Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e20383334.roa
File: 3139332e3130392e3139382e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: T1xI9rnZ5jIFN7eiXbPeDKaphbzzpwXGYL4me+PSauQ=
Subject key identifier: 09:BC:29:72:1C:5F:E9:F7:F6:DD:BA:16:73:29:1D:12:97:9D:C6:A4
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 7048A68F2F5C32F00A824F9522BC66E099F88CA0
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e20383334.roa
Signing time: Sun 27 Apr 2025 11:15:13 +0000
ROA not before: Sun 27 Apr 2025 11:10:13 +0000
ROA not after: Sun 26 Apr 2026 11:15:13 +0000
asID: 834
IP address blocks: 193.109.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 14:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:48:a6:8f:2f:5c:32:f0:0a:82:4f:95:22:bc:66:e0:99:f8:8c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Apr 27 11:10:13 2025 GMT
Not After : Apr 26 11:15:13 2026 GMT
Subject: CN=09BC29721C5FE9F7F6DDBA1673291D12979DC6A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:37:b1:14:83:c7:f4:08:29:d3:f6:0b:a9:23:
53:c9:c5:f6:b1:f3:fc:e9:ee:ca:f2:72:5e:98:3a:
1e:f0:d0:3a:44:90:d5:09:ce:6c:d1:e6:1f:4d:13:
6c:8b:06:46:fe:6e:7d:fe:fa:bb:89:72:0f:db:6c:
94:ec:f5:06:37:ab:d3:db:24:d0:8f:f7:c6:71:26:
28:89:36:84:66:ca:72:ff:1b:dc:b0:07:9a:11:23:
c8:73:ff:bb:a7:8b:72:f0:3a:f6:ac:d4:a2:ab:a2:
d3:77:84:f3:75:75:b7:2b:f7:ff:76:90:8a:2f:c0:
f5:76:6a:1b:1b:0a:06:ee:e4:68:e2:a0:d7:63:45:
97:43:f1:99:34:79:40:83:db:88:88:6a:ae:f3:e8:
19:d2:80:02:78:01:41:8b:4f:17:0a:04:cb:08:d7:
9b:fb:21:5b:1b:60:78:ce:91:63:73:50:60:fa:a7:
bb:88:cc:16:33:aa:bf:94:ef:58:a6:cf:d9:0b:64:
87:db:d9:cf:bb:1c:50:46:1d:d9:17:2c:56:ac:ce:
6c:84:22:9a:47:80:ea:7d:0c:b1:05:80:e5:28:9d:
c8:59:cc:8f:c5:ea:65:db:4a:bc:00:ca:d2:58:5a:
4a:29:8e:04:5c:d9:fe:dc:50:76:8b:7f:83:27:28:
f1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:BC:29:72:1C:5F:E9:F7:F6:DD:BA:16:73:29:1D:12:97:9D:C6:A4
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3139332e3130392e3139382e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.198.0/24
Signature Algorithm: sha256WithRSAEncryption
52:3b:ab:f3:dc:77:8b:24:5d:9a:be:43:24:c6:19:0e:05:4d:
2b:3a:fa:9d:7b:08:8c:0e:f0:46:24:e3:40:2d:60:46:76:56:
05:66:37:71:60:14:aa:76:4a:9c:4c:26:7c:a0:38:79:5e:bd:
0a:ae:d2:99:c8:ca:fb:c8:67:29:45:5c:c0:95:d9:b2:85:31:
15:71:0f:59:b2:f5:74:32:1c:4f:28:39:fb:31:04:38:f8:d6:
b5:60:ae:59:36:a2:8d:cc:7b:4f:f4:a8:fe:d3:92:3c:f4:a9:
a4:ca:41:d5:c3:bc:44:35:de:40:79:5a:4a:80:86:db:98:2b:
e5:60:36:15:ab:1d:eb:37:3f:dd:2c:47:07:f9:64:fc:83:07:
5e:4c:5a:34:b7:2c:e1:fb:eb:fc:52:4e:0c:dd:10:d0:82:2a:
e9:c1:5e:9f:ce:b4:df:73:17:2b:b5:de:12:3b:6c:9b:3d:d9:
c7:5f:d4:b4:e8:a6:af:d2:a8:97:2e:2e:0b:2d:83:b2:29:b1:
33:11:17:a2:c1:89:21:df:e5:7a:7b:be:f6:e4:e8:59:33:1b:
60:a2:4c:59:65:2e:2b:9f:4b:37:19:02:c4:84:63:f4:af:91:
30:ca:04:30:67:3c:72:55:ff:61:75:bd:82:af:56:02:4d:ac:
bf:12:d6:40
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUcEimjy9cMvAKgk+VIrxm4Jn4jKAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA0MjcxMTEwMTNaFw0yNjA0MjYxMTE1MTNaMDMxMTAvBgNV
BAMTKDA5QkMyOTcyMUM1RkU5RjdGNkREQkExNjczMjkxRDEyOTc5REM2QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWN7EUg8f0CCnT9gupI1PJxfax
8/zp7srycl6YOh7w0DpEkNUJzmzR5h9NE2yLBkb+bn3++ruJcg/bbJTs9QY3q9Pb
JNCP98ZxJiiJNoRmynL/G9ywB5oRI8hz/7uni3LwOvas1KKrotN3hPN1dbcr9/92
kIovwPV2ahsbCgbu5GjioNdjRZdD8Zk0eUCD24iIaq7z6BnSgAJ4AUGLTxcKBMsI
15v7IVsbYHjOkWNzUGD6p7uIzBYzqr+U71imz9kLZIfb2c+7HFBGHdkXLFaszmyE
IppHgOp9DLEFgOUonchZzI/F6mXbSrwAytJYWkopjgRc2f7cUHaLf4MnKPHPAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUCbwpchxf6ff23boWcykdEpedxqQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzOTMzMmUzMTMwMzkyZTMx
MzkzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFt
xjANBgkqhkiG9w0BAQsFAAOCAQEAUjur89x3iyRdmr5DJMYZDgVNKzr6nXsIjA7w
RiTjQC1gRnZWBWY3cWAUqnZKnEwmfKA4eV69Cq7SmcjK+8hnKUVcwJXZsoUxFXEP
WbL1dDIcTyg5+zEEOPjWtWCuWTaijcx7T/So/tOSPPSppMpB1cO8RDXeQHlaSoCG
25gr5WA2Fasd6zc/3SxHB/lk/IMHXkxaNLcs4fvr/FJODN0Q0IIq6cFen86033MX
K7XeEjtsmz3Zx1/UtOimr9Koly4uCy2DsimxMxEXosGJId/lenu+9uToWTMbYKJM
WWUuK59LNxkCxIRj9K+RMMoEMGc8clX/YXW9gq9WAk2svxLWQA==
-----END CERTIFICATE-----
Generated at Sun May 11 19:11:30 2025 by rpki-client