Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235332e302f32342d3234203d3e203136323736.roa
File: 38322e32332e3235332e302f32342d3234203d3e203136323736.roa (raw, json)
Hash identifier: i1hUOlGEF+VMvG6csF8jM0ufsXkmu3C//Wi/MqxUDUE=
Subject key identifier: AB:1D:1E:04:AF:A1:0F:B1:02:7D:75:BC:12:0B:6A:CF:6A:96:CD:40
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 5F7770725CB0F8E1F6A54CA94B7D6C74742BC715
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235332e302f32342d3234203d3e203136323736.roa
Signing time: Sun 29 Dec 2024 23:25:22 +0000
ROA not before: Sun 29 Dec 2024 23:20:22 +0000
ROA not after: Sun 28 Dec 2025 23:25:22 +0000
asID: 16276
IP address blocks: 82.23.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:43:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:77:70:72:5c:b0:f8:e1:f6:a5:4c:a9:4b:7d:6c:74:74:2b:c7:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Dec 29 23:20:22 2024 GMT
Not After : Dec 28 23:25:22 2025 GMT
Subject: CN=AB1D1E04AFA10FB1027D75BC120B6ACF6A96CD40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:67:e4:b3:33:c1:2c:8e:d2:84:ee:a4:a7:91:
6f:94:ba:97:92:34:4a:22:98:89:be:3f:c8:0d:42:
e6:ab:96:03:f2:48:dd:ea:df:9b:78:44:d8:42:bc:
b0:1a:03:20:1e:dc:af:34:ce:de:4a:b1:86:ea:19:
44:40:26:ee:99:55:35:4e:35:1c:2c:17:d0:08:48:
51:06:1f:87:13:9c:a8:ed:f5:00:95:d7:76:99:da:
c5:2a:a0:ff:c2:2e:59:3e:53:ea:22:b4:d4:de:b5:
f5:12:a3:d9:61:1f:b0:e6:1a:67:16:f8:52:77:a8:
83:2a:9c:63:b5:4c:bc:15:7b:67:2c:94:e7:3d:26:
db:a0:f8:8d:7e:b3:49:7a:05:68:14:51:0c:98:b4:
bd:6a:7b:87:8b:df:ed:7e:5f:bf:05:f9:22:c8:b3:
76:cf:93:47:be:d1:08:32:00:26:17:49:06:66:46:
85:69:d2:4f:c9:26:ce:ce:f4:43:40:89:bf:a3:53:
72:cf:68:2a:95:60:06:99:a3:74:43:e2:a5:3d:4b:
33:49:25:4b:fd:9d:1d:4c:c0:75:80:08:ec:15:70:
6d:fa:12:19:cc:a5:5a:57:11:82:3e:69:d8:f0:0e:
a3:09:c7:06:47:12:2f:5e:5a:bc:83:05:6e:93:ed:
51:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1D:1E:04:AF:A1:0F:B1:02:7D:75:BC:12:0B:6A:CF:6A:96:CD:40
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/38322e32332e3235332e302f32342d3234203d3e203136323736.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.253.0/24
Signature Algorithm: sha256WithRSAEncryption
46:df:48:30:ba:ca:d7:2d:46:b5:ac:8e:4c:c1:42:dc:8a:0d:
e6:19:a1:96:7c:7a:ba:70:4c:f3:d6:ee:46:8e:49:f1:25:fc:
d7:da:55:a4:9d:af:e2:c5:ef:a4:e4:46:04:27:70:08:41:b7:
5f:da:03:7c:d5:4c:83:b6:3f:cc:04:9b:db:30:c9:a0:6e:98:
8e:e4:c2:32:72:9a:04:2a:50:47:b2:f8:6e:93:c6:ed:bf:3e:
1b:fa:60:d6:ac:99:38:56:b0:3b:63:e9:fc:ae:a1:fe:e0:fc:
66:ac:37:85:54:9e:4a:84:cf:2f:b7:88:48:7a:66:39:f6:4a:
c8:95:cd:f2:b1:63:64:68:65:9c:4f:a6:eb:31:2f:0a:c8:b5:
cb:28:90:d1:4d:63:5e:ab:58:42:26:73:bb:24:c4:a0:83:34:
0f:02:05:6d:46:f5:f5:2b:71:dc:cf:38:e1:d5:4c:0d:8a:4f:
db:21:5d:21:98:81:11:63:87:cb:b2:d3:07:d9:87:96:72:9b:
16:97:0e:1f:0c:41:af:d2:0e:54:23:a1:70:9e:96:82:6e:38:
8d:d6:5b:e7:e2:b5:a7:0b:b3:55:cb:e7:f8:27:36:a8:26:0c:
52:df:d7:2a:a9:84:dc:f8:b5:ae:4f:5d:da:9e:e1:c9:e3:ad:
7f:79:19:c3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUX3dwclyw+OH2pUypS31sdHQrxxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNDEyMjkyMzIwMjJaFw0yNTEyMjgyMzI1MjJaMDMxMTAvBgNV
BAMTKEFCMUQxRTA0QUZBMTBGQjEwMjdENzVCQzEyMEI2QUNGNkE5NkNENDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpZ+SzM8EsjtKE7qSnkW+UupeS
NEoimIm+P8gNQuarlgPySN3q35t4RNhCvLAaAyAe3K80zt5KsYbqGURAJu6ZVTVO
NRwsF9AISFEGH4cTnKjt9QCV13aZ2sUqoP/CLlk+U+oitNTetfUSo9lhH7DmGmcW
+FJ3qIMqnGO1TLwVe2cslOc9Jtug+I1+s0l6BWgUUQyYtL1qe4eL3+1+X78F+SLI
s3bPk0e+0QgyACYXSQZmRoVp0k/JJs7O9ENAib+jU3LPaCqVYAaZo3RD4qU9SzNJ
JUv9nR1MwHWACOwVcG36EhnMpVpXEYI+adjwDqMJxwZHEi9eWryDBW6T7VF/AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUqx0eBK+hD7ECfXW8Egtqz2qWzUAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYt
YjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWExYWY2LzAvMzgzMjJlMzIzMzJlMzIzNTMz
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNjMyMzczNi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFIX
/TANBgkqhkiG9w0BAQsFAAOCAQEARt9IMLrK1y1GtayOTMFC3IoN5hmhlnx6unBM
89buRo5J8SX819pVpJ2v4sXvpORGBCdwCEG3X9oDfNVMg7Y/zASb2zDJoG6YjuTC
MnKaBCpQR7L4bpPG7b8+G/pg1qyZOFawO2Pp/K6h/uD8Zqw3hVSeSoTPL7eISHpm
OfZKyJXN8rFjZGhlnE+m6zEvCsi1yyiQ0U1jXqtYQiZzuyTEoIM0DwIFbUb19Stx
3M844dVMDYpP2yFdIZiBEWOHy7LTB9mHlnKbFpcOHwxBr9IOVCOhcJ6Wgm44jdZb
5+K1pwuzVcvn+Cc2qCYMUt/XKqmE3Pi1rk9d2p7hyeOtf3kZww==
-----END CERTIFICATE-----
Generated at Thu May 8 15:27:57 2025 by rpki-client