Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20383334.roa
File: 3139342e33312e3139362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: X8OAuG4B4nHQ/yj+E35DlPxMWBz+Vs9hREAabXu5Fs8=
Subject key identifier: ED:62:13:35:AC:A4:E9:04:16:FF:3D:69:FE:5F:B2:D4:EC:B1:8E:1A
Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Certificate serial: 5364F1DE7A71C4108936742D00BB229E5D741918
Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20383334.roa
Signing time: Mon 28 Apr 2025 00:01:48 +0000
ROA not before: Sun 27 Apr 2025 23:56:48 +0000
ROA not after: Mon 27 Apr 2026 00:01:48 +0000
asID: 834
IP address blocks: 194.31.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 11:15:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:64:f1:de:7a:71:c4:10:89:36:74:2d:00:bb:22:9e:5d:74:19:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6
Validity
Not Before: Apr 27 23:56:48 2025 GMT
Not After : Apr 27 00:01:48 2026 GMT
Subject: CN=ED621335ACA4E90416FF3D69FE5FB2D4ECB18E1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:b6:61:9b:76:ce:04:f8:05:fb:4c:e3:cc:
0c:43:0c:e9:d6:56:aa:1f:9c:bc:46:53:8d:93:73:
2c:f4:f6:b3:01:9f:44:3a:70:0b:fa:f7:ed:11:d7:
29:b3:f6:04:c3:ca:b3:fd:41:95:6d:a0:1e:50:af:
9e:cd:b6:bf:ea:a6:9e:24:d6:aa:73:6f:9b:95:69:
b3:3a:c2:3f:83:11:80:3a:59:70:14:e2:8d:5a:aa:
5b:20:c9:b1:6e:63:f5:19:cb:c8:69:82:3c:18:a3:
63:94:2e:bf:f0:ac:21:2c:db:8c:eb:d0:c4:0e:b4:
aa:a8:06:90:39:6a:b6:e4:67:32:77:ff:6e:eb:d5:
e4:e3:c6:29:ec:d0:32:4d:56:28:a0:ba:b2:1a:f7:
ef:a4:dc:e3:56:5f:5e:3d:10:db:ec:51:71:c0:9c:
f5:ce:e4:ac:0a:24:5e:9e:8d:c7:b1:e9:51:c4:94:
25:02:14:63:2f:11:56:8f:35:ba:ee:73:34:ae:5b:
c9:56:72:43:0e:8e:a1:d1:07:0f:5c:ef:6e:3b:5a:
82:d8:e0:73:34:81:a6:a5:e3:36:22:d7:63:72:26:
a0:9d:21:1a:cc:f6:62:ef:55:0c:e2:ef:17:70:08:
54:c4:d0:c4:fb:b1:c1:7f:1f:47:4c:56:a7:15:bc:
10:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:62:13:35:AC:A4:E9:04:16:FF:3D:69:FE:5F:B2:D4:EC:B1:8E:1A
X509v3 Authority Key Identifier:
keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/3139342e33312e3139362e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.31.196.0/24
Signature Algorithm: sha256WithRSAEncryption
81:f5:29:0d:b9:6c:0b:a2:07:4e:d7:85:88:39:98:1b:b3:35:
81:d6:dc:2a:9a:14:81:75:ce:d9:51:1f:a7:3b:97:6f:07:8b:
d2:40:89:d3:57:3a:80:85:d7:2c:b6:f1:60:be:04:fe:33:99:
62:54:11:31:a6:ea:b2:8c:fa:07:40:2d:e0:e8:11:d2:d2:7f:
39:de:8e:40:c1:84:52:e9:21:92:e1:53:d6:d5:44:c0:ea:50:
7e:ea:28:8d:db:6d:19:61:d9:a0:e7:50:64:d7:1f:d7:b8:20:
4b:47:2d:3e:d2:7d:b5:35:8c:16:dd:2a:4f:2f:e3:4e:66:71:
b1:e4:8b:6f:a4:00:60:10:c5:85:2b:08:1f:de:b1:03:11:7d:
64:1d:99:64:8e:ba:f3:fc:b2:45:49:ea:5c:44:d0:14:c4:c9:
13:f6:61:bc:ca:29:d5:ae:fa:5d:46:dd:e1:75:03:61:78:d0:
e0:31:5f:d6:26:fc:2b:18:c7:39:2e:e0:74:27:e1:e7:02:3a:
23:d4:1b:32:78:9d:02:35:bd:b8:56:30:85:59:57:46:33:f4:
88:8e:89:a7:41:1f:df:05:9d:93:e3:2b:46:fa:3d:f1:c6:70:
89:3f:76:8a:df:51:ae:7c:5a:cb:f5:be:dd:3e:68:52:47:35:
a0:7b:d4:53
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUU2Tx3npxxBCJNnQtALsinl10GRgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz
NTRmNDVjNjAeFw0yNTA0MjcyMzU2NDhaFw0yNjA0MjcwMDAxNDhaMDMxMTAvBgNV
BAMTKEVENjIxMzM1QUNBNEU5MDQxNkZGM0Q2OUZFNUZCMkQ0RUNCMThFMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrb7Zhm3bOBPgF+0zjzAxDDOnW
VqofnLxGU42Tcyz09rMBn0Q6cAv69+0R1ymz9gTDyrP9QZVtoB5Qr57Ntr/qpp4k
1qpzb5uVabM6wj+DEYA6WXAU4o1aqlsgybFuY/UZy8hpgjwYo2OULr/wrCEs24zr
0MQOtKqoBpA5arbkZzJ3/27r1eTjxins0DJNViigurIa9++k3ONWX149ENvsUXHA
nPXO5KwKJF6ejcex6VHElCUCFGMvEVaPNbruczSuW8lWckMOjqHRBw9c7247WoLY
4HM0gaal4zYi12NyJqCdIRrM9mLvVQzi7xdwCFTE0MT7scF/H0dMVqcVvBATAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQU7WITNayk6QQW/z1p/l+y1OyxjhowHwYDVR0j
BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh
NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW
UFJjWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt
MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzEzOTM0MmUzMzMxMmUzMTM5
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADCH8Qw
DQYJKoZIhvcNAQELBQADggEBAIH1KQ25bAuiB07XhYg5mBuzNYHW3CqaFIF1ztlR
H6c7l28Hi9JAidNXOoCF1yy28WC+BP4zmWJUETGm6rKM+gdALeDoEdLSfznejkDB
hFLpIZLhU9bVRMDqUH7qKI3bbRlh2aDnUGTXH9e4IEtHLT7SfbU1jBbdKk8v405m
cbHki2+kAGAQxYUrCB/esQMRfWQdmWSOuvP8skVJ6lxE0BTEyRP2YbzKKdWu+l1G
3eF1A2F40OAxX9Ym/CsYxzku4HQn4ecCOiPUGzJ4nQI1vbhWMIVZV0Yz9IiOiadB
H98FnZPjK0b6PfHGcIk/dorfUa58Wsv1vt0+aFJHNaB71FM=
-----END CERTIFICATE-----
Generated at Wed May 7 11:25:26 2025 by rpki-client