Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235312e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235312e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: ZKj1XFHvDVdEKc9ZCoPt8DU7FTG1DCnBWqfwzfeFQgg=
Subject key identifier: 03:67:16:8A:E5:F9:D6:AB:88:67:AF:E3:F3:1E:0B:30:B6:40:A2:E5
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 60BF30AA80DBBDD133CB0FA0B6EF64F971764290
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235312e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:21 +0000
ROA not before: Sun 29 Dec 2024 23:20:21 +0000
ROA not after: Sun 28 Dec 2025 23:25:21 +0000
asID: 16276
IP address blocks: 82.23.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:bf:30:aa:80:db:bd:d1:33:cb:0f:a0:b6:ef:64:f9:71:76:42:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:21 2024 GMT
Not After : Dec 28 23:25:21 2025 GMT
Subject: CN=0367168AE5F9D6AB8867AFE3F31E0B30B640A2E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:43:97:32:8f:c6:31:e9:b4:30:5b:a2:9e:bc:
8e:f0:84:09:3c:8c:04:87:c6:05:21:56:3b:77:11:
c6:e1:3e:94:78:94:3b:cd:17:3f:48:f1:6f:a1:55:
67:9a:26:59:3a:79:86:e2:ab:5d:29:e9:23:7d:e9:
b6:b7:33:89:af:8e:09:ba:16:93:ca:ed:43:fd:03:
b3:32:f2:79:55:03:95:cb:4a:38:25:07:65:79:67:
48:e7:7d:f9:63:1c:1f:2f:b0:bd:8c:7d:5e:22:e1:
f3:a8:83:d3:b2:70:e8:dd:cf:64:1f:7a:8b:60:35:
f3:b5:63:13:ae:37:02:b5:62:2e:7b:65:c9:e7:7a:
07:93:e0:89:0c:49:0a:43:5d:fb:70:ac:88:69:7a:
3f:2b:ff:bf:84:8a:e5:90:e5:14:45:18:0b:79:62:
db:a7:84:1a:e8:ab:1e:9b:92:e0:f9:92:88:53:03:
4b:71:1f:d9:8d:5f:d6:ad:9e:40:06:5e:ee:70:ae:
02:e4:55:69:7a:6d:a4:9e:3f:a8:16:c5:40:c2:0a:
19:bb:83:a6:a3:26:df:a0:f8:d2:8a:1d:e4:6e:16:
66:8e:bc:f0:30:4b:65:a3:71:cb:a0:5c:e1:cd:66:
b1:5a:3e:e4:b7:aa:58:27:94:94:d7:5c:3f:34:3c:
32:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:67:16:8A:E5:F9:D6:AB:88:67:AF:E3:F3:1E:0B:30:B6:40:A2:E5
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235312e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.251.0/24
Signature Algorithm: sha256WithRSAEncryption
91:ac:a6:b2:aa:39:82:6a:9d:40:f2:64:43:57:de:1c:cd:c9:
c6:1a:a1:0f:a5:a1:6f:b3:4e:52:95:9e:f9:b5:8a:66:0e:8a:
61:c9:f2:d0:5f:f5:9e:3f:91:ed:d6:a7:ec:2b:6e:b3:77:a9:
88:89:77:cb:c0:5f:57:ae:0c:46:1e:75:0e:18:29:5a:4d:10:
3d:8b:8f:b1:49:b7:d8:62:9f:51:66:18:80:30:8f:2b:7c:c6:
5d:1e:60:c3:ba:1f:c3:49:a1:cb:55:03:fa:23:d0:e6:19:fa:
76:29:d2:17:b7:9c:96:2a:84:44:a2:5a:ae:84:1f:af:28:19:
02:9c:81:95:ae:b5:2b:c2:81:d7:c6:30:ee:f5:d1:26:a7:93:
f2:e7:88:c3:d3:5f:30:01:95:d1:9a:80:0f:92:c6:df:96:73:
9e:e3:d3:41:65:72:cf:fb:61:86:11:15:1c:20:56:78:16:a2:
b7:ec:18:35:c2:59:e1:0a:ec:79:ac:cc:92:6b:c4:f5:ae:ca:
c0:cd:55:bb:ed:3f:e8:b2:b2:d2:3f:e3:c5:67:fd:4a:2f:2d:
c0:59:ce:f1:a2:e0:7c:d1:bf:1a:48:be:26:6e:55:0a:45:f2:
44:8e:0d:7c:03:1d:38:60:93:11:f7:ef:bc:66:26:7a:a9:94:
28:7d:23:f4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUYL8wqoDbvdEzyw+gtu9k+XF2QpAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjFaFw0yNTEyMjgyMzI1MjFaMDMxMTAvBgNV
BAMTKDAzNjcxNjhBRTVGOUQ2QUI4ODY3QUZFM0YzMUUwQjMwQjY0MEEyRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpQ5cyj8Yx6bQwW6KevI7whAk8
jASHxgUhVjt3EcbhPpR4lDvNFz9I8W+hVWeaJlk6eYbiq10p6SN96ba3M4mvjgm6
FpPK7UP9A7My8nlVA5XLSjglB2V5Z0jnffljHB8vsL2MfV4i4fOog9OycOjdz2Qf
eotgNfO1YxOuNwK1Yi57ZcnnegeT4IkMSQpDXftwrIhpej8r/7+EiuWQ5RRFGAt5
YtunhBroqx6bkuD5kohTA0txH9mNX9atnkAGXu5wrgLkVWl6baSeP6gWxUDCChm7
g6ajJt+g+NKKHeRuFmaOvPAwS2WjccugXOHNZrFaPuS3qlgnlJTXXD80PDLFAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUA2cWiuX51quIZ6/j8x4LMLZAouUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTMx
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
+zANBgkqhkiG9w0BAQsFAAOCAQEAkaymsqo5gmqdQPJkQ1feHM3JxhqhD6Whb7NO
UpWe+bWKZg6KYcny0F/1nj+R7dan7Ctus3epiIl3y8BfV64MRh51DhgpWk0QPYuP
sUm32GKfUWYYgDCPK3zGXR5gw7ofw0mhy1UD+iPQ5hn6dinSF7ecliqERKJaroQf
rygZApyBla61K8KB18Yw7vXRJqeT8ueIw9NfMAGV0ZqAD5LG35ZznuPTQWVyz/th
hhEVHCBWeBait+wYNcJZ4QrseazMkmvE9a7KwM1Vu+0/6LKy0j/jxWf9Si8twFnO
8aLgfNG/Gki+Jm5VCkXyRI4NfAMdOGCTEffvvGYmeqmUKH0j9A==
-----END CERTIFICATE-----
Generated at Tue May 6 19:45:22 2025 by rpki-client