Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32312e302e302f31362d3234203d3e20383334.roa
File: 38322e32312e302e302f31362d3234203d3e20383334.roa (raw, json)
Hash identifier: KrCdz4AbmiCYZ1VBVZK5oMzz5NAZ19tmkzC82kgryEI=
Subject key identifier: BC:F0:43:C1:7E:AA:DF:FE:CB:19:F5:61:63:6D:1D:FB:9C:7A:80:90
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4BD6C5B02F43D60AC841CBC77BD63826495ED2A2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32312e302e302f31362d3234203d3e20383334.roa
Signing time: Fri 27 Dec 2024 10:04:54 +0000
ROA not before: Fri 27 Dec 2024 09:59:54 +0000
ROA not after: Fri 26 Dec 2025 10:04:54 +0000
asID: 834
IP address blocks: 82.21.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 11:21:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:d6:c5:b0:2f:43:d6:0a:c8:41:cb:c7:7b:d6:38:26:49:5e:d2:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 27 09:59:54 2024 GMT
Not After : Dec 26 10:04:54 2025 GMT
Subject: CN=BCF043C17EAADFFECB19F561636D1DFB9C7A8090
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d0:ad:fc:b9:f0:24:10:2f:04:a4:d4:77:d4:
75:99:c2:9d:19:24:b0:0f:3b:39:04:ac:9c:ef:c1:
ec:5b:de:35:f3:54:65:cf:92:a1:40:61:ed:d7:ab:
03:ce:5a:7f:5e:65:1e:69:47:d1:9e:6a:95:37:93:
5c:f3:be:5f:12:e5:21:26:b9:36:1b:60:fc:1e:d5:
ee:be:34:5b:25:3f:a2:7c:07:af:64:bb:a6:50:42:
69:db:91:9a:9b:a8:00:ca:b4:23:a2:89:0d:29:67:
11:64:9b:71:2e:f6:c3:bd:d0:53:6d:f3:aa:d5:cb:
47:c2:4b:54:ed:e4:64:3c:d1:d5:f0:0c:05:51:c4:
2b:77:b2:3d:0a:3a:a2:05:70:e3:e0:a4:5c:a1:8a:
01:8e:80:4e:0c:77:92:fa:dd:7c:04:24:28:40:20:
8b:13:66:52:36:08:78:15:0c:30:a7:ea:a3:3c:ce:
22:a2:1b:61:45:b5:a0:80:fc:24:61:a2:30:a3:f7:
e9:65:19:72:21:6b:f7:13:cf:c7:8c:8f:08:a0:6c:
5b:ae:14:94:64:de:93:40:81:eb:f0:73:84:dc:29:
36:27:56:e9:4b:cc:46:31:e7:08:55:ef:1b:49:73:
5b:8a:8b:3f:b6:ff:2b:29:ac:c8:e7:ab:25:1a:be:
18:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:F0:43:C1:7E:AA:DF:FE:CB:19:F5:61:63:6D:1D:FB:9C:7A:80:90
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32312e302e302f31362d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
15:fb:e4:ad:a4:91:40:4f:fa:0e:01:3f:a2:24:46:44:df:21:
17:18:53:30:4d:5e:ec:2d:b9:21:1f:61:e2:11:52:9d:de:41:
cc:57:2e:82:65:8e:c4:96:96:40:d9:e5:bd:10:e6:a6:d4:88:
04:4a:a6:98:9d:1a:92:a4:b4:34:db:1f:67:07:93:26:7f:60:
4e:a3:43:a9:1c:e0:e8:be:eb:3d:1d:fd:55:f7:1f:13:28:16:
a5:c0:8f:24:ed:37:7d:de:25:41:98:a7:d9:08:59:f1:43:43:
27:85:0b:ff:67:13:54:0b:9d:d4:48:ed:c1:8b:e6:97:3b:06:
8a:fc:d0:5e:57:c4:29:04:4a:2b:7c:ca:20:fe:b2:ea:2a:87:
ec:51:fe:78:45:e9:d5:4b:90:59:f4:60:e6:f1:8d:7f:b3:eb:
97:3a:71:99:37:a8:a6:0b:a9:f5:05:80:4b:91:0f:7f:ef:a8:
dd:8b:21:7d:ff:c2:44:ce:51:c9:de:40:16:af:5d:59:81:d1:
01:d5:cc:96:52:8f:97:9a:e0:ba:61:bb:11:4c:b7:dc:3c:7c:
98:28:8c:37:b2:57:ad:23:36:5e:4b:54:c6:8e:da:78:6b:6f:
a0:05:ee:90:4f:2e:d4:45:8c:8c:34:b6:59:bf:db:28:68:97:
15:e3:2d:e8
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUS9bFsC9D1grIQcvHe9Y4Jkle0qIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjcwOTU5NTRaFw0yNTEyMjYxMDA0NTRaMDMxMTAvBgNV
BAMTKEJDRjA0M0MxN0VBQURGRkVDQjE5RjU2MTYzNkQxREZCOUM3QTgwOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb0K38ufAkEC8EpNR31HWZwp0Z
JLAPOzkErJzvwexb3jXzVGXPkqFAYe3XqwPOWn9eZR5pR9GeapU3k1zzvl8S5SEm
uTYbYPwe1e6+NFslP6J8B69ku6ZQQmnbkZqbqADKtCOiiQ0pZxFkm3Eu9sO90FNt
86rVy0fCS1Tt5GQ80dXwDAVRxCt3sj0KOqIFcOPgpFyhigGOgE4Md5L63XwEJChA
IIsTZlI2CHgVDDCn6qM8ziKiG2FFtaCA/CRhojCj9+llGXIha/cTz8eMjwigbFuu
FJRk3pNAgevwc4TcKTYnVulLzEYx5whV7xtJc1uKiz+2/ysprMjnqyUavhgvAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUvPBDwX6q3/7LGfVhY20d+5x6gJAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMTJlMzAyZTMw
MmYzMTM2MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwBSFTANBgkqhkiG
9w0BAQsFAAOCAQEAFfvkraSRQE/6DgE/oiRGRN8hFxhTME1e7C25IR9h4hFSnd5B
zFcugmWOxJaWQNnlvRDmptSIBEqmmJ0akqS0NNsfZweTJn9gTqNDqRzg6L7rPR39
VfcfEygWpcCPJO03fd4lQZin2QhZ8UNDJ4UL/2cTVAud1EjtwYvmlzsGivzQXlfE
KQRKK3zKIP6y6iqH7FH+eEXp1UuQWfRg5vGNf7PrlzpxmTeopgup9QWAS5EPf++o
3Yshff/CRM5Ryd5AFq9dWYHRAdXMllKPl5rgumG7EUy33Dx8mCiMN7JXrSM2XktU
xo7aeGtvoAXukE8u1EWMjDS2Wb/bKGiXFeMt6A==
-----END CERTIFICATE-----
Generated at Wed May 7 09:26:40 2025 by rpki-client