Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234392e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3234392e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: 3IoJ45PudLvgdze0v7lrM/lUyyXk6wbrkCOgwGWHeQ4=
Subject key identifier: CB:49:F0:25:60:1D:25:58:9D:68:19:51:B4:DD:F8:52:E9:A6:4B:D7
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3CEB717FE92833E11C176C0ABD8BFBCD7371E686
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234392e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:20 +0000
ROA not before: Sun 29 Dec 2024 23:20:20 +0000
ROA not after: Sun 28 Dec 2025 23:25:20 +0000
asID: 16276
IP address blocks: 82.23.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:eb:71:7f:e9:28:33:e1:1c:17:6c:0a:bd:8b:fb:cd:73:71:e6:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:20 2024 GMT
Not After : Dec 28 23:25:20 2025 GMT
Subject: CN=CB49F025601D25589D681951B4DDF852E9A64BD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0a:8a:e1:dd:c4:b5:f7:23:e2:ae:22:62:86:
de:c4:88:b0:50:d9:84:8b:2c:e3:80:23:92:5f:5f:
13:07:71:3b:28:59:56:39:9a:59:f6:f9:d3:f1:6b:
e4:cb:1a:ad:8b:86:75:42:2a:5d:01:2a:99:63:3e:
f5:e9:cc:fc:df:69:de:f7:e6:80:c7:dc:c3:3a:59:
eb:b3:b8:0c:92:c8:b3:5e:6d:bb:ad:8d:57:60:80:
26:36:91:25:07:3c:7d:f2:d9:fb:ad:2a:84:18:c4:
75:59:bc:e9:27:04:75:08:fc:2e:21:3e:6b:5c:e7:
20:c9:6b:d6:bd:d7:e0:98:88:6b:b9:78:3d:ef:5e:
b9:38:d6:a3:b8:bc:d7:98:02:b2:11:aa:a1:15:9f:
2b:93:9b:01:3c:5b:f6:b7:21:85:75:4d:fa:91:5f:
e4:8f:49:62:39:bd:2c:94:2a:5b:08:76:3f:8b:85:
cd:0d:8d:2b:79:1a:b0:87:2b:31:8e:65:43:04:d0:
ec:b6:c8:7a:42:65:32:d6:14:4a:7a:8f:d1:6c:7f:
f5:fe:43:7b:d0:f6:da:c3:c8:5b:d9:35:46:78:a1:
6c:23:ec:fd:08:26:36:f4:b7:f8:d8:f0:0a:f8:46:
08:c6:dd:0d:7a:bb:5a:83:2d:ac:78:21:54:41:1a:
11:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:49:F0:25:60:1D:25:58:9D:68:19:51:B4:DD:F8:52:E9:A6:4B:D7
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3234392e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:3c:48:91:b9:1a:2a:b8:fe:7a:95:d9:37:6e:45:41:85:f2:
f1:ad:cd:0a:b4:04:c3:85:bd:93:50:30:d4:1b:a6:a7:43:fa:
41:3e:fc:38:93:10:2a:cc:af:e6:7d:ff:56:49:ed:56:72:33:
0b:46:55:b0:f2:6f:a7:db:dc:37:ee:c5:05:06:e4:de:78:5b:
f7:a1:92:47:fb:69:1a:ac:e2:d2:3e:30:d3:07:da:05:81:a5:
05:61:b2:94:24:75:3a:ca:d4:5d:c9:cf:45:12:6c:a9:b6:eb:
81:8e:6c:43:07:b8:b3:b3:7d:e1:58:4f:86:70:47:1c:83:39:
a5:bf:dc:7d:2e:54:68:16:02:36:bd:b3:42:95:c8:94:76:51:
33:71:94:42:6e:31:b0:d7:d7:9b:b6:ba:c3:b1:94:bc:7d:0a:
29:a4:b3:2c:36:c0:a0:be:ad:d3:5f:04:be:1b:c3:d7:62:f7:
21:31:e1:09:62:29:b1:c4:91:76:ae:6a:96:79:d8:4f:eb:46:
ca:54:b6:f2:40:4a:37:9e:4d:64:f9:e8:21:c5:6c:79:f8:c5:
9e:eb:03:3a:06:64:fb:4b:74:f1:1e:17:30:89:00:8a:2d:ee:
87:52:f8:a2:87:4b:57:3a:9e:a0:19:3b:47:f4:0e:cb:13:63:
39:1e:da:d0
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUPOtxf+koM+EcF2wKvYv7zXNx5oYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjBaFw0yNTEyMjgyMzI1MjBaMDMxMTAvBgNV
BAMTKENCNDlGMDI1NjAxRDI1NTg5RDY4MTk1MUI0RERGODUyRTlBNjRCRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKCorh3cS19yPiriJiht7EiLBQ
2YSLLOOAI5JfXxMHcTsoWVY5mln2+dPxa+TLGq2LhnVCKl0BKpljPvXpzPzfad73
5oDH3MM6WeuzuAySyLNebbutjVdggCY2kSUHPH3y2futKoQYxHVZvOknBHUI/C4h
Pmtc5yDJa9a91+CYiGu5eD3vXrk41qO4vNeYArIRqqEVnyuTmwE8W/a3IYV1TfqR
X+SPSWI5vSyUKlsIdj+Lhc0NjSt5GrCHKzGOZUME0Oy2yHpCZTLWFEp6j9Fsf/X+
Q3vQ9trDyFvZNUZ4oWwj7P0IJjb0t/jY8Ar4RgjG3Q16u1qDLax4IVRBGhFZAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUy0nwJWAdJVidaBlRtN34UummS9cwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNDM5
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
+TANBgkqhkiG9w0BAQsFAAOCAQEAqDxIkbkaKrj+epXZN25FQYXy8a3NCrQEw4W9
k1Aw1Bump0P6QT78OJMQKsyv5n3/VkntVnIzC0ZVsPJvp9vcN+7FBQbk3nhb96GS
R/tpGqzi0j4w0wfaBYGlBWGylCR1OsrUXcnPRRJsqbbrgY5sQwe4s7N94VhPhnBH
HIM5pb/cfS5UaBYCNr2zQpXIlHZRM3GUQm4xsNfXm7a6w7GUvH0KKaSzLDbAoL6t
018EvhvD12L3ITHhCWIpscSRdq5qlnnYT+tGylS28kBKN55NZPnoIcVsefjFnusD
OgZk+0t08R4XMIkAii3uh1L4oodLVzqeoBk7R/QOyxNjOR7a0A==
-----END CERTIFICATE-----
Generated at Wed May 7 10:04:44 2025 by rpki-client