZXrH92u+lVwMa/fTMLiZ5bg7ZrKzD2dioQ0=
Subject key identifier: D4:96:31:B0:31:B4:34:45:CA:48:26:0D:65:98:71:64:13:DA:E4:BC
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 1A124CEEC0BEE9EEFD6799BB92CF8AD27BAF9F60
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e203630373831.roa
Signing time: Mon 30 Dec 2024 02:53:48 +0000
ROA not before: Mon 30 Dec 2024 02:48:48 +0000
ROA not after: Mon 29 Dec 2025 02:53:48 +0000
asID: 60781
IP address blocks: 159.253.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Feb 2025 00:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:12:4c:ee:c0:be:e9:ee:fd:67:99:bb:92:cf:8a:d2:7b:af:9f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Dec 30 02:48:48 2024 GMT
Not After : Dec 29 02:53:48 2025 GMT
Subject: CN=D49631B031B43445CA48260D6598716413DAE4BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:04:31:1b:07:3e:e9:28:2c:9e:64:84:80:
7c:c7:90:17:82:f8:6d:bc:43:78:fa:e8:31:c5:b0:
10:57:50:07:d1:89:31:2d:a9:7b:05:cf:31:a6:54:
b2:6a:49:a5:4b:c0:49:6f:35:c9:e9:00:a4:00:be:
80:f5:b3:82:af:d8:92:fa:84:36:36:b8:0d:33:cc:
97:9c:a2:58:ab:5e:3d:c5:23:d2:e2:61:23:52:a6:
d1:1d:e7:de:0b:30:f4:43:06:85:ad:f4:8a:a0:65:
fc:18:b3:35:52:ea:49:9e:47:7f:9a:74:37:7e:3b:
25:e3:71:b4:16:96:fa:bf:fb:d3:63:64:7c:dd:ec:
47:97:79:11:5d:29:15:fd:38:f0:b7:d4:63:0c:64:
16:d6:d4:24:77:88:b5:66:de:fe:2b:22:5a:84:f1:
a5:bd:89:88:9a:18:cb:fa:70:27:25:30:64:cf:6e:
a1:1b:e6:e6:a0:e4:85:6f:cb:81:b0:27:92:1d:8b:
d4:85:4b:ce:ba:e7:c9:51:d1:f3:8b:4d:7d:a3:83:
f8:93:d8:2c:f4:a3:04:0b:9b:c4:f6:7f:83:26:83:
7b:89:61:89:f0:e9:08:38:16:f5:eb:a1:40:09:b0:
c5:39:2e:d1:08:22:b7:ee:8b:f3:11:77:7a:69:2b:
b8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:96:31:B0:31:B4:34:45:CA:48:26:0D:65:98:71:64:13:DA:E4:BC
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e342e302f32342d3234203d3e203630373831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.4.0/24
Signature Algorithm: sha256WithRSAEncryption
05:f2:8f:a3:68:92:79:4e:5d:81:33:fd:82:15:04:3d:e0:b0:
3d:71:26:86:c7:fc:75:0b:3c:96:6f:3c:fa:58:67:19:29:37:
56:23:fd:9e:e9:6d:8b:b7:9c:64:f7:17:26:14:9f:60:0d:6a:
36:d0:2f:be:4a:44:67:38:9c:2b:84:61:6d:9e:f1:27:5e:ea:
d3:1e:48:bc:80:21:b4:6a:83:58:e0:82:b2:6f:df:10:cd:6b:
82:53:ce:66:12:06:8e:76:63:42:5f:e8:b1:f7:a8:d8:12:2a:
8b:3f:f0:9f:e1:33:5e:73:f9:ac:ba:90:f4:ee:25:8c:d0:b6:
80:df:66:c6:01:1a:de:f8:f1:af:6d:92:87:77:2e:f2:cc:04:
10:80:b2:de:06:6b:e9:83:e8:63:aa:89:2d:9a:a3:6e:71:87:
80:17:0d:33:f9:c6:c9:ee:4f:50:c7:9e:24:9f:25:ce:c4:a9:
66:97:4e:bb:ee:0d:99:f6:03:66:1b:a7:8a:15:32:a2:97:b2:
24:da:b8:99:60:4f:c6:2b:e4:b2:de:86:26:38:c5:22:c2:49:
7b:ca:aa:83:ee:1f:6e:d8:e6:2b:b5:01:3c:8b:4d:21:b2:b0:
c4:b6:9e:c7:8f:20:98:3c:4f:cc:04:28:94:d9:7a:eb:2d:44:
c5:9f:3f:1b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUGhJM7sC+6e79Z5m7ks+K0nuvn2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDEyMzAwMjQ4NDhaFw0yNTEyMjkwMjUzNDhaMDMxMTAvBgNV
BAMTKEQ0OTYzMUIwMzFCNDM0NDVDQTQ4MjYwRDY1OTg3MTY0MTNEQUU0QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5MQQxGwc+6SgsnmSEgHzHkBeC
+G28Q3j66DHFsBBXUAfRiTEtqXsFzzGmVLJqSaVLwElvNcnpAKQAvoD1s4Kv2JL6
hDY2uA0zzJecolirXj3FI9LiYSNSptEd594LMPRDBoWt9IqgZfwYszVS6kmeR3+a
dDd+OyXjcbQWlvq/+9NjZHzd7EeXeRFdKRX9OPC31GMMZBbW1CR3iLVm3v4rIlqE
8aW9iYiaGMv6cCclMGTPbqEb5uag5IVvy4GwJ5Idi9SFS86658lR0fOLTX2jg/iT
2Cz0owQLm8T2f4Mmg3uJYYnw6Qg4FvXroUAJsMU5LtEIIrfui/MRd3ppK7hdAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU1JYxsDG0NEXKSCYNZZhxZBPa5LwwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMDM3MzgzMS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ/9
BDANBgkqhkiG9w0BAQsFAAOCAQEABfKPo2iSeU5dgTP9ghUEPeCwPXEmhsf8dQs8
lm88+lhnGSk3ViP9nulti7ecZPcXJhSfYA1qNtAvvkpEZzicK4RhbZ7xJ17q0x5I
vIAhtGqDWOCCsm/fEM1rglPOZhIGjnZjQl/osfeo2BIqiz/wn+EzXnP5rLqQ9O4l
jNC2gN9mxgEa3vjxr22Sh3cu8swEEICy3gZr6YPoY6qJLZqjbnGHgBcNM/nGye5P
UMeeJJ8lzsSpZpdOu+4NmfYDZhunihUyopeyJNq4mWBPxivkst6GJjjFIsJJe8qq
g+4fbtjmK7UBPItNIbKwxLaex48gmDxPzAQolNl66y1ExZ8/Gw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:49:48 2025 by rpki-client