Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e372e302f32342d3234203d3e20383334.roa
File: 3135392e3235332e372e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: pKd1Ah1co5zKZbfKg2rN1Y8NOk+/hH4uKAkeXaPmtAk=
Subject key identifier: E1:CC:9A:86:01:49:0B:DF:D8:F1:7D:A6:4E:06:69:06:32:A2:D2:5C
Certificate issuer: /CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Certificate serial: 65798DCB94B16E1D72CFBAD426B8BC923D01A024
Authority key identifier: 4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e372e302f32342d3234203d3e20383334.roa
Signing time: Sat 02 Nov 2024 00:02:12 +0000
ROA not before: Fri 01 Nov 2024 23:57:12 +0000
ROA not after: Sat 01 Nov 2025 00:02:12 +0000
asID: 834
IP address blocks: 159.253.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 00:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:79:8d:cb:94:b1:6e:1d:72:cf:ba:d4:26:b8:bc:92:3d:01:a0:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c189e42f35c944d463d9ea6501f093eb62ba785
Validity
Not Before: Nov 1 23:57:12 2024 GMT
Not After : Nov 1 00:02:12 2025 GMT
Subject: CN=E1CC9A8601490BDFD8F17DA64E06690632A2D25C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:69:4a:6c:bd:2c:80:a6:0d:6c:4a:39:ee:b5:
fc:8a:11:49:f1:00:73:a0:c7:95:1f:b3:e3:5d:4f:
9e:5a:47:5c:84:fa:af:a1:1d:54:9e:74:a8:89:c3:
78:ba:1e:fc:fe:44:95:31:5b:98:16:a5:49:ef:36:
b3:fa:65:0c:43:7a:e3:c8:5e:fa:98:c9:98:49:8d:
e6:67:37:d9:74:e0:13:a1:69:ba:1c:af:71:7c:9a:
08:fd:ef:a5:42:2f:d1:95:12:ab:2a:c4:d1:2d:57:
69:a8:7b:d8:a2:b0:06:f3:1f:7f:28:f1:b7:c1:f6:
90:e9:19:0d:28:cb:95:0a:f6:ee:43:44:6c:b1:88:
87:34:d8:c3:d6:2f:bc:f5:54:07:85:bb:03:a0:19:
f5:6b:1a:1c:d1:b7:30:80:44:88:7a:d5:16:5f:45:
9b:ad:5d:cb:8f:b2:92:ea:3c:26:c5:e3:60:da:79:
bc:80:e8:dc:22:f7:88:ff:1f:94:ae:42:d6:5d:da:
cb:74:cb:1e:15:39:6b:07:cb:e7:3c:59:25:c8:ba:
c0:02:8d:31:2a:63:b8:9b:99:b3:57:97:34:5b:8c:
1b:99:11:32:54:a0:dc:a2:e6:73:cb:d3:81:47:93:
22:df:68:58:dd:97:2c:9b:90:a6:5e:cf:fd:82:fb:
c8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:CC:9A:86:01:49:0B:DF:D8:F1:7D:A6:4E:06:69:06:32:A2:D2:5C
X509v3 Authority Key Identifier:
keyid:4C:18:9E:42:F3:5C:94:4D:46:3D:9E:A6:50:1F:09:3E:B6:2B:A7:85
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/4C189E42F35C944D463D9EA6501F093EB62BA785.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBieQvNclE1GPZ6mUB8JPrYrp4U.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ce510e17-31fa-414b-989e-026dbb6fdf51/0/3135392e3235332e372e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.7.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:26:0e:72:c1:cd:88:eb:75:21:c7:61:92:bc:eb:f1:b0:87:
