Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235302e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235302e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: 8g/PPIkx3fHceKGZXmIG1G46aSlRq2l0AxuaTcC3PxQ=
Subject key identifier: 18:FB:E3:CD:6F:D8:4D:CC:BE:88:AA:A5:DF:CF:A3:09:52:E9:DB:A5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3731834B09F41C525285666DE5F96EC769B233D0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235302e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:20 +0000
ROA not before: Sun 29 Dec 2024 23:20:20 +0000
ROA not after: Sun 28 Dec 2025 23:25:20 +0000
asID: 16276
IP address blocks: 82.23.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:31:83:4b:09:f4:1c:52:52:85:66:6d:e5:f9:6e:c7:69:b2:33:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:20 2024 GMT
Not After : Dec 28 23:25:20 2025 GMT
Subject: CN=18FBE3CD6FD84DCCBE88AAA5DFCFA30952E9DBA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3b:05:07:e7:d5:5c:2e:d7:45:0f:2f:60:b5:
be:7a:14:c7:cd:56:a1:84:2c:cf:2c:c0:37:99:55:
a9:1e:44:f8:5a:28:6f:52:30:86:02:52:83:b0:b3:
96:7e:c1:9c:52:41:41:9a:ff:6f:d5:e8:8a:0b:ac:
09:8b:6e:32:22:0d:1d:e3:d6:71:f6:94:44:aa:4d:
0e:da:73:6e:6b:3f:74:a7:37:89:8c:50:1f:8d:a2:
0e:fb:73:87:ee:24:6e:68:c8:22:eb:ef:1b:56:5e:
ad:c5:e6:ea:52:c7:14:00:67:ad:33:81:3c:9d:29:
5e:32:6b:a2:af:5d:87:58:59:56:29:0f:36:40:f4:
1f:6d:82:11:82:73:be:98:2e:9b:10:78:8b:3f:ee:
45:c7:7c:15:81:3c:a0:ae:41:79:dc:aa:e2:8f:1d:
e4:fa:0d:77:fc:0c:dd:c7:80:95:9b:01:dd:c9:52:
37:c3:c3:f6:78:84:2e:48:38:7a:37:7e:3d:d3:81:
51:4f:7c:b0:37:60:b5:a6:06:8a:f1:02:2e:88:0a:
e7:1a:2b:cd:b4:d5:c3:e6:88:b5:de:66:db:65:f8:
0c:5d:2e:78:52:e9:b8:16:9b:ab:90:3e:73:dc:05:
53:29:db:89:75:59:fa:95:7c:46:b4:e0:fe:73:bd:
25:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:FB:E3:CD:6F:D8:4D:CC:BE:88:AA:A5:DF:CF:A3:09:52:E9:DB:A5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235302e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.250.0/24
Signature Algorithm: sha256WithRSAEncryption
50:59:0f:fa:81:31:7e:60:f4:f7:18:a0:b4:55:20:11:c5:dd:
33:37:ba:27:ca:97:85:9a:3b:ce:48:fb:78:0b:f1:e2:00:6a:
91:a1:2d:80:17:c3:46:fb:8a:4e:b4:06:81:30:24:94:c8:58:
50:77:8b:9b:5e:01:7f:ef:ac:f9:dd:2e:c3:58:ac:4b:2b:60:
e6:31:87:08:f5:3f:0c:d3:75:11:59:00:e2:71:4d:54:1f:1a:
b8:64:c6:4d:ab:a2:bc:45:4f:3e:fc:14:ff:38:d0:ec:72:09:
1e:f6:fe:f1:62:5d:9d:fc:1c:59:4b:e4:48:85:67:f4:70:09:
3d:1e:a5:dc:4f:75:1d:d9:13:4d:67:35:06:51:3f:da:4e:e6:
ea:bd:de:dd:19:08:d1:eb:11:fe:e6:2c:f9:79:2d:66:72:90:
4a:ce:75:1b:a6:0f:3a:b1:a3:8c:50:bd:a8:b7:c1:41:33:14:
0c:02:b4:8e:bc:65:a7:75:21:75:99:f0:ec:d4:65:3d:16:b9:
d0:d4:8c:67:02:f2:23:1a:d0:bd:56:14:78:13:e8:03:a5:00:
07:5a:fd:0f:7b:5f:82:8c:a2:e8:b8:08:88:72:3a:70:b7:8b:
d6:a4:a5:e5:b8:2c:18:bc:d3:c0:94:f9:b0:3b:99:77:d6:76:
8e:e3:b3:68
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUNzGDSwn0HFJShWZt5flux2myM9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjBaFw0yNTEyMjgyMzI1MjBaMDMxMTAvBgNV
BAMTKDE4RkJFM0NENkZEODREQ0NCRTg4QUFBNURGQ0ZBMzA5NTJFOURCQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYOwUH59VcLtdFDy9gtb56FMfN
VqGELM8swDeZVakeRPhaKG9SMIYCUoOws5Z+wZxSQUGa/2/V6IoLrAmLbjIiDR3j
1nH2lESqTQ7ac25rP3SnN4mMUB+Nog77c4fuJG5oyCLr7xtWXq3F5upSxxQAZ60z
gTydKV4ya6KvXYdYWVYpDzZA9B9tghGCc76YLpsQeIs/7kXHfBWBPKCuQXncquKP
HeT6DXf8DN3HgJWbAd3JUjfDw/Z4hC5IOHo3fj3TgVFPfLA3YLWmBorxAi6ICuca
K8201cPmiLXeZttl+AxdLnhS6bgWm6uQPnPcBVMp24l1WfqVfEa04P5zvSUpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUGPvjzW/YTcy+iKql38+jCVLp26UwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
+jANBgkqhkiG9w0BAQsFAAOCAQEAUFkP+oExfmD09xigtFUgEcXdMze6J8qXhZo7
zkj7eAvx4gBqkaEtgBfDRvuKTrQGgTAklMhYUHeLm14Bf++s+d0uw1isSytg5jGH
CPU/DNN1EVkA4nFNVB8auGTGTauivEVPPvwU/zjQ7HIJHvb+8WJdnfwcWUvkSIVn
9HAJPR6l3E91HdkTTWc1BlE/2k7m6r3e3RkI0esR/uYs+XktZnKQSs51G6YPOrGj
jFC9qLfBQTMUDAK0jrxlp3UhdZnw7NRlPRa50NSMZwLyIxrQvVYUeBPoA6UAB1r9
D3tfgoyi6LgIiHI6cLeL1qSl5bgsGLzTwJT5sDuZd9Z2juOzaA==
-----END CERTIFICATE-----
Generated at Wed May 7 15:07:50 2025 by rpki-client