Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235322e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235322e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: /YEoFDdHQHC+cfkhnIXekVW7AIs8L+KgRS3GV1sB6D4=
Subject key identifier: C1:15:A1:1C:30:2D:2D:66:58:C5:CC:F4:2D:33:D1:72:D1:D1:60:DB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 2D3A554762C305A0A78B6C9CA690DA6B07F792A3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235322e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:21 +0000
ROA not before: Sun 29 Dec 2024 23:20:21 +0000
ROA not after: Sun 28 Dec 2025 23:25:21 +0000
asID: 16276
IP address blocks: 82.23.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:3a:55:47:62:c3:05:a0:a7:8b:6c:9c:a6:90:da:6b:07:f7:92:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:21 2024 GMT
Not After : Dec 28 23:25:21 2025 GMT
Subject: CN=C115A11C302D2D6658C5CCF42D33D172D1D160DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0e:b9:f0:18:49:40:19:54:e5:ad:62:97:4f:
d7:8c:78:ad:c7:4e:81:fd:35:57:6a:2f:ed:c0:03:
bc:a3:93:84:14:e0:69:dc:5f:48:74:1e:80:fa:f3:
b1:08:5b:37:b9:f7:8b:0f:f1:d0:34:33:4a:e1:c2:
78:e8:75:8f:8d:49:8e:83:85:c1:07:8e:48:2b:0d:
fe:c8:13:98:2c:2b:12:73:d9:b9:26:a4:0f:d5:cf:
3b:eb:ee:72:44:68:3e:47:13:1f:82:a8:df:51:f5:
f8:bb:6f:6d:80:7d:fb:fe:5d:7a:99:7f:31:33:26:
11:19:61:5e:4b:2b:e0:b2:73:b9:1a:37:32:b4:05:
3c:0a:70:96:71:70:fb:2e:87:f2:ce:50:56:02:d5:
cd:6a:e0:d3:71:f5:14:72:5d:79:12:81:66:58:ba:
e4:b9:35:ee:dc:05:4d:f5:8b:da:c3:3c:74:ce:c4:
ae:3b:a7:b8:aa:6a:cb:de:75:b4:7f:3a:5e:37:86:
30:cd:9c:42:38:64:dd:ab:3a:e4:4b:dd:72:65:ab:
cf:19:e8:bc:7f:ed:95:93:20:f8:7d:a8:10:8c:3d:
34:c3:60:07:5e:e4:39:13:81:1d:89:ea:37:c4:3a:
9d:1c:bf:fc:09:9b:19:e6:bb:39:3e:0b:20:49:49:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:15:A1:1C:30:2D:2D:66:58:C5:CC:F4:2D:33:D1:72:D1:D1:60:DB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235322e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.252.0/24
Signature Algorithm: sha256WithRSAEncryption
47:d8:0a:1f:f3:75:25:35:59:f8:36:95:46:e6:40:d3:6d:67:
05:e6:44:18:2f:4a:6c:9e:a3:d4:3a:0f:e7:2b:39:5c:89:fa:
1e:e0:bc:64:4e:7c:b5:9c:c3:6e:b5:0c:6b:40:93:26:09:d9:
41:50:27:7e:36:31:da:52:53:e1:a6:8f:40:b5:98:85:da:38:
64:dd:f9:30:54:23:7d:23:9c:93:90:1a:90:17:67:02:40:01:
c3:76:7f:9d:e9:c5:f8:dd:0f:ba:7f:03:cd:ce:95:20:06:e9:
f9:08:1a:40:5e:35:c3:fd:43:f6:f8:a7:e5:9b:e2:3c:90:dd:
92:78:ee:17:72:b3:fc:70:5b:f8:d9:74:5a:9a:b5:d5:df:b4:
44:ca:69:2d:47:b3:bc:33:11:53:37:81:c3:68:8a:93:0b:b8:
95:56:74:ab:d4:95:92:a0:ff:2f:44:1f:2d:36:ff:4c:59:89:
b9:94:ce:79:54:85:b7:8b:66:17:d1:c5:c9:7d:d7:f8:61:69:
2e:c5:e9:db:6e:0d:8a:fc:c5:17:d4:2c:8b:6c:fa:63:0d:99:
b9:34:9a:89:48:ef:5c:89:ae:82:d8:d7:7d:8f:df:2c:2c:a9:
37:a3:41:96:b7:a0:c7:a5:54:ca:61:66:fd:fa:4c:d6:8b:06:
e3:68:fd:3a
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIULTpVR2LDBaCni2ycppDaawf3kqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjFaFw0yNTEyMjgyMzI1MjFaMDMxMTAvBgNV
BAMTKEMxMTVBMTFDMzAyRDJENjY1OEM1Q0NGNDJEMzNEMTcyRDFEMTYwREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0DrnwGElAGVTlrWKXT9eMeK3H
ToH9NVdqL+3AA7yjk4QU4GncX0h0HoD687EIWze594sP8dA0M0rhwnjodY+NSY6D
hcEHjkgrDf7IE5gsKxJz2bkmpA/Vzzvr7nJEaD5HEx+CqN9R9fi7b22Affv+XXqZ
fzEzJhEZYV5LK+Cyc7kaNzK0BTwKcJZxcPsuh/LOUFYC1c1q4NNx9RRyXXkSgWZY
uuS5Ne7cBU31i9rDPHTOxK47p7iqasvedbR/Ol43hjDNnEI4ZN2rOuRL3XJlq88Z
6Lx/7ZWTIPh9qBCMPTTDYAde5DkTgR2J6jfEOp0cv/wJmxnmuzk+CyBJSRFRAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUwRWhHDAtLWZYxcz0LTPRctHRYNswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTMy
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
/DANBgkqhkiG9w0BAQsFAAOCAQEAR9gKH/N1JTVZ+DaVRuZA021nBeZEGC9KbJ6j
1DoP5ys5XIn6HuC8ZE58tZzDbrUMa0CTJgnZQVAnfjYx2lJT4aaPQLWYhdo4ZN35
MFQjfSOck5AakBdnAkABw3Z/nenF+N0Pun8Dzc6VIAbp+QgaQF41w/1D9vin5Zvi
PJDdknjuF3Kz/HBb+Nl0Wpq11d+0RMppLUezvDMRUzeBw2iKkwu4lVZ0q9SVkqD/
L0QfLTb/TFmJuZTOeVSFt4tmF9HFyX3X+GFpLsXp224NivzFF9Qsi2z6Yw2ZuTSa
iUjvXImugtjXfY/fLCypN6NBlregx6VUymFm/fpM1osG42j9Og==
-----END CERTIFICATE-----
Generated at Wed May 7 15:07:43 2025 by rpki-client