Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234372e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3234372e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: rrcYlir49D5WB1uu+D4l5LFgOHFKgOx5DWFhuMklBSw=
Subject key identifier: 7C:22:D4:B1:A5:EB:2C:CF:39:8D:7D:AA:FE:F2:F7:CC:24:E7:DB:F5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 28A8B7EDED30BCB0E247DFD50E8A8994AABCC6DC
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234372e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:18 +0000
ROA not before: Sun 29 Dec 2024 23:20:18 +0000
ROA not after: Sun 28 Dec 2025 23:25:18 +0000
asID: 16276
IP address blocks: 82.23.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:a8:b7:ed:ed:30:bc:b0:e2:47:df:d5:0e:8a:89:94:aa:bc:c6:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:18 2024 GMT
Not After : Dec 28 23:25:18 2025 GMT
Subject: CN=7C22D4B1A5EB2CCF398D7DAAFEF2F7CC24E7DBF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:4b:7a:71:db:c2:23:a2:22:e4:0c:fe:26:b8:
84:f5:ee:9b:61:dc:51:e0:71:b2:d5:55:7f:32:77:
9c:1b:90:9b:24:7b:a2:b0:0e:69:37:ca:e3:53:58:
ba:77:33:84:5f:e4:e7:8e:62:15:28:b8:dd:35:4c:
5f:73:47:63:74:71:1a:ab:5b:83:b7:c9:a1:37:99:
6a:f9:fd:fa:59:bf:bb:12:64:bd:4b:b5:9b:08:e7:
d1:3b:48:d6:ff:85:d7:52:bd:e2:f8:5d:6e:f2:21:
3e:4d:a3:00:36:f7:84:43:74:64:82:ac:c8:fd:37:
d4:54:ce:3f:c5:59:4d:05:c6:51:c9:af:c5:55:6b:
ad:87:19:dc:c6:91:06:4c:fb:83:35:23:1f:d5:ef:
dd:d9:9a:19:64:9b:4a:55:8b:9f:48:e8:21:c9:87:
b0:99:04:f6:53:1a:dc:58:34:3c:ec:51:77:7e:03:
f1:ca:85:ef:d5:68:dc:0a:d6:13:eb:e1:44:26:47:
34:75:8c:cc:7c:5e:e4:63:97:dd:a7:5e:6b:c3:33:
1f:56:89:a7:01:7b:bb:46:14:83:76:6e:df:c5:2a:
85:6c:5c:65:2f:09:07:fd:ed:dd:41:4f:e1:2b:31:
d4:20:c0:af:d1:a5:36:12:78:1c:71:d7:5e:38:f3:
df:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:22:D4:B1:A5:EB:2C:CF:39:8D:7D:AA:FE:F2:F7:CC:24:E7:DB:F5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234372e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.247.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:67:e3:bf:76:93:9b:5b:54:a1:9a:2e:aa:04:84:05:3b:7a:
0c:22:d2:8e:59:a2:07:4c:58:25:b9:19:63:a9:5f:4d:5e:58:
da:9a:19:fc:95:ad:72:6e:7b:50:f2:40:9a:ae:15:e7:60:a6:
de:6e:14:97:71:7a:c0:50:f3:3f:d6:b7:f7:cb:3a:ce:67:83:
05:49:6d:ec:f8:b6:4c:5c:2c:83:47:2b:7c:2f:94:34:d1:89:
95:36:af:04:46:0a:f5:b2:1e:5d:ca:1f:3f:17:4d:1c:a0:ff:
2a:13:fa:c5:7e:d6:f1:a9:b6:c5:7e:c2:b9:74:c8:de:2a:47:
94:5f:94:3d:ca:98:97:a0:73:e8:f1:dc:16:8c:17:af:f3:6e:
7c:da:47:e5:38:5b:dc:e6:79:9c:b7:d0:b8:6d:db:77:53:12:
1a:dc:ad:ca:39:00:bc:29:41:2d:f6:20:af:cf:a8:aa:51:ba:
7d:93:9c:1a:8f:6a:e0:3d:07:48:11:e5:4f:15:d8:7d:45:fd:
4e:af:0b:bf:7c:5f:93:e6:4f:f9:23:6b:f2:3b:65:1c:5f:56:
9b:00:cd:4c:84:c1:e2:a9:22:87:bf:cc:71:10:bb:4a:87:c1:
b0:54:e1:13:34:0a:ea:46:c7:81:0c:7b:87:e4:1e:ae:c9:76:
b2:24:2e:8f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKKi37e0wvLDiR9/VDoqJlKq8xtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMThaFw0yNTEyMjgyMzI1MThaMDMxMTAvBgNV
BAMTKDdDMjJENEIxQTVFQjJDQ0YzOThEN0RBQUZFRjJGN0NDMjRFN0RCRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfS3px28IjoiLkDP4muIT17pth
3FHgcbLVVX8yd5wbkJske6KwDmk3yuNTWLp3M4Rf5OeOYhUouN01TF9zR2N0cRqr
W4O3yaE3mWr5/fpZv7sSZL1LtZsI59E7SNb/hddSveL4XW7yIT5NowA294RDdGSC
rMj9N9RUzj/FWU0FxlHJr8VVa62HGdzGkQZM+4M1Ix/V793Zmhlkm0pVi59I6CHJ
h7CZBPZTGtxYNDzsUXd+A/HKhe/VaNwK1hPr4UQmRzR1jMx8XuRjl92nXmvDMx9W
iacBe7tGFIN2bt/FKoVsXGUvCQf97d1BT+ErMdQgwK/RpTYSeBxx11448987AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUfCLUsaXrLM85jX2q/vL3zCTn2/UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNDM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
9zANBgkqhkiG9w0BAQsFAAOCAQEAXWfjv3aTm1tUoZouqgSEBTt6DCLSjlmiB0xY
JbkZY6lfTV5Y2poZ/JWtcm57UPJAmq4V52Cm3m4Ul3F6wFDzP9a398s6zmeDBUlt
7Pi2TFwsg0crfC+UNNGJlTavBEYK9bIeXcofPxdNHKD/KhP6xX7W8am2xX7CuXTI
3ipHlF+UPcqYl6Bz6PHcFowXr/NufNpH5Thb3OZ5nLfQuG3bd1MSGtytyjkAvClB
LfYgr8+oqlG6fZOcGo9q4D0HSBHlTxXYfUX9Tq8Lv3xfk+ZP+SNr8jtlHF9WmwDN
TITB4qkih7/McRC7SofBsFThEzQK6kbHgQx7h+Qersl2siQujw==
-----END CERTIFICATE-----
Generated at Wed May 7 00:25:41 2025 by rpki-client