Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234362e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3234362e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: RJ2CtlqppeVszXgf4j5o+IhBhP2OK0DPH/MXo/6Yw9w=
Subject key identifier: 93:3E:8C:B1:8F:F8:7A:B0:1F:8D:90:3A:F1:91:4C:25:F8:41:AE:A1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 64F6AC80DA501C6EC1BA9EEF2FEE20F4B92ABF7A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234362e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:18 +0000
ROA not before: Sun 29 Dec 2024 23:20:18 +0000
ROA not after: Sun 28 Dec 2025 23:25:18 +0000
asID: 16276
IP address blocks: 82.23.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:f6:ac:80:da:50:1c:6e:c1:ba:9e:ef:2f:ee:20:f4:b9:2a:bf:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:18 2024 GMT
Not After : Dec 28 23:25:18 2025 GMT
Subject: CN=933E8CB18FF87AB01F8D903AF1914C25F841AEA1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:87:7b:a8:38:32:1e:d7:6b:1e:ac:a4:70:51:
e1:48:61:69:21:95:f2:50:7d:66:90:29:46:5b:6f:
5f:d6:a3:5c:93:97:24:8d:99:cf:ce:57:12:34:ab:
a2:a5:dd:51:8c:0b:86:07:26:41:e5:ba:c0:89:0e:
bf:fb:1e:35:82:1d:9d:c1:c9:88:c7:7c:ed:48:e7:
38:30:e4:8e:bb:52:3e:8e:d6:36:34:5a:94:43:f0:
37:f7:8a:f0:03:b0:3e:31:c4:22:cb:bd:cf:31:a0:
d6:90:55:5e:63:0c:e3:fa:63:00:22:70:77:e8:fe:
81:91:10:3e:6d:a8:3a:55:76:6d:17:4c:d4:f7:96:
24:69:72:22:09:f2:d9:b4:9d:93:3f:04:67:4c:b3:
a9:28:da:6b:97:61:dd:90:72:20:d6:2b:9b:8f:bd:
30:b4:13:46:10:88:1e:76:9f:84:d8:fd:fd:24:80:
87:25:78:ce:42:04:d9:de:ef:0e:3d:fe:9c:01:f8:
81:1e:7c:52:3c:6d:05:ae:5c:e7:f4:c5:db:af:2a:
a0:a8:63:e7:42:6f:a4:28:2b:96:d9:33:73:ae:f5:
82:a7:5c:55:1a:e6:21:b4:ae:dc:6f:11:84:10:ca:
5f:21:09:3f:73:06:a5:32:20:77:58:f4:db:75:c6:
09:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3E:8C:B1:8F:F8:7A:B0:1F:8D:90:3A:F1:91:4C:25:F8:41:AE:A1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234362e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.246.0/24
Signature Algorithm: sha256WithRSAEncryption
39:08:9a:a4:04:52:e6:ab:f9:80:0e:8a:66:3a:b1:ff:c2:c1:
46:2b:d9:c6:41:b5:9d:86:0f:b4:2f:a1:af:48:02:fa:68:ef:
b3:fb:4e:c4:0d:fe:b5:59:54:dc:4c:28:db:8f:92:a0:07:6b:
93:85:97:c2:f5:fd:0b:f7:43:38:4b:e1:11:c1:a9:58:17:fb:
49:03:02:95:7e:b0:31:26:07:cd:62:0a:70:f4:22:a0:fd:cf:
cd:27:22:2d:17:7d:04:5a:74:44:c8:0b:ce:c0:3a:f4:63:cc:
1c:6a:07:5c:81:9d:b6:be:8a:79:23:5f:2c:b2:af:3a:4e:54:
b6:90:87:b8:4c:5b:7f:ac:56:fd:95:d9:d5:61:42:cc:38:47:
0a:17:5f:45:56:8e:cb:d4:b3:37:9d:3c:01:37:38:5d:89:d2:
37:ef:41:d4:92:17:e2:df:0a:ce:de:90:c6:e7:31:05:74:7c:
c9:31:dd:73:43:ca:ec:1b:36:a7:a8:eb:ee:76:18:59:3b:8d:
fb:4c:69:03:c8:72:9e:98:da:dd:76:0d:ad:88:b1:9f:4a:f6:
6b:ae:f9:7a:83:b4:e6:ee:fa:a7:30:c5:d7:a1:89:2b:b3:3d:
85:d2:a8:90:bc:18:7d:a7:25:26:d5:3b:b1:42:71:12:ed:99:
71:a1:83:e3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUZPasgNpQHG7Bup7vL+4g9Lkqv3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMThaFw0yNTEyMjgyMzI1MThaMDMxMTAvBgNV
BAMTKDkzM0U4Q0IxOEZGODdBQjAxRjhEOTAzQUYxOTE0QzI1Rjg0MUFFQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTh3uoODIe12serKRwUeFIYWkh
lfJQfWaQKUZbb1/Wo1yTlySNmc/OVxI0q6Kl3VGMC4YHJkHlusCJDr/7HjWCHZ3B
yYjHfO1I5zgw5I67Uj6O1jY0WpRD8Df3ivADsD4xxCLLvc8xoNaQVV5jDOP6YwAi
cHfo/oGRED5tqDpVdm0XTNT3liRpciIJ8tm0nZM/BGdMs6ko2muXYd2QciDWK5uP
vTC0E0YQiB52n4TY/f0kgIcleM5CBNne7w49/pwB+IEefFI8bQWuXOf0xduvKqCo
Y+dCb6QoK5bZM3Ou9YKnXFUa5iG0rtxvEYQQyl8hCT9zBqUyIHdY9Nt1xgmpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUkz6MsY/4erAfjZA68ZFMJfhBrqEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNDM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
9jANBgkqhkiG9w0BAQsFAAOCAQEAOQiapARS5qv5gA6KZjqx/8LBRivZxkG1nYYP
tC+hr0gC+mjvs/tOxA3+tVlU3Ewo24+SoAdrk4WXwvX9C/dDOEvhEcGpWBf7SQMC
lX6wMSYHzWIKcPQioP3PzSciLRd9BFp0RMgLzsA69GPMHGoHXIGdtr6KeSNfLLKv
Ok5UtpCHuExbf6xW/ZXZ1WFCzDhHChdfRVaOy9SzN508ATc4XYnSN+9B1JIX4t8K
zt6QxucxBXR8yTHdc0PK7Bs2p6jr7nYYWTuN+0xpA8hynpja3XYNrYixn0r2a675
eoO05u76pzDF16GJK7M9hdKokLwYfaclJtU7sUJxEu2ZcaGD4w==
-----END CERTIFICATE-----
Generated at Wed May 7 00:32:36 2025 by rpki-client