60:26:54:6f:23:6b:aa:82:e7:58:bc:7a:9b:8a:a1:25:a5:cb:
3e:8b:ce:7f:96:40:a8:e0:de:13:e5:71:05:d5:e4:22:46:6c:
84:87:8b:bb:86:12:d8:71:95:79:cc:ab:b5:66:0b:b9:99:d4:
1c:99:8e:e8:c8:fc:58:ac:95:ba:62:d7:50:5b:96:dd:8d:c5:
31:0a:a1:70:80:24:1e:99:f2:a1:c9:9e:cc:8d:d7:7f:1d:8d:
17:04:76:a1:bd:97:6d:74:0e:04:40:90:b8:be:de:ba:77:57:
78:4e:6a:22:05:63:98:3d:0e:f9:28:d9:8b:dd:ba:14:6a:7a:
c7:8d:11:5a:ba:0d:8e:13:b1:74:8b:2d:06:74:0d:25:d3:4f:
3f:d1:83:86:8a:ae:cc:da:0f:b6:42:34:78:bb:bc:99:1e:59:
07:af:1d:e9:c0:58:74:a8:37:f5:7f:f1:41:66:52:56:f3:ca:
ba:13:43:b2:32:9e:a8:b2:f4:5c:ed:97:5f:46:11:9e:ed:e9:
89:b9:e8:d0:f3:bd:af:ea:fa:05:12:fd:ff:8a:26:d9:58:4d:
59:37:61:bb:db:61:09:f9:9e:93:7b:87:dc:47:c9:98:17:7b:
37:54:2b:d4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUZXmNy5Sxbh1yz7rUJri8kj0BoCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGMxODllNDJmMzVjOTQ0ZDQ2M2Q5ZWE2NTAxZjA5M2Vi
NjJiYTc4NTAeFw0yNDExMDEyMzU3MTJaFw0yNTExMDEwMDAyMTJaMDMxMTAvBgNV
BAMTKEUxQ0M5QTg2MDE0OTBCREZEOEYxN0RBNjRFMDY2OTA2MzJBMkQyNUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxaUpsvSyApg1sSjnutfyKEUnx
AHOgx5Ufs+NdT55aR1yE+q+hHVSedKiJw3i6Hvz+RJUxW5gWpUnvNrP6ZQxDeuPI
XvqYyZhJjeZnN9l04BOhabocr3F8mgj976VCL9GVEqsqxNEtV2moe9iisAbzH38o
8bfB9pDpGQ0oy5UK9u5DRGyxiIc02MPWL7z1VAeFuwOgGfVrGhzRtzCARIh61RZf
RZutXcuPspLqPCbF42DaebyA6Nwi94j/H5SuQtZd2st0yx4VOWsHy+c8WSXIusAC
jTEqY7ibmbNXlzRbjBuZETJUoNyi5nPL04FHkyLfaFjdlyybkKZez/2C+8hTAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQU4cyahgFJC9/Y8X2mTgZpBjKi0lwwHwYDVR0j
BBgwFoAUTBieQvNclE1GPZ6mUB8JPrYrp4UwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2U1MTBlMTctMzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZk
ZjUxLzAvNEMxODlFNDJGMzVDOTQ0RDQ2M0Q5RUE2NTAxRjA5M0VCNjJCQTc4NS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1RCaWVRdk5jbEUxR1BaNm1VQjhKUHJZ
cnA0VS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvY2U1MTBlMTct
MzFmYS00MTRiLTk4OWUtMDI2ZGJiNmZkZjUxLzAvMzEzNTM5MmUzMjM1MzMyZTM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn/0HMA0G
CSqGSIb3DQEBCwUAA4IBAQB+Jg5ywc2I63Uhx2GSvOvxsIdgJlRvI2uqgudYvHqb
iqElpcs+i85/lkCo4N4T5XEF1eQiRmyEh4u7hhLYcZV5zKu1Zgu5mdQcmY7oyPxY
rJW6YtdQW5bdjcUxCqFwgCQemfKhyZ7Mjdd/HY0XBHahvZdtdA4EQJC4vt66d1d4
TmoiBWOYPQ75KNmL3boUanrHjRFaug2OE7F0iy0GdA0l008/0YOGiq7M2g+2QjR4
u7yZHlkHrx3pwFh0qDf1f/FBZlJW88q6E0OyMp6osvRc7ZdfRhGe7emJuejQ872v
6voFEv3/iibZWE1ZN2G722EJ+Z6Te4fcR8mYF3s3VCvU
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:46:54 2025 by rpki-client